Dual IdP System

Young, Darren Darren.Young at chicagobooth.edu
Mon May 18 19:26:03 EDT 2015

That's where the sp sent me to. 

Sent from my iPhone

> On May 18, 2015, at 6:25 PM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
> On 5/18/15, 11:13 PM, "Young, Darren" <Darren.Young at chicagobooth.edu>
> wrote:
>> Qw have a Windows 2008R2 machine that currently works with one IdP and
>> we¹re trying to test it against another one. For this I¹d like to use the
>> manual/static html local discovery in the SP and just type in the EntityID
>> for the IdP we want to hit. If I can get one working then I¹ll move on to
>> getting the SP in the other IdP and troubleshoot that. This is just a POC
>> of the 2 IdP hence the static html disco for now.
> That's probably major overkill, just go to 
> /Shibboleth.sso/Login?entityID=... and that should be more than enough to 
> test with.
>> The shibboleth2.xml file used to have an <SSO> entry for that one IdP:
>> <SSO entityID="urn:mace:incommon:uchicago.edu">
>> SAML2
>>            </SSO>
>> I replaced that with the following:
> You can't replace that without putting in at least one 
> AssertionConsumerService, and you don't need to, don't replace it. Just 
> add a SessionInitiator, don't take out the SSO element.
>> What did I miss in my config? I was expecting to see the uchicago IdP
>> login page after I hit submit.
> No idea, that's not enough to even hazard a guess without any logs.
> -- Scott
> -- 
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

More information about the users mailing list