Shibboleth IdP Web Login Service - Unsupported Request

Nate Klingenstein ndk at
Wed Sep 5 22:12:44 EDT 2018


I think you're still conflating the two ways that Shibboleth can interact
with CAS.

It can either act as a CAS server(which is the endpoint you're accessing,
and which does not need ShibCas) for CAS client applications using the CAS


it can be a CAS client(ShibCas) of an actual CAS server.  ShibCas then uses
the authentication provided by that CAS protocol transaction to perform a
secondary assertion of user information to another service, typically using
SAML as a protocol.

I think you want Shibboleth to be a CAS client, which means the CAS server
functionality built into Shibboleth is not relevant.  The flow through the
system would typically be:

SAML Service Provider -> Shibboleth SAML login point -> CAS Server ->
Shibboleth ShibCas plugin -> Shibboleth SAML assertion generation -> SAML
service provider

I think you should step back and understand how you want users to flow
through the system you're building.  There needs to be a clear vector that
is followed.

I'm not quite sure what else to write, I'm afraid.

I hope this helps,

On Thu, Sep 6, 2018 at 1:11 AM, fazla <fazlarabby043264 at> wrote:

> We are trying to delegate the shibboleth IdP authentication to CAS. The
> ShibCas plugin is already added and then the service was also added in the
> cas-protocol.xml. I have attached relying-party.xml
> <>
>  ,
> cas-protocol.xml
> <>
> and  general-authn.xml
> <>
>  .
> Now if we try
> https://localhost:8443/idp/profile/cas/login?service=
> instead of redirecting us to cas we are getting this error on the browser.
> Web Login Service - Unsupported Request
> The application you have accessed is not registered for use with this
> service.
> This is the logs.
> --
> Sent from:
> f1660767.html
> --
> For Consortium Member technical support, see
> confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list