idp.testshib.org errors from our SP

[Spencer Thomas]

It may be a stale config file that still tried to load the testshib metadata.  But I don’t understand why someone would come in with valid SAMLResponse for their own IDP and get somehow mapped to the testshib entity ID.

On 2/21/20, 12:10 PM, "users on behalf of Cantor, Scott" <users-bounces at shibboleth.net on behalf of cantor.2 at osu.edu> wrote:

    Thinking out loud a bit, having had hassles with my own stale links around campus, if you can't tell from the Referrer where the traffic is coming from and you see no access logs that demonstrate a request to /Login?entityId=<testshib> (and to be clear, I think that's sort of impossible, I think it means your logs have gaps)....
    
    What I would probably do as a hack is mock up testshib metadata with an SSO service pointing to an error page you control and use that page to make a plea for "what the hell did you do to get here?" feedback.
    
    -- Scott
    
    
    
    -- 
    For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
    To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net