Azure Link not working
M. Demhartner
demhartner at cypres-it.net
Tue Dec 11 10:39:08 EST 2018
I was in contact today with the support team.
They had to adjust the "Reply URL" in Azure AD to /Shibboleth.sso/SAML2/POST
- then it worked.
Thanks
> -----Original Message-----
> From: users <users-bounces at shibboleth.net> On Behalf Of Peter Schober
> Sent: Monday, December 10, 2018 4:17 PM
> To: users at shibboleth.net
> Subject: Re: Azure Link not working
>
> * M. Demhartner <demhartner at cypres-it.net> [2018-12-10 16:08]:
> > Thank you, so maybe there is something not correct at their end? In
> > the Azure config?
>
> Yes, though it's your config within their system that's seemingly
incorrect.
> (I haven no idea how "Azure" works, all I'm saying is that obviously
there's
> something wrong, and that the person putting the incorrect data there
should
> put correct data there in order to fix it.)
>
> > I gave them the following metadata.xml
>
> > <md:AssertionConsumerService
> > Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
> > Location="https://ram.cypres-it.com/Shibboleth.sso/SAML2/POST"
> index="1"/>
> > <md:AssertionConsumerService
> > Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
> > Location="https://ram.cypres-it.com/Shibboleth.sso/SAML2/POST-
> SimpleSign"
> > index="2"/>
> > <md:AssertionConsumerService
> > Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
> > Location="https://ram.cypres-it.com/Shibboleth.sso/SAML2/Artifact"
> > index="3"/>
> > <md:AssertionConsumerService
> > Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
> > Location="https://ram.cypres-it.com/Shibboleth.sso/SAML2/ECP"
index="4"/>
> > </md:SPSSODescriptor>
>
> As you can see there is no endpoint that ends in "Shibboleth.sso/SAML2/".
>
> So look at your config in their system and fix the incorrect endpoint URL
to
> match exactly one the above, for whatever binding is needed there. (Try
HTTP-
> POST if unsure.)
>
> -peter
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
users-unsubscribe at shibboleth.net
More information about the users
mailing list