The Salesforce.com SP has a mechanism for examining SAML requests and providing feedback on things that may be missing or incorrect.
See https://help.salesforce.com/apex/HTViewHelpDoc?id=sso_saml_validation_errors.htm&language=en_US for full details.
In summary it ensures that
milestone: => 1.3
We may want to implement this as an error page handler on the SP, so it only pops up on failures.
It would need to be an optionally configured part, probably manually via uncommenting things in the Apache config
MellonSamlResponseDump will need to be true to set the MELLON_SAML_RESPONSE environment variable so we can parse the response to try to deduce what is wrong.
Metadata Update from @rcritten:
- Issue set to the milestone: 1.3
to comment on this ticket.