Shibboleth/apache/O365 Azure/Reverse Proxy
Peter Schober
peter.schober at univie.ac.at
Wed May 13 15:49:34 UTC 2020
* ptedesco <ptedesco at ims.consulting> [2020-05-13 16:51]:
> Can you please take a look at this log and see if there is something I am
> missing? I have been atthis for days now and recreated the setup about 5
> time with no success.
>
> Shibd.log <https://shibboleth.1660669.n2.nabble.com/file/t399239/Shibd.log>
What exactly is unclear about the following lines from that log?
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.microsoft.com/identity/claims/tenantid, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.microsoft.com/identity/claims/objectidentifier, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.microsoft.com/identity/claims/displayname, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.microsoft.com/identity/claims/identityprovider, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.microsoft.com/claims/authnmethodsreferences, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
2020-05-13 14:37:44 INFO Shibboleth.AttributeExtractor.XML [3] [default]: skipping SAML 2.0 Attribute with Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name, Format:urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
So here are the attribute names (and formats) you DID recieve via SAML
but do NOT currently have in your attribute map.
(In case you're also interested in the emailAddress-format NameiD
there's also a line about that I have not included above.)
No guesswork involved. Add those to your map and the software will be
able to use then,
> This is all I get in the Shibd_warn.log
>
> 2020-05-13 14:37:18 WARN Shibboleth.AttributeExtractor.XML : skipping
> duplicate Attribute mapping (same name and nameFormat)
> 2020-05-13 14:37:18 WARN Shibboleth.AttributeExtractor.XML : skipping
> duplicate Attribute mapping (same name and nameFormat)
No, the log you posted online has all of the above lines in them.
I can not explain how you don't see those when you're able to send those.
-peter
More information about the users
mailing list