Google Apps with IdP v3 not working
Cantor, Scott
cantor.2 at osu.edu
Fri Aug 28 10:15:53 EDT 2015
On 8/28/15, 6:21 AM, "users on behalf of Dave Perry" <users-bounces at shibboleth.net on behalf of Dave.Perry at hull-college.ac.uk> wrote:
>Interestingly, I don't seem to get a saml interaction in the logs at all. Here's the last few lines of an attempt (stating that it had a value in the attribute to send, but seems to skip sending a message):
Well, you told it to. What rule you set up in the context-check flow? Whatever it is, it's not been met. With Google, that might be the check that the right attribute has been populated for the NameID to be generated, or some kind of entitlement.
Aside from that, I'm aware the logging when these "error" events occur is awful, I have a bug open on that and it will get fixed in the next release. We erred a little hard on the "no extra logging" side and need to recalibrate.
That said, you can change your audit log format so you're not being driven insane. You can log much, much more information out of that step to help see the end result, and I would encourage people to use that.
-- Scott
More information about the users
mailing list