LLNG 2.0.7 as SAML IDP : OneTimeUse flag set twice in conditions
Concerned version
Version: 2.0.7
Summary
Setting "One time use" to On in service provider configuration cause an erroneous condition tag to be sent :
<saml:Conditions NotBefore="2021-04-07T09:47:06Z" NotOnOrAfter="2021-04-08T05:49:06Z"> saml:AudienceRestriction saml:Audiencexxxxxx</saml:Audience> </saml:AudienceRestriction> saml:OneTimeUse/ saml:OneTimeUse/ </saml:Conditions>
The tag OneTimeUse is set twice, so the SP rejects assertions. Setting One time use to Off then the assertion is correctly consumed.