Fw: Possible attribute problems when login
srivasg_21 at hotmail.com
Sun Aug 19 09:07:30 EDT 2012
Excuse me, I've resent my e-mail as it seems that there has been a
codification problem with my last one. Again, please, sorry for that.
My name is Sergio and it's a pleasure for me being part of this mailing
list. I'd like to apologize about my English, which isn't very good but I'll
do my best to explain my problem.
I've been working with Shibboleth during these days to create a basic SSO
service with a protected directory (just trying to protect "secure" default
directory). Although I've followed all the steps shown in the official
documentation and even in some web sites over the Internet, I haven't been
able to get it work properly.
I'm using a User / Password authentication with an LDAP connector, and it
seems to work as I can enter bad credentials and I'm not authorizated to
access the service (i.e., the login form is showing). The problem is that I
always get this message when my user is correctly authenticated through
Shibboleth login form:
"We're sorry, but you cannot access this service at this time.
This service requires information about you that your identity provider did
not release. To gain access to this service, your identity provider must
release the required information.
You were trying to access the following URL:
For more information about this service, including what user information is
required for access, please visit our information page."
I've reviewed all the configs and everything seems correct. I even tried
"aacli.sh" script on IdP to check if it was releasing the attributes I
selected correctly, and it seems to work (I get commonName + surname
attributes with a correct user and nothing with an incorrect user).
What do you think, guys?
Let me know if you need additional information, like OS using, Shibboleth
version and so on.
Thank you in advance.
More information about the users