users Digest, Vol 72, Issue 47

Cheltenham, Chris ccheltenham-ext at philasd.org
Thu Jun 8 14:28:37 EDT 2017


Thanks Scott.

I used this 

curl -s -k
'https://localhost/idp/profile/admin/reload-service?id=shibboleth.Metadata
ResolverService'

Is that the wrong one to reload you metadata providers list?


===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571
-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of
users-request at shibboleth.net
Sent: Thursday, June 8, 2017 11:05 AM
To: users at shibboleth.net
Subject: users Digest, Vol 72, Issue 47

Send users mailing list submissions to
	users at shibboleth.net

To subscribe or unsubscribe via the World Wide Web, visit
	http://shibboleth.net/mailman/listinfo/users
or, via email, send a message with subject or body 'help' to
	users-request at shibboleth.net

You can reach the person managing the list at
	users-owner at shibboleth.net

When replying, please edit your Subject line so it is more specific than
"Re: Contents of users digest..."


Today's Topics:

   1. RE: metadata-providers shib 3.2.1 (Cantor, Scott)
   2. RE: SP installation on IIS (Andrew Owen)


----------------------------------------------------------------------

Message: 1
Date: Thu, 8 Jun 2017 14:59:23 +0000
From: "Cantor, Scott" <cantor.2 at osu.edu>
To: Shib Users <users at shibboleth.net>
Subject: RE: metadata-providers shib 3.2.1
Message-ID:
	
<9846A6064BD102419D06814DD0D78DE127F135FB at CIO-TNC-D2MBX02.osuad.osu.edu>
	
Content-Type: text/plain; charset="utf-8"

> I guess the lesson is , once the metadata is loaded, if you have to 
> change it use the same file name.
> 
> If I changes the filename on metadata-providers.xml the used curl to 
> reload it, I got an error.

If you mean you accessed the reload-service endpoint and completely
reloaded the metadata configuration, it will essentially re-process
everything you give it from scratch, and any changed file locations will
be honored. Changing the config but then using the reload-metadata
endpoint to reload a *specific* identified metadata provider will not do
that, it will operate based on the original XML config it had to start
with when the metadata-providers.xml file first got loaded.

-- Scott


------------------------------

Message: 2
Date: Thu, 8 Jun 2017 15:05:09 +0000
From: Andrew Owen <andrew at search.org>
To: Shib Users <users at shibboleth.net>
Subject: RE: SP installation on IIS
Message-ID:
	
<BY1PR0701MB1708F8E3435268427AC8EFFEABC90 at BY1PR0701MB1708.namprd07.prod.ou
tlook.com>
	
Content-Type: text/plain; charset="us-ascii"

Can you confirm you followed the "installation" instructions here:
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPWindowsIIS7In
staller  especially items 1-4 after rebooting


-Andrew

From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Tariq Ahmad
Sent: Thursday, June 08, 2017 10:59 AM
To: users at shibboleth.net
Subject: SP installation on IIS


Hi All,

I am having some issues with installing the Service Provider.

I started with a clean install of Windows Server 2012 R2 Standard.
and I installed the shibboleth SP using shibboleth-sp-2.6.0.1-win64.msi.

I checked the handler mappings etc and everything seems in order.

I think I have setup a self-certificate correctly so that URLs like
https://localhost/test/default.html work as expected.

I have checked that ASP.NET is installed and working and it is.

However, when I go to https://localhost/Shibboleth.sso/Status i get the
error below:

HTTP Error 500.0 - Internal Server Error The page cannot be displayed
because an internal server error has occurred.
Most likely causes:
*         IIS received the request; however, an internal error occurred
during the processing of the request. The root cause of this error depends
on which module handles the request and what was happening in the worker
process when this error occurred.
*         IIS was not able to access the web.config file for the Web site
or application. This can occur if the NTFS permissions are set
incorrectly.
*         IIS was not able to process configuration for the Web site or
application.
*         The authenticated user does not have permission to use this DLL.
*         The request is mapped to a managed handler but the .NET
Extensibility Feature is not installed.
Things you can try:
*         Ensure that the NTFS permissions for the web.config file are
correct and allow access to the Web server's machine account.
*         Check the event logs to see if any additional information was
logged.
*         Verify the permissions for the DLL.
*         Install the .NET Extensibility feature if the request is mapped
to a managed handler.
*         Create a tracing rule to track failed requests for this HTTP
status code. For more information about creating a tracing rule for failed
requests, click here<http://go.microsoft.com/fwlink/?LinkID=66439>.
Detailed Error Information:
Module

   IsapiModule

Notification

   ExecuteRequestHandler

Handler

   AboMapperCustom-95859859

Error Code

   0x800700c1

Requested URL

   https://localhost:443/Shibboleth.sso/Status

Physical Path

   C:\inetpub\wwwroot\Shibboleth.sso\Status

Logon Method

   Anonymous

Logon User

   Anonymous


More Information:
This error means that there was a problem while processing the request.
The request was received by the Web server, but during processing a fatal
error occurred, causing the 500 error.
View more information
><http://go.microsoft.com/fwlink/?LinkID=62293&IIS70Error=500,0,0x800700c1
,9600>
Microsoft Knowledge Base Articles:
*         294807

Any advice/hints/tips would be appreciated.

Thanks.


Idox group email privacy & confidentiality notice:
The information contained in this email message is intended only for the
person or persons to whom it is addressed. Such information is
confidential and privileged and no mistake in transmission is intended to
waive or compromise such privilege. If you have received it in error,
please destroy it and notify us on 0870 333 7101. If you do not receive
complete and legible copies, please telephone us immediately. Any opinions
expressed herein including attachments are those of the author only. IDOX
group does not accept responsibility for the accuracy or completeness of
the information provided or for any changes to this email, however made,
after it was sent. Please note that it is your responsibility to scan this
message for viruses.

Registered Address:
Idox plc, 2nd floor, 1310 Waterside, Arlington Business Park, Theale, RG7
4SA

Registered Numbers:
Idox Software Ltd - 2933889 in England and Wales McLaren Software ltd -
SC213218 in Scotland

Vat Registration Number: GB 766 8008 04

Please consider the environment before printing this email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://shibboleth.net/pipermail/users/attachments/20170608/0be5acb9/attac
hment.html>

------------------------------

Subject: Digest Footer

--
To unsubscribe from this list send an email to
users-unsubscribe at shibboleth.net

------------------------------

End of users Digest, Vol 72, Issue 47
*************************************


More information about the users mailing list