Shibboleth IDP 4 on Ubuntu 18.04 with Jetty 10 => Stale Request and Access Denied!!!
Kay Taylor
kay_taylor at outlook.com
Tue Dec 21 22:11:49 UTC 2021
Hi Nate,
Thanks for your response. The hostnames are the same:
http://18.216.227.40:8080/idp/profile/admin/hello
http://18.216.227.40:8080/idp/profile/admin/hello?execution=e1s1
You can follow it to see for yourself 😉.
Where do I configure admin rights?
________________________________
From: users <users-bounces at shibboleth.net> on behalf of Nate Klingenstein <ndk at signet.id>
Sent: Tuesday, December 21, 2021 10:43 PM
To: Shib Users <users at shibboleth.net>; users at shibboleth.net <users at shibboleth.net>
Subject: RE: Shibboleth IDP 4 on Ubuntu 18.04 with Jetty 10 => Stale Request and Access Denied!!!
Kay,
Something's probably off in your web server configuration such that cookies are not being set or sent back properly. If the host names are different, as implied by your redaction, that would do it. Either way, use the browser extension SAMLtracer and watch for JSESSIONID.
> http://xx.xxx.xxx.xx:8080/idp/profile/admin/hello
> http://xxx.xxx.xxx.xx:8080/idp/profile/admin/hello?execution=e1s1
You will certainly want to use https once you get this working.
> http://xx.xxx.xxx.xx:8080/idp/status
> I score an Access Denied.
This is to be expected if you haven't configured administrative access rights for the user-agent you're using to access the page. The default configuration restricts access to localhost only.
Take care,
Nate
--------
Signet, Inc.
The Art of Access ®
https://www.signet.id
--
For Consortium Member technical support, see https://shibboleth.atlassian.net/wiki/x/ZYEpPw
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20211221/34d43268/attachment.htm>
More information about the users
mailing list