Shibboleth Idp does not persist URL hash fragments across a login redirect.

abdul waheed abdulwaheed18 at gmail.com
Mon Apr 18 07:38:30 EDT 2016 

Hi, Is it possible to add template attribute in SSO tag, Will it work? e.g:

<SSO entityID="https://domain.com/idp/shibboleth" acsIndex="1"
acsByIndex="false" template="bindingTemplate.html" SAML2
</SSO>

I tried few times but seems like bindingTemplate is not getting called. I
am thinking to call bindingTemplate.html and then write some script into it
which stores the current URL to target attributes.

Previously,I was facing the similar issue with Discovery Service but later
on I modified idpselect.js file and it started working. SP is now
redirecting to the previous URL after Authentication(In script, I just
added window.location.hash to targel url)

Thanks,
Abdul.



On Wed, Apr 13, 2016 at 9:45 PM, Nate Klingenstein <ndk at sudonym.me> wrote:

> It is indeed basically a relic of configuration from the beginning of the
> universe.
>
> There is an endpoint that is similar to the /Login default endpoint at
> /TestShib, still full of cruft for other historical reasons.
>
>             <SessionInitiator type="Chaining" Location="/TestShib"
> isDefault="true" id="testshib-idp"
>                   relayState="cookie" entityID="
> https://idp.testshib.org/idp/shibboleth">
>                   <SessionInitiator type="SAML2" acsByIndex="false"
> acsIndex="1" template="/etc/shibboleth/bindingTemplate.html"/>
>                   <SessionInitiator type="Shib1" acsIndex="5"/>
>             </SessionInitiator>
>
> You could probably use this.  I’ve changed the metadata to remove the
> DiscoveryService DS element and added a init:RequestInitiator TestShib
> element.
>
> Thanks for reporting this.
>
> > On Apr 13, 2016, at 09:57, Peter Schober <peter.schober at univie.ac.at>
> wrote:
> >
> > * Peter Schober <peter.schober at univie.ac.at> [2016-04-13 15:00]:
> >> If the Testshib SP had a RequestInitiator endpoint configured
> >> (e.g. /Shibboleth.sso/Login)
> >
> > Note that the Testshib SP publishes a DiscoveryReponse/@Location
> > endpoint in the testshib-providers.xml that's not available:
> >
> >  shibsp::ConfigurationException at
> >  (https://sp.testshib.org/Shibboleth.sso/DS)
> >  Shibboleth handler invoked at an unconfigured location.
> >
> > That must be a artifact from an software earlier upgrade, combined
> > with old configuration, I think.
> > Could someone maybe fix that and add a RequestInitiator endpoint, too?
> >
> > Thanks,
> > -peter
> > --
> > To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160418/7c34b4be/attachment.html>

More information about the users mailing list