Embedded Discovery Service: Configuration Question

Joshua Brodie josbrodie at gmail.com
Sat Oct 15 21:25:09 BST 2011


Hi:

I am attempting to migrate one of our SPs from using our federations
WAYF service to EDS.

The SP protects the folder '/secure'.

When attempting to access the protected folder, the following message
is received: 'FATAL - DISCO UI:Failed to download metadata from
/Shibboleth.sso/DiscoFeed'.

Looking at the HTTP headers, it looks like the browser was redirected
to 'https://sp.example.com/Shibboleth.sso/DiscoFeed'; whereas, based
on my understanding, the browser should redirect to
'https://sp.example.com/secure/Shibboleth.sso/DiscoFeed' (i.e. with
path to the protected folder).

If my understanding is correct, I must have made a configuration error
- listed below is a snippet from my SP's 'shibboleth2.xml' file - can
anyone point me in the correct direction? Thanks.


 <ApplicationDefaults entityID="https://sp.example.com"
                         homeURL="https://sp.example.com/secure"
                         REMOTE_USER="eppn persistent-id targeted-id">

              <Sessions  handlerURL="/secure/Shibboleth.sso"
cookieProps="; path=/secure; secure" lifetime="28800" timeout="3600"
checkAddress="false" relayState="ss:mem" handlerSSL="true">


           <SSO discoveryProtocol="SAMLDS"
discoveryURL="https://sp.example.com//shibboleth-ds/index.html">
                SAML2 SAML1
           </SSO>

            <!-- SAML and local-only logout. -->
            <Logout>SAML2 Local</Logout>

            <!-- Extension service that generates "approximate"
metadata based on SP configuration. -->
            <Handler type="MetadataGenerator" Location="/Metadata"
signing="false"/>

            <!-- Status reporting service. -->
            <Handler type="Status" Location="/Status" acl="127.0.0.1"/>

            <!-- Session diagnostic service. -->
            <Handler type="Session" Location="/Session"
showAttributeValues="false"/>

            <!-- JSON feed of discovery information. -->
            <Handler type="DiscoveryFeed" Location="/DiscoFeed"/>


        </Sessions>


More information about the users mailing list