SP Redirects straight to XML instead of IDP Authentication Page

Cantor, Scott cantor.2 at osu.edu
Mon Nov 17 14:49:28 EST 2014


On 11/17/14, 6:19 PM, "Mohammad Rahman" <mrahman at brookdalecc.edu> wrote:

>Shibboleth IDP loads configuration successfully, but when I try to visit 
>the page
>
>https://finaid.brookdalecc.edu/NetPartner/NetPartnerStudent/Logon.aspx

If you're visiting that page directly, then that is very likely not the 
ACS of the SAML SP there, so you probably have the wrong metadata to start 
with. But it's not impossible.

><https://finaid.brookdalecc.edu/NetPartner/NetPartnerStudent/Logon.aspx>, 
>it redirects me to my IDPs page followed by the SAML request
>https://idp1.brookdalecc.edu/idp/shibboleth 
><https://idp1.brookdalecc.edu/idp/shibboleth?SAMLRequest=7L0HYBxJliUmL23Ke
>39K9UrX4HShCIBgEyTYkEAQ7MGIzeaS7B1pRyMpqyqBymVWZV1mFkDM7Z28995777333nvvvfe
>6O51OJ%2fff%2fz9cZmQBbPbOStrJniGAqsgfP358Hz8iHv8e7xZlepnXTVEtP%2ftod7zzUZo
>vp9WsWF589tFXb55tH3z0exwlj5tsUa4eHa%2fb%2bfJV%2fovWedOm9OKyecRffPbRul4%2bq
>rKmaB4ts0XePGqnj14ff%2fH80d5459GqrtpqWpUfpWdPP%2ftoPrk4n7ytzmdvZz9d5vkir6r
>l5GKxmvx0sVpOJ9n0p396OptMzz9Kf9JgtQeszppmnZ8tmzZbtvTRzu7%2b9u7u9u6DN7sHj3Y
>ePNp78FMfpS%2b1pyfFUgawCa2JNGoeffvNm5fbL798%2fYYBXBazvH5BrT%2f76EXevszqdpn
>X6P5l1jTFJX18npVN%2flF63DR53RKCJ9WyWS%2fy%2bnVeXxbT%2fKtXz2mUbbtqHt29e14ss
>2I2ntRV9XaWlfl0Os5n67sOsvfr63Y9y5ft3efVRbUcZ83q3UdHSZoy7R%2fx8GuP6JsHlxnkP
>jpyHTy%2b64GyoFePMNqzpy%2brsphep8dlWV2d1HnW0lDbek0jTe8SB9zts8BR8v8EAAD%2f%
>2fw%3d%3d&RelayState=%2fNetPartner%2fNetPartnerStudent%2fDefault.aspx>

And you gave them the wrong metadata. That isn't a SAML SSO endpoint for 
the IdP. The metadata generated by the installer has examples of what the 
metadata looks like for a default install.

-- Scott



More information about the users mailing list