TechQA.

Spring SAML Single Logout - NameID format mismatch

227 views Asked by At

This is related to Spring Security SAML One Login Global Single Logout LogoutRequest Parsing Issue

The problem here is that the NameID format is not matching, as per:

private boolean equalsNameID(NameID a, NameID b) {
    boolean equals = !differ(a.getSPProvidedID(), b.getSPProvidedID());
    equals = equals && !differ(a.getValue(), b.getValue());
    equals = equals && !differ(a.getFormat(), b.getFormat());
    equals = equals && !differ(a.getNameQualifier(), b.getNameQualifier());
    equals = equals && !differ(a.getSPNameQualifier(), b.getSPNameQualifier());
    equals = equals && !differ(a.getSPProvidedID(), b.getSPProvidedID());
    return equals;
}

It's failing ONLY on:

equals = equals && !differ(a.getFormat(), b.getFormat());

Upon debugging, I found out the following values:

a.getFormat() = urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified (from Spring SAML)
b.getFormat() = null (from OneLogin acting as the IdP)

Is it possible to turn off the format check in Spring SAML via extended metadata properties (or in some other way)?

spring spring-saml
Original Q&A
0

There are 0 answers

Related Questions in SPRING

Related Questions in SPRING-SAML

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions