Hi Ray,
Thank you for the suggestion.
I am attempting to use that method already, but the two signing keys in there metadata presents the problem. If I configure the service definition to pull their metadata via the https URL, it works.
The problem is they sign their AuthN request and CAS is unable to verify the signature, since it picks the wrong signing key from their metadata, that was successfully obtained by CAS, via the URL.
To make it work, I have to save the metadata, and remove the invalid signing key, then use a local copy of the metadata and a "metadataLocation":"file/....", rather than the URL.
Thank you,
Matt
To unsubscribe: email
unsub...@hacc.edu with sender email address and subject.
This email and any files attached from HACC, Central Pennsylvania's Community College are confidential and intended solely for use by the individual or entity to whom addressed. If you have received this email in error please notify
postm...@hacc.edu This
message may contain confidential information and is intended only for the individual named. If you are not the named addressee do not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail
by mistake and delete from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.