Shib IdP 2.3.5 + ECP

Cantor, Scott cantor.2 at
Fri Nov 18 15:00:14 GMT 2011

On 11/18/11 9:53 AM, "Liam Hoekenga" <liamr at> wrote:

>Should the handler.xml and relying-party.xml that ship with the 2.3.5
>distribution already be configured to support ECP?

Should be.

>The docs in the wiki are based on the UW ECP extension that got
>absorbed into the IdP distribution..

Those docs are not relevant to the built-in version.

>With the ecp namespace changing from "ecp" to "saml" in
>relying-party.xml, and from "ecp" to "ph" in handler.xml, it kind of
>looks like it should just work.

It works if you don't mess with what's already there.

>I've got apache set up to handle the authentication, which it's
>doing.. but Shib is returning a SOAP error:

That error indicates you're not sending it a legit message, I suppose.

But I'd still suspect you mangled something if you're copying irrelevant
settings over top of the real ones.

-- Scott

More information about the users mailing list