CAS 5.3.5 delegated authentication with saml invalid assertion?

44 views
Skip to first unread message

Tobias Johansson

unread,
Apr 4, 2019, 10:29:37 AM4/4/19
to CAS Community
Hi!

Is there a way to exclude the NameQualifier from the issuer-tag in a saml2 assertion in CAS 5.3.5?
My issuer-tag looks like this:

<saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
        NameQualifier="urn:mace:saml:pac4j.org" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:saml:pac4j.org</saml2:Issuer>

And my saml2 idp does not allow it, because it violates the saml-specs. 
I know it can be done in 6.x, but upgrading is not an easy option at this time.

Any help would be greatly appreciated!


Best Regards
Tobias Johansson

magicserverpixiedust

unread,
Sep 19, 2019, 10:52:47 AM9/19/19
to CAS Community
Did you find a way?  We're having same issue.  
Reply all
Reply to author
Forward
0 new messages