Dual IdP System

Young, Darren Darren.Young at chicagobooth.edu
Tue May 19 18:02:18 EDT 2015

After going back to the previous <SSO> tag I used the femma tool to export
the ADFS metadata and added it to the Shib SP as a local file. I also
registered the SP as a relying party in the ADFS IdP. After fiddling with
misspellings & punctuation issues of the parameters to the SP Login url I
am now getting bounced through the ADFS login screen.

Thanks for the heads up to remove the other configuration elements, the
<SSO> tag + Login? is so much easier.

Now to see what the headers look like on the app.

Thanks for the pointers.

Darren Young
Systems & Security Architect
Information Technology
The University of Chicago
Booth School of Business
5807 South Woodlawn Ave
Chicago, Illinois 60637
Tel: 773.702.0331
www.ChicagoBooth.edu <http://www.chicagobooth.edu/>

Get the latest Booth Thinking
<http://twitter.com/BoothThinking> <http://youtube.com/booththinking>

On 5/18/15, 7:41 PM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:

>On 5/19/15, 12:30 AM, "Young, Darren" <Darren.Young at chicagobooth.edu>
>>That's what it does, I hit /secure/landing.aspx, put in the EntityID,
>>submit and that's the URL the browser 500's at.
>The URL you posted was this:
>That's what I would expect it to go back to, and I have no idea what
>cause an error, but no error from IIS means anything unless you turn off
>its error masking or check the logs.
>That is not exactly the same URL I was talking about. The <SSO> element
>installs code to /Shibboleth.sso/Login and you should be able to build
>links to that location with parameters to do any testing you need without
>wasting any time trying to get that old discovery code to work if it's
>working easily.
>-- Scott
>To unsubscribe from this list send an email to
>users-unsubscribe at shibboleth.net

More information about the users mailing list