Problem with /idp/AuthnEngine

Seth Ristow sristow at lps.org
Fri Jan 30 15:35:12 EST 2015


> No. Everything starts the process at /idp/AuthnEngine except the ECP case, and then forwards/redirects to various places depending on the login handler. 

The difference then must be the path that they enter. Google Apps and others are coming in using SAML2/Redirect/SSO, while Microsoft is using SAML2/POST/SSO. If I initiate a session with another SP and then use MS's SP then the IDP sends attributes along as expected. However, if I try to initiate the session when it uses the POST profile, I get the page but the input is ignored. With further testing, it appears that the Kerberos login which is located on the same page works as well. 
When the form is submitted, it attempts to post to /idp/AuthnEngine. Is this normal, or should the login handler be pushing me to a different URL? 

Seth Ristow 
Lincoln Public Schools 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20150130/3010210a/attachment.html 


More information about the users mailing list