Embedded Discovery Service "looping"
Cantor, Scott
cantor.2 at osu.edu
Fri Feb 15 15:00:41 EST 2013
On 2/15/13 1:16 PM, "Don Faulkner" <donf at uark.edu> wrote:
>
>Now to the problems.
>From the docs it looks like I'm supposed to set my SSO discoveryURL to
>"https://service.example.com/shibboleth-ds" but this doesn't work. I have
>to specify
>
>"https://service.example.com/shibboleth-ds/index.html" (presumably
>because its a <Location>, not a <Directory> Am I using the right
>discoveryURL?
Well, I think it would work regardless unless Apache's not
auto-redirecting you to the index page. The protocol's a redirect, so it
should cross Location redirects and such. But going direct is fine.
>When I do get the Discovery page to load, if you pick an IdP, you're
>redirected over and over again to the same page in the discovery service.
>I don't see a redirect back to the SP, though I could be missing it.
I think you're probably missing it. It's just a standard loop at the SP
with the session cookie not working right, and then it sends you back to
the DS. Take the DS out, hardwire the IdP name, and it probably loops.
-- Scott
More information about the users
mailing list