Multiple URL's for one application
Peter Schober
peter.schober at univie.ac.at
Fri Jan 20 12:40:56 GMT 2012
* Jonathan Knight <j.knight at isc.keele.ac.uk> [2012-01-20 12:42]:
> On 20/01/2012 11:17, Peter Schober wrote:
> > You mentioned what you though would fix "it" (ApplicationOverride) but
> > I didn't quite get what was broken in the first place? Setting the
> > applicaitonId to default should usually be a noop (since it's, well,
> > the default).
>
>
> When using the URL owen.vle.keele.ac.uk everything works fine, username
> and password entered and logged into Blackboard.
>
> When using the URL students.keele.ac.uk I get the following from the
> openathensLA
>
>
> Metadata loaded successfully
> ERROR saml Invalid or missing assertion consumer service URL in request
> from entity: http://owen.vle.keele.ac.uk/shibboleth
So the webserver does not know what his correct host name is or some
of te hostnames you mentioned, and generates an ACS URL in the
authentication request to the IdP that does not match the hostname
you're trying to access? (Note that you could easily check this
yourself by checking what's inside the autnRequest, e.g. with Mozilla
Firefox and Olav's "SAML Tracer" extension).
Then either using 'UseCanonicalName Off' or configuing a seperate
vhost for each hostname in httpd.conf and setting 'UseCanonicalName
On' in each (the latter being preferable), as well as adding all ACS
URL for each vhost/hostname in the entity's metadata this should work,
IMHO.
-peter
More information about the users
mailing list