Case sensitivity of URL scheme in IdPv3 (Ellucian WebAdvisor)
Rich Graves
rgraves at carleton.edu
Thu Dec 17 15:35:20 EST 2015
I'm trying to authenticate to Ellucian WebAdvisor from Shib IdPv3.2.
It "works" in Shib v2.
The (awful) SP has all-caps "HTTPS" hard-coded and as far as we can tell immutable, resulting in SAML requests starting with
<?xml version="1.0" encoding="UTF-8"?>
<samlp :AuthnRequest AssertionConsumerServiceURL="HTTPS://hub-dev.its.carleton.edu:443/WebAdvisor/WebAdvisor"
If I put lower case https:// in the SP metadata AssertionConsumerService, I get "No metadata returned in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor"
If I use upper case HTTPS://, the IdP chokes here:
2015-12-17 13:45:29,280 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:411] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location HTTPS://hub-dev.its.carleton.edu:443/WebAdvisor/WebAdvisor using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
org.opensaml.messaging.handler.MessageHandlerException: Relying party endpoint used the untrusted URL scheme HTTPS
(How) can I define "HTTPS" as a trusted URL scheme? Other approaches?
More information about the users
mailing list