Dual IdP System
Young, Darren
Darren.Young at chicagobooth.edu
Mon May 18 19:26:03 EDT 2015
That's where the sp sent me to.
Sent from my iPhone
> On May 18, 2015, at 6:25 PM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
>
> On 5/18/15, 11:13 PM, "Young, Darren" <Darren.Young at chicagobooth.edu>
> wrote:
>
>
>
>> Qw have a Windows 2008R2 machine that currently works with one IdP and
>> we¹re trying to test it against another one. For this I¹d like to use the
>> manual/static html local discovery in the SP and just type in the EntityID
>> for the IdP we want to hit. If I can get one working then I¹ll move on to
>> getting the SP in the other IdP and troubleshoot that. This is just a POC
>> of the 2 IdP hence the static html disco for now.
>
> That's probably major overkill, just go to
> /Shibboleth.sso/Login?entityID=... and that should be more than enough to
> test with.
>
>> The shibboleth2.xml file used to have an <SSO> entry for that one IdP:
>>
>> <SSO entityID="urn:mace:incommon:uchicago.edu">
>> SAML2
>> </SSO>
>>
>> I replaced that with the following:
>
> You can't replace that without putting in at least one
> AssertionConsumerService, and you don't need to, don't replace it. Just
> add a SessionInitiator, don't take out the SSO element.
>
>> What did I miss in my config? I was expecting to see the uchicago IdP
>> login page after I hit submit.
>
> No idea, that's not enough to even hazard a guess without any logs.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list