X509 Authn in IDPv3

Cantor, Scott cantor.2 at osu.edu
Tue Apr 5 21:11:03 EDT 2016

On 4/5/16, 8:54 PM, "users on behalf of Pradeep Jamble" <users-bounces at shibboleth.net on behalf of pjamble at gmail.com> wrote:

>Has anyone setup X509 Authn in IDP v3 via Apache front-end? I keep getting this exception in Tomcat logs but nothing in the IdP logs (with debug logs enabled) to indicate where it's failing.
>Apr 05, 2016 3:19:23 AM org.apache.catalina.core.StandardWrapperValve invoke
>SEVERE: Servlet.service() for servlet [X509AuthHandler] in context with path [/idp] threw exception [Error processing external authentication request] with root cause
>net.shibboleth.idp.authn.ExternalAuthenticationException: No conversation state found in session for key (e1s1)

Sorry, I can't think of any way it can happen. Whatever it is will probably be obvious in hindsight, but I have no idea what it is.

Are you using mod_proxy_ajp to connect them? If so, then I'm pretty much at a loss. Either you're not using a supported Tomcat, or you're using a broken one, or some other weird problem is making it impossible for it to recognize the JSESSIONID cookie and pick up the session properly.

-- Scott

More information about the users mailing list