Upgrade Issue going from 2.3.5. to 2.3.8
Ullfig, Roberto
rullfig at uic.edu
Thu Mar 7 11:34:40 EST 2013
OK, I found that login.jsp in 2.3.5 has some significant differences from the one in 2.3.8, namely:
<%@ page import="edu.internet2.middleware.shibboleth.idp.authn.LoginContext" %>
<%@ page import="edu.internet2.middleware.shibboleth.idp.session.*" %>
<%@ page import="edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper" %>
<%@ page import="org.opensaml.saml2.metadata.*" %>
<%
LoginContext loginContext = HttpServletHelper.getLoginContext(HttpServletHelper.getStorageService(application),
application, request);
EntityDescriptor entityDescriptor = HttpServletHelper.getRelyingPartyMetadata(loginContext.getRelyingPartyId(),
HttpServletHelper.getRelyingPartyConfirmationManager(application));
Session userSession = HttpServletHelper.getUserSession(request);
%>
So, what would account for this change?
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Ullfig, Roberto
Sent: Thursday, March 07, 2013 10:05 AM
To: users at shibboleth.net
Subject: Upgrade Issue going from 2.3.5. to 2.3.8
Upgrading from Shib 2.3.5 to 2.3.8 (installing fresh actually). I also upgraded RHEL from 5 to 6 and running a different version of tomcat6 now (tomcat6-6.0.24). I'm unable to get Remote User info on the new server. Comparing logs between then two I see a line missing in the new server's log: "Storing LoginContext to StorageService partition loginContexts, key 0621146c-36cc-4905-9084-3b01d43a730a". Any idea where the issue could be at?
2.3.5:
08:37:18.834 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:233] - Beginning user authentication process.
08:37:18.836 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:279] - Filtering configured LoginHandlers: {urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession=edu.internet2.middleware.shibboleth.idp.authn.provider.PreviousSessionLoginHandler at 2f67d81, urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler at 4a9a1ac}
08:37:18.837 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:328] - Filtering out previous session login handler because there is no existing IdP session
08:37:18.838 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:460] - Selecting appropriate login handler from filtered set {urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler at 4a9a1ac}
08:37:18.838 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:493] - Authenticating user with login handler of type edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler
08:37:18.839 - DEBUG [edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:169] - Storing LoginContext to StorageService partition loginContexts, key 0621146c-36cc-4905-9084-3b01d43a730a
08:37:18.841 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler:66] - Redirecting to https://shibboleth-test.uic.edu:443/idp/Authn/RemoteUser
08:37:23.424 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserAuthServlet:49] - Remote user identified as rullfig returning control back to authentication engine
2.3.8:
09:52:33.705 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:240] - Beginning user authentication process.
09:52:33.705 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:283] - Filtering configured LoginHandlers: {urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession=edu.internet2.middleware.shibboleth.idp.authn.provider.PreviousSessionLoginHandler at 6ef82fe7, urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler at 68111f9b}
09:52:33.706 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:332] - Filtering out previous session login handler because there is no existing IdP session
09:52:33.706 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:464] - Selecting appropriate login handler from filtered set {urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler at 68111f9b}
09:52:33.706 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:497] - Authenticating user with login handler of type edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler
09:52:33.706 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHandler:66] - Redirecting to https://shibboleth-test.uic.edu:443/idp/Authn/RemoteUser
09:52:38.137 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserAuthServlet:77] - No remote user information was present in the request
Roberto Ullfig - rullfig at uic.edu<mailto:rullfig at uic.edu>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130307/5900ae74/attachment-0001.html
More information about the users
mailing list