Shibboleth SP and ADFS
Scott Severtson
ssevertson at digitalmeasures.com
Tue Apr 5 14:48:16 EDT 2016
All,
We're trying to set up our Shibboleth SP 2.5.2 to work with a client's ADFS
server, and have been running into problems.
In our logs, we see events like:
---
2016-04-04 15:52:26 INFO Shibboleth-TRANSACTION [155]: New session (ID: )
with (applicationId: default) for principal from (IdP:
http://login.apus.edu/adfs/services/trust) at (ClientAddress: 172.76.24.18)
with (NameIdentifier: none) using (Protocol:
urn:oasis:names:tc:SAML:2.0:protocol) from (AssertionID: )
2016-04-04 15:52:26 INFO Shibboleth-TRANSACTION [155]: Cached the following
attributes with session (ID: ) for (applicationId: default) {
2016-04-04 15:52:26 INFO Shibboleth-TRANSACTION [155]: }
---
The strange part is that the session ID is logged as blank. No errors are
reported. Signature Debugging is enabled, and shows that the XML is being
decrypted correctly.
The client transformed their metadata using "Federation Metadata Manager
for ADFS" (https://sourceforge.net/projects/femma/); the modified metadata
is currently at:
https://login.apus.edu/adfs/FederationMetadata/2007-06/Shibboleth/FederationMetadata.xml
Has anyone run into the blank session ID issue? Anything else we or they
should be doing to debug the problem?
Thanks,
Scott Severtson
Digital Measures
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160405/e20c45a2/attachment.html>
More information about the users
mailing list