"wreply" is an optional parameter according to "WS-Federation: Passive Requestor Profile", and it defines the RP endpoint that handles the response.
So, how could the STS decide to where the response should be sent when that parameter does not come in the request?
As far as I understand, the only solution for this is to make it mandatory to provide a redirect URL at the time of RP registration in STS. And then send the response to 'wreply' if it comes in the request, else send to the registered endpoint.
Is that the normal approach?
