Shibboleth does not accept absolute value in Sessions.handlerURL

nr673 . at
Mon Feb 16 13:41:23 EST 2015

Thanks Scott/Peter.

In my environment, the Apache server is configured to accept the SSL
connection only with the empty port or default port 443.


So, I configured the post back URL in OKTA(IdP) as
https://server.name1/Shibboleth.sso/SAML2/POST. But, the shibboleth
generates the POST url with the default port number as
https://server.name1:80/Shibboleth.sso/SAML2/POST. This url mismatch
results in the BindingException.

So, I want to modify the URL generated by Shibboleth. Since the handlerURL
accepts only the relative value, I cannot make the Shibboleth to generate
either https://server.name1/Shibboleth.sso/SAML2/POST or



On Mon, Feb 16, 2015 at 6:53 AM, Cantor, Scott <cantor.2 at> wrote:

> On 2/16/15, 1:55 AM, "nr673 ." < at> wrote:
> >When I set the absolute value for the handlerURL, the metadata prefixes
> >the server name twice.
> Well, that metadata is not guaranteed to be correct, so if this affects
> you greatly, you're doing something wrong. But it's probably a bug and/or
> related to some issue with server virtualization being configured
> improperly so that the requests don't seem to be handled by the same vhost
> contained in the handlerURL.
> You can file a bug, but you'll need to be very detailed about the web
> server configuration and how you're accessing the handler.
> -- Scott
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list