Shibboleth handler invoked at an unconfigured location
peter.schober at univie.ac.at
Thu May 19 09:57:15 EDT 2016
* reda sabir <sabiretude at gmail.com> [2016-05-19 12:05]:
> - I retook the same use case : One SP and two IdP where each IdP
> will be used when the user access a specific URL. So, I have two
> hostname pointing at the same website: wso2.shibboleth.example.com
> and openam.shibboleth.example.com.
You already agreed that there was no need for Overrides, yet your
configuration features ApplicationOverrides?!
> - The httpd config look like this :
> <VirtualHost *:80>
> ServerName wso2.shibboleth.example.com
> DocumentRoot "/var/www/html/"
> <Location /secure>
> AuthType shibboleth
> ShibRequestSetting requireSession 1
> ShibRequestSetting applicationId default
> require shib-session
"applicationId default" is a noop, AFAIU ("default" is default).
Instead of the override what you want here is
ShibRequestSetting entityID https://entityid-of-one-such-idp.example.org
> ShibRequestSetting applicationId openam-id
Same thing: Drop the override, add an entityID parameter.
> <MetadataProvider type="XML" validate="true"
Here add metadata for all IDPs, not just one.
> <ApplicationOverride id="openam-id">
Lose the whole ApplicationOverride and child elements.
I've not yet looked at your DEBUG log since none of what you do
matches what you said you wanted.
More information about the users