ECP Configuration for Office 365

privas pedro.rivas664 at csuci.edu
Tue May 9 12:56:41 EDT 2017 

Hi all,

I'm having trouble getting our ECP endpoint to work with Office 365 for
basic auth. I'm still learning the basics of Shibboleth so if I can be
pointed in the right direction it would be great! I followed this wiki:
https://wiki.shibboleth.net/confluence/display/IDP30/ECPConfiguration and
successfully got ECP working with my test environment but when I applied the
same changes to my production (two loadbalanced cas/shib servers) I'm
getting the following error: 

2017-05-09 11:32:20,364 - INFO
[net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:130] - Profile
Action SelectAuthenticationFlow: Moving incomplete flow
authn/RemoteUserInternal to intermediate set
2017-05-09 11:32:20,368 - INFO [org.ldaptive.auth.Authenticator:259] -
Authentication succeeded for dn:
CN=marc.test,OU=Migrated,DC=harbor,DC=csuci,DC=edu
2017-05-09 11:32:21,956 - INFO
[net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:139] -
Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'marc.test'
succeeded
2017-05-09 11:32:21,957 - INFO
[net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:130] - Profile
Action SelectAuthenticationFlow: Moving incomplete flow authn/Password to
intermediate set
2017-05-09 11:32:21,958 - ERROR
[net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:296] - Profile
Action SelectAuthenticationFlow: No potential flows left to choose from,
authentication will fail
2017-05-09 11:32:21,959 - WARN
[org.opensaml.profile.action.impl.LogEvent:76] - An error event occurred
while processing the request: NoPotentialFlow
2017-05-09 11:32:21,965 - INFO [Shibboleth-Audit.SSO:241] -
20170509T163221Z|urn:oasis:names:tc:SAML:2.0:bindings:SOAP|_bc48d11c048d42e79b0f0dcbb3fd5e9e|urn:federation:MicrosoftOnline|http://shibboleth.net/ns/profiles/saml2/sso/ecp|https://mckinley.csuci.edu/idp/shibboleth|urn:oasis:names:tc:SAML:2.0:bindings:PAOS|_57e68eb5c457a57699256b210bba2a81||||||
2017-05-09 11:32:22,117 - INFO
[net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:130] - Profile
Action SelectAuthenticationFlow: Moving incomplete flow
authn/RemoteUserInternal to intermediate set

Thank you!



--
View this message in context: http://shibboleth.1660669.n2.nabble.com/ECP-Configuration-for-Office-365-tp7633042.html
Sent from the Shibboleth - Users mailing list archive at Nabble.com.

More information about the users mailing list