MCB v. legacy Shibboleth1 profile

Rich Graves rgraves at
Thu Apr 10 23:58:44 EDT 2014

My test Shib 2.4 IdP with MCB works fine with all our modern SAML2 SPs, but 3 vendors apparently hard-coded to /profile/Shibboleth/SSO don't. Is this by design? Any workaround? Yes I will try to get the SPs (Symplicity and PeopleAdmin) fixed. 

Apr 10, 2014 10:43:02 PM org.apache.catalina.core.StandardWrapperValve invoke 
SEVERE: Servlet.service() for servlet AuthenticationEngine threw exception 
java.lang.ClassCastException: edu.internet2.middleware.shibboleth.idp.authn.ShibbolethSSOLoginContext cannot be cast to edu.internet2.middleware.shibboleth.idp.authn.Saml2LoginContext 
at edu.internet2.middleware.assurance.mcb.authn.provider.MCBLoginHandler.login( 

22:43:02.417 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:467] - Authenticating user with previous session LoginHandler 
22:43:02.417 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:478] - Basing previous session authentication on active authentication method urn:oasis:names:tc:SAML:2.0:ac:classes:Password 
22:43:02.417 - DEBUG [edu.internet2.middleware.assurance.mcb.authn.provider.MCBLoginHandler:90] - MCBConfiguration bean = [edu.internet2.middleware.assurance.mcb.authn.provider.MCBConfiguration at 718c9d0a] 
22:43:02.420 - DEBUG [org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] - Checking child metadata provider for entity descriptor with entity ID: 
22:43:02.420 - DEBUG [org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] - Searching for entity descriptor with an entity ID of 

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list