Delegated Auth with
Eric Dalquist
eric.dalquist at doit.wisc.edu
Wed Nov 2 15:49:01 GMT 2011
Still no joy, we added the following in the application defaults:
<SessionInitiator type="Chaining" Location="/Login" isDefault="true" id="logintest.wisc.edu" relayState="cookie" entityID="https://logintest.wisc.edu/idp/shibboleth">
<SessionInitiator type="SAML2" acsIndex="1" template="bindingTemplate.html" ECP="true"/>
<SessionInitiator type="Shib1" acsIndex="5"/>
</SessionInitiator>
Just to make sure things got picked up we restarted the SP and the
Apache instance after making the change and there is no change in the
behavior. The SP still treats the request just like it treats any other
request.
-Eric
On 11/01/2011 12:03 PM, Cantor, Scott wrote:
> On 11/1/11 12:54 PM, "Eric Dalquist"<eric.dalquist at doit.wisc.edu> wrote:
>
>> Here is what is in the shibboleth2.xml file that was attached, note that
>> there are some commented out SessionInitiator blocks that don't have
>> ECP=true for the SAML2 SessionInitiator but all of the uncommented
>> SessionInitiators have ECP=true set for SAML2
> I didn't see the overrides. My guess is they aren't working and the
> default application is being used. Toggling it on there might demonstrate
> whether that's true (though of course things will break in other ways if
> the override's not being mapped properly).
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7430 bytes
Desc: S/MIME Cryptographic Signature
Url : http://shibboleth.net/pipermail/users/attachments/20111102/7bad931a/attachment-0001.bin
More information about the users
mailing list