MCB v. legacy Shibboleth1 profile
Rich Graves
rgraves at carleton.edu
Thu Apr 10 23:58:44 EDT 2014
My test Shib 2.4 IdP with MCB works fine with all our modern SAML2 SPs, but 3 vendors apparently hard-coded to /profile/Shibboleth/SSO don't. Is this by design? Any workaround? Yes I will try to get the SPs (Symplicity and PeopleAdmin) fixed.
Apr 10, 2014 10:43:02 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet AuthenticationEngine threw exception
java.lang.ClassCastException: edu.internet2.middleware.shibboleth.idp.authn.ShibbolethSSOLoginContext cannot be cast to edu.internet2.middleware.shibboleth.idp.authn.Saml2LoginContext
at edu.internet2.middleware.assurance.mcb.authn.provider.MCBLoginHandler.login(MCBLoginHandler.java:98)
22:43:02.417 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:467] - Authenticating user with previous session LoginHandler
22:43:02.417 - DEBUG [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:478] - Basing previous session authentication on active authentication method urn:oasis:names:tc:SAML:2.0:ac:classes:Password
22:43:02.417 - DEBUG [edu.internet2.middleware.assurance.mcb.authn.provider.MCBLoginHandler:90] - MCBConfiguration bean = [edu.internet2.middleware.assurance.mcb.authn.provider.MCBConfiguration at 718c9d0a]
22:43:02.420 - DEBUG [org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] - Checking child metadata provider for entity descriptor with entity ID: https://pa160.peopleadmin.com/shibboleth
22:43:02.420 - DEBUG [org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] - Searching for entity descriptor with an entity ID of https://pa160.peopleadmin.com/shibboleth
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140410/b8b0c09f/attachment-0001.html
More information about the users
mailing list