SAML-tracer icon indicating copy to clipboard operation
SAML-tracer copied to clipboard

Published 20 hours ago verified publisher icon simplesamlphp

Support for IdP discovery protocol

Open olavmrk opened this issue 13 years ago • 1 comments

We should support the SAML 2.0 «Identity Provider Discovery Service Protocol and Profile».

Specification: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery.pdf

olavmrk avatar Jun 23 '11 06:06 olavmrk

Basically the only way to recognise such requests is whether there's a entityID URL parameter present. This seems so a-specific that I think such discovery service protocol support would flag too many requests as "SAML".

Since the SAML tracer already splits out the get parameters in the Parameters tab, you already have quite a decent overview of what happens in those requests, and I'm also not sure what additional processing SAML Tracer would do for discovery requests.

thijskh avatar Jul 23 '18 08:07 thijskh

Closing this one; I agree with Thijs. The IDP Disco request+response are shown in the tracer and to tag every request with an entityID URL-parameter is just too generic.

tvdijen avatar Nov 07 '23 12:11 tvdijen