Attribute release problem
Michael Dahlberg
olgamirth at gmail.com
Wed Aug 5 16:13:55 EDT 2015
On Wed, Aug 5, 2015 at 3:55 PM, Brent Putman <putmanb at georgetown.edu> wrote:
>
>
> On 8/5/15 3:45 PM, Michael Dahlberg wrote:
>
> I'm having a strange problem that I'm hoping someone could help with. In
> the Shibboleth IdP (v.2.40), I've loaded metadata for the SP entity ID
> https://example.bucknell.edu
>
>
> Based on the log below, that's actually not the entityID.
>
Ok, my apologies. the entityID is https://example.bucknell.edu/shibboleth
and included the endpoints <https://example.bucknell.edu/shibboleth>
> https://example.bucknell.edu/shibboleth and
> http://example.bucknell.edu/shibboleth.
>
>
> Don't know what you mean by "endpoint" here. Those are not typical
> endpoints for a Shibboleth SP (or IdP for that matter).
>
Ok, again my apologies. By "endpoints" I meant these are the base parts of
the endpoints, e.g. http://example.bucknell.edu/Shibboleth.sso/SAML2/POST.
I thought readers would assume that the POST, POST-Simplesign, Artifact,
etc. were implied.
> The entityID scheme (if it's a URL) will never vary. It's either https or
> http, period. That's because it's an identifier, not a (necessarily)
> reachable endpoint. I think you're confused about what the entityID is.
>
>
>
I appreciate your criticism, but I understand what an entityID is and what
an endpoint is. I guess I was oversimplifying the URIs in the hopes that
the reader would assume the correct value. My apologies.
>
> Based on that entry, the SP's entityID is:
> https://example.bucknell.edu/shibboleth. That's what you should be
> configuring in your attribute filter - and should also match the
> EntityDescriptor entityID attribute in the metadata you are loading.
>
And thats whatI have configured in my attribute filter and it does match
the EntityDescriptor. However, the attributes are still not being released.
Thanks,
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150805/16b9bbb2/attachment-0001.html>
More information about the users
mailing list