Attribute release problem
putmanb at georgetown.edu
Wed Aug 5 15:55:21 EDT 2015
On 8/5/15 3:45 PM, Michael Dahlberg wrote:
> I'm having a strange problem that I'm hoping someone could help with.
> In the Shibboleth IdP (v.2.40), I've loaded metadata for the SP entity
> ID https://example.bucknell.edu
Based on the log below, that's actually not the entityID...
> and included the endpoints https://example.bucknell.edu/shibboleth and
Don't know what you mean by "endpoint" here. Those are not typical
endpoints for a Shibboleth SP (or IdP for that matter).
> The attribute-filter.xml file is configured to release the same
> attributes regardless of whether the AttributeRequesterString is
> either the http or the https variant.
The entityID scheme (if it's a URL) will never vary. It's either https
or http, period. That's because it's an identifier, not a (necessarily)
reachable endpoint. I think you're confused about what the entityID is.
> 14:10:57.566 - INFO [Shibboleth-Audit:1028] -
Based on that entry, the SP's entityID is:
https://example.bucknell.edu/shibboleth. That's what you should be
configuring in your attribute filter - and should also match the
EntityDescriptor entityID attribute in the metadata you are loading.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users