Refresh login page w/kerberos handler

Francesc Travesa francesc.travesa at
Wed Sep 24 22:07:33 EDT 2014

Hi Shibboleth users,

I have a clean installation of shibboleth 2.4.2 in a RHEL, for java I use openjdk.

I have installed the kerberos login handler using this instructions:

It works fine. It logs me to the SP or shows access denied.

The problem happens at refreshing the login page. If you refresh the login page https://IDP/idp/AuthnEngine it goes back to the SP with an error opensaml::FatalProfileException.

Sub-Status: urn:oasis:names:tc:SAML:2.0:status:AuthnFailed

And the log in the IDP is the following:

10:40:21.632 - ERROR [edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:563] - Authentication failed with the error:
edu.internet2.middleware.shibboleth.idp.authn.AuthenticationException: No user identified by login handler.

Is there something I have to put in some conf file to avoid that beheaviour? I tried other installations, with username and password, and I can refresh the login page with no problem (but in that case the url in the IDP is idp/UserPassword, and not AuhtnEngine).

I am not sure if going to the idp/AuthnEngine page is already wrong or not. Looks like some easy missing config. Do you know what causes that?

Any help will be appreciated,
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list