How to /Authn/RemoteUser with IdP 3.0
Kathy E. Wright
kewrig at clemson.edu
Wed May 27 21:04:09 EDT 2015
Thank you Scott.
I commented out idp.authn.flows.initial=RemoteUser and the config works
successfully.
Kathy
---------- Forwarded message ----------
From: Cantor, Scott <cantor.2 at osu.edu>
Date: Wed, May 27, 2015 at 8:54 PM
Subject: Re: How to /Authn/RemoteUser with IdP 3.0
To: Shib Users <users at shibboleth.net>
Cc: Mark Mercado <mamercad at me.com>, Barry Johnson <cyclist at clemson.edu>
On 5/28/15, 12:36 AM, "Kathy E. Wright" <kewrig at clemson.edu> wrote:
>Our config contained trailing spaces after "RemoteUser" in
>%{idp.home}/conf/idp.properties.
>
>* idp.authn.flows=RemoteUser
>* idp.authn.flows.initial=RemoteUser
You should probably not set idp.authn.flows.initial.
>Extra white spaces are not trimmed from values entered into
>idp.properties.
They can't be, we don't know that every possible property ever supported
would be safe to trim (we don't even control what they are, people can add
anything they want).
The feedback from the first installation workshop was that spaces are
tripping people up, so we have to add trimming to the places the
properties are actually used where it's appropriate.
And I think do better logging of situations where a configured value isn't
matching something, that should be a strong error.
-- Scott
--
To unsubscribe from this list send an email to
users-unsubscribe at shibboleth.net
--
Infrastructure & Ops
CCIT, 340 Computer Court
Anderson, SC 29625
kewrig at clemson.edu
(864) 656-8133
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150527/10298592/attachment.html>
More information about the users
mailing list