Embedded Discovery Service: Configuration Question
Joshua Brodie
josbrodie at gmail.com
Sat Oct 15 21:25:09 BST 2011
Hi:
I am attempting to migrate one of our SPs from using our federations
WAYF service to EDS.
The SP protects the folder '/secure'.
When attempting to access the protected folder, the following message
is received: 'FATAL - DISCO UI:Failed to download metadata from
/Shibboleth.sso/DiscoFeed'.
Looking at the HTTP headers, it looks like the browser was redirected
to 'https://sp.example.com/Shibboleth.sso/DiscoFeed'; whereas, based
on my understanding, the browser should redirect to
'https://sp.example.com/secure/Shibboleth.sso/DiscoFeed' (i.e. with
path to the protected folder).
If my understanding is correct, I must have made a configuration error
- listed below is a snippet from my SP's 'shibboleth2.xml' file - can
anyone point me in the correct direction? Thanks.
<ApplicationDefaults entityID="https://sp.example.com"
homeURL="https://sp.example.com/secure"
REMOTE_USER="eppn persistent-id targeted-id">
<Sessions handlerURL="/secure/Shibboleth.sso"
cookieProps="; path=/secure; secure" lifetime="28800" timeout="3600"
checkAddress="false" relayState="ss:mem" handlerSSL="true">
<SSO discoveryProtocol="SAMLDS"
discoveryURL="https://sp.example.com//shibboleth-ds/index.html">
SAML2 SAML1
</SSO>
<!-- SAML and local-only logout. -->
<Logout>SAML2 Local</Logout>
<!-- Extension service that generates "approximate"
metadata based on SP configuration. -->
<Handler type="MetadataGenerator" Location="/Metadata"
signing="false"/>
<!-- Status reporting service. -->
<Handler type="Status" Location="/Status" acl="127.0.0.1"/>
<!-- Session diagnostic service. -->
<Handler type="Session" Location="/Session"
showAttributeValues="false"/>
<!-- JSON feed of discovery information. -->
<Handler type="DiscoveryFeed" Location="/DiscoFeed"/>
</Sessions>
More information about the users
mailing list