IIS 7.5 web application, SP and shibboleth2.xml - ApplicationOverride not taking precedence over ApplicationDefaults

Cantor, Scott cantor.2 at osu.edu
Tue Sep 9 14:11:55 EDT 2014

On 9/9/14, 2:00 PM, "Haer, Neelam" <nklhaer at mail.ubc.ca> wrote:

>I used the term "sending over" because somehow, the idP logs are showing
>that settings from the ApplicationDefaults section (which don't contain
>any relevant information) as opposed to the actual settings, which are in
>the <ApplicationOverride> section. I hope
> that makes better sense?

Sort of, but my answer is the same.

>I double-checked that the applicationIds are matching, we typically don't
>change them and it looks like in this instance they have not been changed
>from the defaults, but why is the idP not using the ApplicationOverride

The IdP doesn't "use" anything. The SP uses them when it does things. If
it's using the wrong settings, then the requests aren't mapped the way you
think they are.

><RequestMapper type="Native">
><RequestMap applicationId="default">
><Host name="clientSiteNameInIIS">
><Path name="locked" applicationId="rename--my-application-name"
>authType="shibboleth" requireSession="false" exportAssertion="false">

In that situation, it's possible the content involved with the problem
doesn't live under that path.

Or the Site mapping is not associating the expected hostname with the

-- Scott

More information about the users mailing list