oharsta
commented
3 years ago Closed thijskh closed 3 years ago
oharsta
commented
3 years ago 
thijskh
commented
3 years ago Excellent, problem solved!
This code https://github.com/OpenConext/OpenConext-myconext/blob/53c1cee4f9247271cf1fe4a717e84075004af4f2/myconext-server/src/main/java/myconext/security/GuestIdpAuthenticationRequestFilter.java#L163 fails with a NPE when the AuthnRequest does not contain a Scoping element/RequesterID.
When using myconext with EB this will always be present, but when using it without a SAML proxy it's not. So please make it optional, e.g. by falling back to the remote entityID if there's no requesterId.