IDP 3 Endpoint error
NPTabunakawai
nimcee at gmail.com
Wed May 6 18:45:18 EDT 2015
Hi Kevin
Thanks for the reply, yes we have httpd listening on 80 and 443 (also added
8443).The generated idp metadata endpoints refer to https://servername
without any port.
On Thu, May 7, 2015 at 10:28 AM, Kevin Foote <kpfoote at uoregon.edu> wrote:
>
> > On May 6, 2015, at 3:23 PM, NPTabunakawai <nimcee at gmail.com> wrote:
> >
> > We have recently installed IDP 3.1.1 on CentOS 7 and Tomcat8 and have
> set up the basic configs with our SPs. When trying to access my SP Iam
> redirected to the IdP but I get a corrupted content page with the following
> message in my IdP logs :
> >
> >
> > ERROR
> [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:199]
> - Message Handler: SAML message intended destination endpoint '
> https://myIdPserver/idp/profile/SAML2/Redirect/SSO' did not match the
> recipient endpoint '
> https://myIdPserver:8443/idp/profile/SAML2/Redirect/SSO'
> >
> > In my SP, entityID and other configs reference the idp server without
> without port 8443 (Adding the port does not make any difference). I have
> found other posts with roughly the same issue and suspect that the Tomcat
> server configs are affecting the redirect. Is this correct or is there
> something missing in IdP setup?
>
>
> So what is your IdP server listing on? Is anything in front of Tomcat
> i.e.: HTTPD?
> What does your Metadata for the IdP indicated for endpoints?
>
> This appears to be a simple ServerName / Metadata mismatch.
>
> --------
> thanks
> kevin.foote
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150507/10085bc1/attachment.html>
More information about the users
mailing list