idp login issue connecting to ldap

Paul Caskey pcaskey at
Mon Aug 3 21:35:52 EDT 2015

Yes, java remained at ver 8 for both 9.3 and 9.2, so it seems like a jetty issue.

-----Original Message-----
From: Cantor, Scott [cantor.2 at]
Received: Monday, 03 Aug 2015, 7:25PM
To: Shib Users [users at]
Subject: Re: idp login issue connecting to ldap

On 8/3/15, 8:13 PM, "users on behalf of Paul Caskey" <users-bounces at on behalf of pcaskey at> wrote:

>First, I have not read this entire thread, so my apologies if this is completely off-base, but it might be relevant.  I was recently working on a new V3 IdP and ran into an issue where trying to login (via the normal login form) resulted in a simple re-display of the login page with no displayed errors and no messages written to idp-process.log, even with ldaptive and idp in DEBUG.

Sounds similar.

>I was running Jetty 9.3.  I reverted to 9.2 and then started getting errors messages in idp-process.log.  The errors basically indicated that I had not installed the JCE, which I had overlooked (error was invalid key length for the sealer key, IIRC).  That IdP is now running fine on Jetty 9.2 (with JCE), I never went back to 9.3.

I assume you mean "with full-strength policy files", the JCE is there regardless.

That's more likely to be a Java 7 vs. 8 issue than Jetty (were you still on 8?), but more to the point I can't off-hand think of a connection between that component and this particular part of the system.

The policy isn't supposed to matter for AES-128, but that never seems to be very consistent, and we just documented it as requiring the full-strength files regardless.

-- Scott

To unsubscribe from this list send an email to users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list