Shibboleth Developers

[Alistair Young <>]

How is the target param used by the IdP? I was under the impression  
that it usually contains the URL of the resource the user is trying  
to access and that it would disappear from future versions.

I can't use cookies as the IdP response is provoked by a different SP  
component which might be on a different domain.

I think the problem is the shire param contains the query the SP  
wants back but the shire in it's metadata at the IdP doesn't have  
that query param so the IdP fails to trust the SP.

I want something the SP can pass to the IdP and have it returned in   
the response.

Alistair

On 13 Mar 2006, at 16:05, Walter Hoehn wrote:

> You can't do this with the shire parameter.  I'd suggest storing  
> the state in a cookie/session, but another option is to add data to  
> the target parameter URL.
>
> -Walter
>
>
> On Mar 13, 2006, at 9:42 AM, Alistair Young wrote:
>
> > I wonder if anyone could comment. I have a requirement to add a  
> > query param to the shire param that's sent from an SP to an IdP  
> > but the shire doubles as the providerId and the dynamic content of  
> > the query param breaks the metadata matching.
> >
> > shire=https://sp.mysite.com?entityID=DYNAMIC_CHANGES_ALL_THE_TIME
> >
> > Is there any way in the IdP to separate the providerId from where  
> > the response to the SP should go (shire)? Or is there a way to  
> > regex the metadata matching to ignore the query param?
> >
> > My SP needs to preserve some state at it's end based on the  
> > response from the IdP. The only way it can do that is adding a  
> > query param to the shire IdP param.
> >
> > Ideally, it would be good if the IdP could "bounce" something back  
> > to the SP that made sense to the SP.
> >
> > Alistair