Shibboleth Developers

[<>]

Based on the wiki page:
https://spaces.internet2.edu/display/SHIB2/NativeSPSessionInitiator

It's part of the SAML2 Session Initiator (not part of the Chaining).  I
made the change seen below and it fixed the problem for me:

<SessionInitiator isDefault="true" type="Chaining" Location="/DS"
id="DS" relayState="cookie">
   <SessionInitiator type="SAML2" acsByIndex="false" defaultACSIndex="1"
template="bindingTemplate.html"/>
   <SessionInitiator type="SAMLDS"
URL="http://my.discovery.service/ds/"/>
</SessionInitiator>



-----Original Message-----
From: Chris G. Sellers 
[mailto:]
 
Sent: Friday, April 11, 2008 5:17 PM
To: 

Subject: Re: Strange Shib 2.0 SP Failure

I had acsByIndex off already, unless I'm looking in the wrong spot.

upgrade.xsl:        <SessionInitiator type="Chaining"  
Location="{@Location}"
 acsByIndex="false" relayState="cookie">


Sellers
On Apr 10, 2008, at 1:28 PM, Scott Cantor wrote:
>> Thanks Scott, I removed the relayState=cookie from my initiator and
>> the error went away for me too.
>
> The recommended fix is to turn off acsByIndex. Exposing the target  
> is a
> privacy leak and isn't compliant with the SAML 2 spec.
>
> -- Scott
>
>

______________________________________________
Chris G. Sellers                        |       NITLE  - Technology Team
734.661.2318                    |       

AIM: imthewherd                 |       GoogleTalk: