Uploaded image for project: 'Shibboleth SP - C++'
  1. Shibboleth SP - C++
  2. SSPCPP-244

ADFS SessionInitiator doesn't raise proper error when ACS is wrong

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.2.1
    • Fix Version/s: 2.3
    • Component/s: ADFS
    • Labels:
      None
    • Environment:
      CentOS 5 with RPMs
    • Operating System:
      Linux
    • Web Server:
      Apache 2.2
    • CPU Type:
      Multiple
    • C/C++ Compiler:
      Multiple

      Description

      The ADFS initiator by itself isn't handling the case of a bogus ACS calculation correctly, and just falls into code that shouldn't run.

      Also, the new code added with 2.2.1 to do binding checks on the ACS created a regression that makes it necessary to define a defaultACSIndex property since it doesn't auto-derive the ACS based on binding any more. Need to revisit this logic.

        Attachments

          Activity

            People

            • Assignee:
              cantor.2@osu.edu Scott Cantor
              Reporter:
              cantor.2@osu.edu Scott Cantor
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: