Target URL is lost using Discovery Service
Mihael Koep
mihael.koep at softwareschneiderei.de
Tue Dec 1 04:43:25 EST 2015
Hi Scott,
Am 27.11.2015 um 17:46 schrieb Cantor, Scott:
> On 11/26/15, 6:01 AM, "users on behalf of Mihael Koep" <users-bounces at shibboleth.net on behalf of mihael.koep at softwareschneiderei.de> wrote:
>
>
>> I would be glad for any device how to solve or further debug the issue.
> Discovery doesn't break this feature, so you're going to have to talk to whoeever is running the DS and/or trace the traffic. Maybe you're mixing vhosts, http/https, etc. The SP works fine in that scenario, so the only person with the necessary access is you, unless your servers/link(s) are public.
>
> You could drop the relayState setting to see the actual URLs passed around, or just use cookies and then you can trace what it's dropping into them.
>
I installed the shibboleth EDS to ease my debugging and dropped the
relayState setting as per your advice. I call the EDS with the URL
https://ankaanna-dm.anka.kit.edu/eds/?entityID=https%3A%2F%2Fbldm.anka.kit.edu%2Fshibboleth&return=https%3A%2F%2Fankaanna-dm.anka.kit.edu%2FShibboleth.sso%2FLogin&target=https%3A%2F%2Fankaanna-dm.anka.kit.edu%2Fbonnie%2F
After selecting an IDP I can see the SAML-Request with SAML tracer and
the RelayState https://ankaanna-dm.anka.kit.edu/
So at this point the target URL is already lost. Now my question is how
does the relayState get populated or how can I influence its value?
Could it be a problem, that my entity id
(https://bldm.anka.kit.edu/shibboleth) does not match my SP hostname
(https://ankaanna-dm.anka.kit.edu/)?
Many thanks in advance!
kind regards,
Mihael Koep
--
Mihael Koep | Softwareentwicklung
Softwareschneiderei GmbH | Gerwigstraße 10 | 76131 Karlsruhe | GERMANY
Registergericht: Amtsgericht Mannheim, HRB 109299
Geschäftsführer: Daniel Lindner
Tel.: +49 (0) 721 / 66 388 -08 | Fax.: +49 (0) 721 / 66 388 -09
http://www.softwareschneiderei.de
More information about the users
mailing list