IdP v4 SAML Authentication Proxy Questions
Cantor, Scott
cantor.2 at osu.edu
Mon Oct 5 22:30:24 UTC 2020
On 10/5/20, 6:15 PM, "users on behalf of Nate Klingenstein" <users-bounces at shibboleth.net on behalf of ndk at signet.id> wrote:
> 1) Are unsolicited SSO requests supported?
No.
> 2020-10-05 22:06:27,499 - 67.164.181.150 - INFO [org.opensaml.saml.saml2.profile.impl.ValidateAssertions:331] - >Profile Action ValidateAssertions: Assertion validation failure msg was: No subject confirmation methods were met for
> assertion with ID '_06f292908fdd7f33a8d0d241ab629fd7'
I would assume from that the SC is invalid. Client address perhaps? I don't know what all the errors actually look like. Sounds like it decrypted if it logged the assertion's ID.
> I'm using a single entityID for both pieces and the metadata loaded by the secondary IdP's is consistent with that. Is
> there a way to get at least the assertion or some more information? All providers in question are Shibboleth.
It logs the response, I know that much (plus the other IdP would log it too, but I know the proxy code will too).
-- Scott
More information about the users
mailing list