Shibboleth setup.. So close but can use some help..
cantor.2 at osu.edu
Fri Sep 23 19:38:41 BST 2011
On 9/23/11 2:21 PM, "Garry Boyce" <gboyce at cambridgesemantics.com> wrote:
>Peter I agree in concept however what I needed was a step by step for a
>simple installation of and idp and sp on the same box. I could not find
>in official documentation. Did I miss something?
Both the IdP and SP documentation include basic steps for initial setup.
Doing it on the same box generally leads to a lot of mess and confusion,
so is not encouraged in general. A basic recipe is also what testshib.org
does a good job of supplying.
>references a SessionInitiator which I don't see in shibboleth2.xml. And
>not clear for my simple case what I need here.
Yes, I'll update it, thanks for noting that.
>The prior instructions I was following also refers to a RequestMap which I
>don't see how or if I should configure.
You don't use it with Apache. If you're following official documentation
and it leads you to assume you do, identify it and I'll see about fixing
it. I tried to get everything consistently steered toward not using it
>Just in case(but it made no difference) I put in:
If you're using the SP and you start a sentence with "Just in case",
generally it's going to end badly.
>I'm really stuck. Please help..
Your original question was answered, and accurately. I believe it's also
in the common errors page for the IdP. SP requests response go to URL "X"
and that URL isn't in its metadata as a valid AssertionConsumerService.
Probably an entityID is wrong, or a hostname's not lining up, or it's http
instead of https, or other possibilities.
More information about the users