Attribute release problem
olgamirth at gmail.com
Wed Aug 5 16:13:55 EDT 2015
On Wed, Aug 5, 2015 at 3:55 PM, Brent Putman <putmanb at georgetown.edu> wrote:
> On 8/5/15 3:45 PM, Michael Dahlberg wrote:
> I'm having a strange problem that I'm hoping someone could help with. In
> the Shibboleth IdP (v.2.40), I've loaded metadata for the SP entity ID
> Based on the log below, that's actually not the entityID.
Ok, my apologies. the entityID is https://example.bucknell.edu/shibboleth
and included the endpoints <https://example.bucknell.edu/shibboleth>
> https://example.bucknell.edu/shibboleth and
> Don't know what you mean by "endpoint" here. Those are not typical
> endpoints for a Shibboleth SP (or IdP for that matter).
Ok, again my apologies. By "endpoints" I meant these are the base parts of
the endpoints, e.g. http://example.bucknell.edu/Shibboleth.sso/SAML2/POST.
I thought readers would assume that the POST, POST-Simplesign, Artifact,
etc. were implied.
> The entityID scheme (if it's a URL) will never vary. It's either https or
> http, period. That's because it's an identifier, not a (necessarily)
> reachable endpoint. I think you're confused about what the entityID is.
I appreciate your criticism, but I understand what an entityID is and what
an endpoint is. I guess I was oversimplifying the URIs in the hopes that
the reader would assume the correct value. My apologies.
> Based on that entry, the SP's entityID is:
> https://example.bucknell.edu/shibboleth. That's what you should be
> configuring in your attribute filter - and should also match the
> EntityDescriptor entityID attribute in the metadata you are loading.
And thats whatI have configured in my attribute filter and it does match
the EntityDescriptor. However, the attributes are still not being released.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users