Attribute release problem
Michael Dahlberg
olgamirth at gmail.com
Wed Aug 5 15:45:19 EDT 2015
I'm having a strange problem that I'm hoping someone could help with. In
the Shibboleth IdP (v.2.40), I've loaded metadata for the SP entity ID
https://example.bucknell.edu and included the endpoints
https://example.bucknell.edu/shibboleth and
http://example.bucknell.edu/shibboleth. The attribute-filter.xml file is
configured to release the same attributes regardless of whether the
AttributeRequesterString is either the http or the https variant. When the
SP makes the authentication and authorization request, the recipient is
http://example.bucknell.edu/Shibboleth.sso/SAML2/POST , the audience is
https://example.bucknell.edu/shibboleth, and, unfortunately, no attributes
are released. The idp-process.log file just shows the following:
14:10:57.566 - INFO [Shibboleth-Audit:1028] -
20150805T181057Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_ffde89b008ca7d858f7f4ea8735d2eb2|
https://example.bucknell.edu/shibboleth|urn:mace:shibboleth:2.0:profiles:saml2:sso|https://shib.bucknell.edu/idp/shibboleth|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_dc9c3bfd14ebf25b51c8a1495d05a3d7|fertig|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport||_7cc0122db7f58781ffb4238839b9646c|_cac1d35e2b3dafdbecf6ba1563918a8c,|
... no attributes are listed as being released and none are received on the
SP example.bucknell.edu.
Any suggestions will be welcome.
Thanks,
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150805/9d3c55ae/attachment-0001.html>
More information about the users
mailing list