Bug ID 435779: BIG-IP as SP and IdP will not accept anything but Full URL for entity-id

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.4.0, 11.4.1

Fixed In:
12.0.0

Opened: Oct 29, 2013
Severity: 3-Major

Symptoms

BIG-IP as Service Provider (SP) and BIG-IP as Identity Provider (IdP) do not accept anything except a full URL for EntityId.

Impact

Cannot support IdP or SP that expects a numerical value for EntityId.

Conditions

BIG-IP as SP and IdP.

Workaround

There is no work around.

Fix Information

The BIG-IP system, when configured as a SAML Service Provider (SP), now supports numerical values as part of EntityId. Metadata export still works, but the resulting XML must be edited to replace the number with a proper URL for the Assertion Consumer Service URL. You must edit the XML before exporting it to other Identity Providers (IdPs).

Behavior Change