Need to modify AuthnContextClassRef in ExternalAuth

Stefan Santesson stefan at
Mon Dec 21 14:00:09 EST 2015

Scott and Cristopher

Does the problem happen only when you enable shibboleth.authn.External.addDefaultPrincipals and request a specific auth type or all of the time?  Did you create your own principal class - which might have serialization issues? 

No I have tried turning that on and off. Same problem.

Did this problem happen before you upgraded to 3.2.1?


The profile flow isn't performing the "load" step required by the new client storage plugin. That's handled automatically by the standard flows, so I have to assume this isn't a standard one and your customization is out of sync with the IdP's core code.

-- Scott

This is a standard auth/External flow (if that counts as a standard flow).
I have read something in the documentation “” that there is a new web storage plugin to be used instead of the cookie-based storage plugin.
I have tried commenting away in web.xml everything related to cookie based storage as suggested in the documentation.

The result is that my IdP does not store any cookie, nor any web storage in my web browser.

I have turned on

No luck here. At all.

How do can I perform the “load” step required?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list