Configure Shibboleth-SP-2.3.1 with DS-1.1.3.
Nikethan Raja
nikethan at gmail.com
Mon Jan 23 20:55:10 GMT 2012
We are trying to configure Discovery Service after installation of DS-1.1.3.
Session Initiator configuration on Shibboleth-SP-2.3.1 Side: (in
shibboleth2.xml)
<SessionInitiator type="Chaining" Location="/Login" id="Login"
isDefault="true" relayState="cookie">
<SessionInitiator type="SAML2"
defaultACSIndex="1" acsByIndex="false"
template="bindingTemplate.html" />
<SessionInitiator type="Shib1"
defaultACSIndex="5" />
<SessionInitiator type="SAMLDS" URL="
https://myidp.myidp.net/discovery/WAYF" />
</SessionInitiator>
SP Metadata configuration on Shibboleth-DS-1.1.3
<idpdisc:DiscoveryResponse
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
index="1"
Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
Location="http://mysp.mysp.net/Shibboleth.sso/Login"/>
<idpdisc:DiscoveryResponse
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
index="2"
Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
Location="https://mysp.mysp.net/Shibboleth.sso/Login"/>
After configuration of SP and DS, we were able to select the idp on the
"Idp selection/discovery" page and the user is redirected to the following
URL. But SP complaints that URL(https://mysp.mysp.net/Shibboleth.sso/Login)
does not exist.
https://mysp.mysp.net/Shibboleth.sso/Login?SAMLDS=1&target=cookie:85d7352c&entityID=https%3A%2F%2Fmyidp.myidp.net%2Fidp%2Fshibboleth
Is there any additional configuration on SP ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20120123/eae47484/attachment.html
More information about the users
mailing list