IDP will not release attributes after Java resintall (most likely)
Kevin P. Foote
kpfoote at iup.edu
Fri Feb 1 16:21:12 EST 2013
On Fri, 1 Feb 2013, Kanuch, Andrew wrote:
> My IDP( which previously worked, and is version 2.3.6 on a Win Server 2008 R2 Box) is now no longer releasing attributes to SPs.....
> Am I using the the AACLI tool as intended? (To see if an IDP is releasing attributes for a specific SP profile?) Maybe I reverted back to the wrong version of Java? Or is there something else you might suggestion I have done in error?
Andrew
Your idp-process.log will show you all you need to know on what
attributes are being obtained and which ones are being released..
Set your logging.xml file to DEBUG for shibboleth.
<logger name="edu.internet2.middleware.shibboleth">
<level value="DEBUG" />
</logger>
Next your aacli error..
You are correct in digging into things with aacli.. it will show you
what attributes you have for your principal and what is being released
if any..
To fix the aacli error copy the servlet-api.jar file found in your
tomcat/lib directory to your shibboleth-idp/lib directory. That should
fix you up on that front..
------
thanks
kevin.foote
More information about the users
mailing list