Comment 4 for bug 1794726

It appears that the other issue was because we currently default to setting "relay_state_prefix" to "ss:mem:". That is what Shibboleth generally uses to prefix the relay state that it sends.

Mellon on the other hand, expects relay state to be a URL, therefore when receiving a message that start with "ss:mem:" will error out. Setting "relay_state_prefix" to be "<schema>://<hostname_of_sp>/" resolved the issue as Mellon is now correctly able to parse a valid url.

I will investigate further whether it's enough for this to be a documentation change, and OSC update to support `--relay-state-prefix` when creating and updating service providers, or if it warrants changes to the way keystone generates the relay state (prefix + random uuid). [0]

[0]. https://github.com/openstack/keystone/blob/26911744c05669b748a09dae5016291070a4d1e5/keystone/federation/idp.py#L647