Shibboleth-3 issues with ExternalAuth?
Bryan K. Walton
bwalton+1545424647 at leepfrog.com
Fri Dec 21 15:40:03 EST 2018
We have some users who login to our SP using ExternalAuth. This was
working fine in Shibboleth 2.6.1 (Red Hat Linux 7). Then, we upgraded
our SP to shibboleth 3.0.3, and are seeing issues with ExternalAuth.
Some interesting things we are seeing in the logs:
2018-12-21 10:24:20 ERROR Shibboleth.AttributeResolver.Query [25392]
[client-name]: exception during SAML query to
https://xxxxxxxxxxxxxx:8443/idp/profile/SAML2/SOAP/AttributeQuery:
CURLSOAPTransport failed while contacting SOAP endpoint
(https://xxxxxxxxxxxxxxx:8443/idp/profile/SAML2/SOAP/AttributeQuery):
SSL certificate problem: application verification failure
2018-12-21 10:24:20 ERROR Shibboleth.AttributeResolver.Query [25392]
[xxxxxxxxxxx]: unable to obtain a SAML response from attribute
authority
2018-12-21 10:24:20 ERROR Shibboleth.Handler.ExternalAuth [25392]
[xxxxxxxxxxx]: attribute resolution failed: Unable to obtain a SAML
response from attribute authority.
(It should be noted, that users authenticating from the same IdP, but
NOT using ExternalAuth, don't generate these cert warnings.)
Anybody having issues like this? Or might know what is going on?
Thanks,
Bryan Walton
--
Bryan K. Walton 319-337-3877
Linux Systems Administrator Leepfrog Technologies, Inc
More information about the users
mailing list