change IdP IP address and unknown artifact
Athanasios Douitsis
aduitsis at gmail.com
Mon Nov 24 10:43:00 EST 2014
Nope, the messages are actually on the new IP. My first thought was DNS
TTL, but the old IP was actually down as I had stopped the jail. So I
shouldn't be able to see server if that was so.
The new IP gets the request to /profile/SAML2/SOAP/ArtifactResolution
normally, but for some reason doesn't know about the artifact being
requested. Query, the artifact value is completely opaque, right?
On Mon, Nov 24, 2014 at 5:38 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 11/24/14, 3:30 PM, "Athanasios Douitsis" <aduitsis at gmail.com> wrote:
> >
> >The host system is a FreeBSD 9 jail, and I simply copied the jail to
> >another machine and changed its IP address.
> >
> >After stopping the initial jail, I changed the IdP A record to point to
> >the new IP, I started the second jail with the new IP and started seeing
> >these messages for a couple of minutes. I reverted back to the original
> >jail as I hadn't expected to run into this kind of trouble.
>
> If the messages were on the old IP, the cause is DNS caching bugs. If
> they're on the new IP, then the only explanation is that clients are
> getting artifacts from the old one.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
Athanasios Douitsis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20141124/14de0839/attachment.html
More information about the users
mailing list