SP looping next step?
IAM David Bantz
dabantz at alaska.edu
Mon Nov 10 20:32:45 EST 2014
Sorry to bore list members with yet another "looping" issue. As our IdP
operator I'm trying to assist on-premises WordPress service provider.
We've reviewed the document at
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPLooping and
used SAML Tracer to track exactly what URLs are being used:
target: https://communitydev.uaf.edu/wp-admin
redirects to: https://idp.alaska.edu/idp/Authn/MCB
ACS: https://communitydev.uaf.edu/Shibboleth.sso/SAML2/POST
resource: https://communitydev.uaf.edu/shibboleth.sso/Login
re-directs to target to re-loop through these same URLs
The SP creates and stores a _shibsession_.. cookie in the browser,
and the IdP creates and stores an _idp_session cookie that is modified each
loop through.
No part of this leaps out to me and I'm tempted to just point the finger
back to the
behavior of the target, but perhaps one of you can tell me how else to be
helpful
to the service owner?
David Bantz
U Alaska
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20141110/77a6772f/attachment.html
More information about the users
mailing list