CA Site Minder IDP : Shibboleth SP

Bhattacharjee, Raja Raja.Bhattacharjee at
Tue Apr 8 20:24:13 EDT 2014


I am encountering an issue with my setup and any assistance will be appreciated.

Trying to federate with one of our customer who is using CA SiteMInder as their IDP.

The setup on my side is

        <ApplicationOverride id="acme_app" entityID=""
                signing="false" encryption="false"
                REMOTE_USER="eppn persistent-id targeted-id">
                <Sessions lifetime="28800" timeout="3600" checkAddress="false" handlerSSL="false" cookieProps="http" relayState="cookie"
                        <SSO entityID="">
                                SAML2 SAML1
                <MetadataProvider type="XML" file="/app/sso/shibboleth-sp/metadata/sso-acme.metadata.xml">
                <AttributeExtractor type="XML" file="/app/sso/shibboleth-sp/etc/shibboleth/attribute-map.xml">

All federation is working fine except the fact that ACS is not returning the correct URL redirect back to the browser

Instead of redirecting to it is doing the following

2014-04-08 23:47:11 DEBUG Shibboleth.SSO.SAML2 [3]: ACS returning via redirect to:

I have tried ss:mem as relayState with the same end result. The above application override template is working for all other IDP providers that we federate with.

Following the redirection to if end user with enterprise Acme adds  /acme to the URL, it works.

Thanks and let me know if you need any additional information


-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list