When configuring SAML 2.0 to use SP-Init I'm receiving the error message during token validation: Unable to parse the response: Invalid InResponseTo attribute in SubjectConfirmationData element.

I'm currently using a developer site with a normal configuration except that I've switched to REDIRECT instead of POST for binding.

The IdP receives the AuthRequest properly and generates a token from the AuthnRequest, and the InResponseTo value is being set from the AuthnRequest ID attribute.

Switching back to IdP-initiated auth works fine.

Here is the full validator output:

Last recorded SAML login failure:  2013-02-25T20:52:04.901Z

Unexpected Exceptions   Unable to parse the response: Invalid InResponseTo attribute in SubjectConfirmationData element

1. Validating the Status

  Unknown

2. Looking for an Authentication Statement

  Unknown  

3. Looking for a Conditions statement

  Unknown  

4. Checking that the timestamps in the assertion are valid

  Unknown

5. Checking that the Attribute namespace matches, if provided

  Unknown  

6. Miscellaneous format confirmations

  Unknown  

7. Confirming Issuer matches

  Unknown  

8. Confirming a Subject Confirmation was provided and contains valid timestamps

  Unknown  

9. Checking that the Audience matches, if provided

  Unknown

10. Checking the Recipient

  Unknown  

11. Validating the Signature

  Unknown  

12. Checking that the Site URL Attribute contains a valid site url, if provided

  Unknown

13. Looking for portal and organization id, if provided

  Unknown 

Curious things of note: SAML Validator shows that my org is using SAML v0.0 even though it's configured as 2.0