Delegated Auth with
Eric Dalquist
eric.dalquist at doit.wisc.edu
Tue Nov 1 16:54:12 GMT 2011
Here is what is in the shibboleth2.xml file that was attached, note that
there are some commented out SessionInitiator blocks that don't have
ECP=true for the SAML2 SessionInitiator but all of the uncommented
SessionInitiators have ECP=true set for SAML2
For j2eedev
<SessionInitiator type="Chaining" Location="/Login" isDefault="true"
id="logintest.wisc.edu" relayState="cookie"
entityID="https://logintest.wisc.edu/idp/shibboleth">
<SessionInitiator type="SAML2" acsIndex="1"
template="bindingTemplate.html" ECP="true"/>
<SessionInitiator type="Shib1" acsIndex="5"/>
</SessionInitiator>
For j2eetest
<SessionInitiator type="Chaining" Location="/Login" isDefault="true"
id="logintest.wisc.edu" relayState="cookie"
entityID="https://logintest.wisc.edu/idp/shibboleth">
<SessionInitiator type="SAML2" acsIndex="1"
template="bindingTemplate.html" ECP="true"/>
<SessionInitiator type="Shib1" acsIndex="5"/>
</SessionInitiator>
For j2eeqa
<SessionInitiator type="Chaining" Location="/Login" isDefault="true"
id="login.wisc.edu" relayState="cookie"
entityID="https://login.wisc.edu/idp/shibboleth">
<SessionInitiator type="SAML2" acsIndex="1"
template="bindingTemplate.html" ECP="true"/>
<SessionInitiator type="Shib1" acsIndex="5"/>
</SessionInitiator>
On 11/01/2011 11:07 AM, Cantor, Scott wrote:
> On 11/1/11 12:00 PM, "Eric Dalquist"<eric.dalquist at doit.wisc.edu> wrote:
>
>> Watching the portlet's HTTP wire traffic the portlet is correctly
>> specifying the PAOS header and the Accept header is set to
>> application/vnd.paos+xml The problem is the target server just treats
>> the request like any other web request. We've turned up logging in the
>> target SP and Apache and don't see any hints.
> You don't have ECP enabled in the SP's SAML2 SessionInitiator.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7430 bytes
Desc: S/MIME Cryptographic Signature
Url : http://shibboleth.net/pipermail/users/attachments/20111101/4bd93ea5/attachment.bin
More information about the users
mailing list