Help Releasing Attributes
cantor.2 at osu.edu
Wed Dec 9 17:23:07 EST 2015
On 12/9/15, 4:56 PM, "users on behalf of David E. Newswanger" <users-bounces at shibboleth.net on behalf of David_Newswanger at berea.edu> wrote:
>I copied the default connector for LDAP from attribute-resolver-ldap.xml into attribute-attribute-resolver.xml and I've also copied over the default attribute descriptions from attribute-resolver-full.xml for some of the standard attributes that we use in our
> LDAP instance such as sn and mail. I've removed all the filters in attrbute-filter.xml and attribute-policy.xml to allow for everything to pass through unmolested,
Removing policies doesn't cause everything to pass through, quite the reverse.
>I've tried to use the aacli.sh script like so: ./aacli.sh --principal newswangerd --configDir /opt/shibboleth-idp/conf/ --requester
> https://idp.testshib.org/idp/shibboleth and rather than receiving a SAML
> assertion like the wiki said I should, I got this string:
You're copying some kind of old example, but that error means your IdP isn't reachable over localhost on port 80.
More information about the users