IDP v3 Double Login
McKean, Brandon Scott - mckeanbs
mckeanbs at jmu.edu
Fri Aug 14 10:33:09 EDT 2015
I'll do my best. The link for the SP was like this originally:
https://jmu.vendor.com/secure<https://jmu-abroad.terradotta.com/secure/>
After change, it looked like this:
https://jmu.vendor.com/secure/
As far as I'm aware, it had been like that for a while with Shibboleth 2 in use. Switching to Shibboleth 3 on our end, as far as we can tell, made it start producing double login issues.
I'm not sure what else may have changed on their end, but that's all they said they had changed. They suspect it's a new change in Shibboleth 3, but I find myself doubtful on that front.
Hope this makes sense, but let me know.
-- Brandon McKean IT / Systems Linux Administrator (540)568-4235
On Fri, 2015-08-14 at 14:21 +0000, Cantor, Scott wrote:
On 8/14/15, 9:56 AM, "users on behalf of McKean, Brandon Scott - mckeanbs" <users-bounces at shibboleth.net<mailto:users-bounces at shibboleth.net> on behalf of mckeanbs at jmu.edu<mailto:mckeanbs at jmu.edu>> wrote:
Following up on this, we're finding that adding an additional slash, /, to the initial login link that users use to start a session from the SP alleviated the issue here.
Can you be more specific? I'm not sure I can translate that into what actually was happening, but it sounds as though they might have had differing applicationIds being applied to the resources possibly, and it was crossing an SP application boundary.
-- Scott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150814/8775d005/attachment-0001.html>
More information about the users
mailing list