Hi All, Currently I've configured wso2is 5.1.0 to act as our identity framework with SAML 2.0 interfaces on the SP and IDP sides. While testing we found that we can successfully authenticate however wso2is will cache the SAML assertion between our SP and wso2is even if the IDP assertion is different. We are currently using IDP initiated SAML primarily so users may not have explicitly logged out of wso2.
I've found that if I remove the commonAuthId cookie, wso2is will then send a correct SAML assertion matching what was received from the IDP. Is there any way to disable this caching or not set a commonAuthId cookie? We are not looking for the SSO functionality that the cookie provides between different SPs on our system. Essentially the behaviour I'd like is that on the same browser 2 different users can do IDP initiated sign-ons, whichever one was done last should always be sent to our SP (this is not happening). Thanks, Dean
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
