Enhance SSO Federation to support HTTP-POST request for SP-Initiated flows without a Sessionstore

Idea created by Ashok kumar Muthu Employee on Jan 30, 2018
    Under review
    Score29

    According to below KB article, there is a pre-requisite of enabling Session store to support HTTP-POST request for SP-Initiated flows.

     

    SP-Initiated POST request results in 400 Error 

     

    This does not make any sense for customers to enable session store only for achieving this use case, if they don't have a real need for Session store. HTTP-POST request is a widely used SAML request method for SP initiated flows, this should be supported by the product without any additional setup/configuration. 

     

    This feature is supported by other vendor products by OOTB without any additional setup and CA SSO is lacking here.

     

    I ran into this issue recently in one of my customer environment where they are migrating to CA SSO from an another vendor SSO/Federation manager product, this has become a roadblock for few SAML application migrations.

     

    Hence submitting this idea on behalf of a customer to enhance SSO Federation to support HTTP-POST request for SP-Initiated flows without a Sessionstore.