DS: The return URL could not be verified for Service Provider
Cantor, Scott
cantor.2 at osu.edu
Fri Nov 18 22:00:24 GMT 2011
On 11/18/11 4:34 PM, "jehan procaccia" <jehan.procaccia at it-sudparis.eu>
wrote:
>hello,
>
>when I try to login I immediatly end up on the DS responding on the
>browser:
>
>Error: Invalid Query
>The return URL 'https://www-public.it-sudparis.eu/Shibboleth.sso/DS'
>could not be verified
>for Service Provider 'https://www-public.it-sudparis.eu/shibboleth'.
Your SP's metadata at the DS doesn't include the necessary
DiscoveryResponse extension endpoint. Allowing free access to the DS makes
it a cookie phishing service. Some people think that's fine, and some
don't happen to agree with them. Regardless, it's a DS setting as to
whether to allow it without checking the metadata.
>on the same sever, an another dokuwiki instance calling an older WAYF,
>works file
WAYF protocol != DS protocol.
-- Scott
More information about the users
mailing list