SAML2 supports a silent refresh in the case the session with the wicked authorization server has run out. This is only supported if the auth server runs via https, but it also does not work in that case in rc.11 or below.
This is due to a bug which checks the wrong part of the auth server URL for "https" (the path, not the entire URL).
SAML2 supports a silent refresh in the case the session with the wicked authorization server has run out. This is only supported if the auth server runs via https, but it also does not work in that case in rc.11 or below.
This is due to a bug which checks the wrong part of the auth server URL for "https" (the path, not the entire URL).