Configuring Attribute Release Consent with SP blacklist
Etienne Dysli-Metref
etienne.dysli-metref at switch.ch
Tue Apr 19 03:53:35 EDT 2016
On 15/04/16 05:47, Lipscomb, Gary wrote:
> [2] relying-party.xml
> <bean id="shibboleth.NoUserConsentRelyingPartybyTag" parent="RelyingPartyByTag">
You've put this bean into <util:list
id="shibboleth.RelyingPartyOverrides">, right?
> [3] idp-process.log
> 2016-04-15 13:30:53,298 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:132] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://onlinedevel.csu.edu.au/shibboleth
> 2016-04-15 13:30:53,327 - DEBUG [net.shibboleth.idp.relyingparty.impl.DefaultRelyingPartyConfigurationResolver:293] - Resolving relying party configuration
> 2016-04-15 13:30:53,328 - DEBUG [net.shibboleth.idp.relyingparty.impl.DefaultRelyingPartyConfigurationResolver:305] - Checking if relying party configuration shibboleth.NoUserConsentRelyingPartybyTag is applicable
> 2016-04-15 13:30:53,329 - DEBUG [net.shibboleth.idp.relyingparty.impl.DefaultRelyingPartyConfigurationResolver:310] - Relying party configuration shibboleth.NoUserConsentRelyingPartybyTag is not applicable
> 2016-04-15 13:30:53,329 - DEBUG [net.shibboleth.idp.relyingparty.impl.DefaultRelyingPartyConfigurationResolver:314] - No relying party configurations are applicable, returning the default configuration shibboleth.DefaultRelyingParty
Do you have DEBUG turned on for
org.opensaml.saml.common.profile.logic.EntityAttributesPredicate.Candidate?
That's the object checking the condition.
Etienne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://shibboleth.net/pipermail/users/attachments/20160419/c9e68830/attachment.sig>
More information about the users
mailing list