OIDC plugin installation fails behind HTTP proxy
Manuel Haim
haim at hrz.uni-marburg.de
Wed Jun 2 15:15:04 UTC 2021
Hi Scott,
Zitat von "Cantor, Scott" <cantor.2 at osu.edu>:
> You define a Spring file with the bean(s) you want, and use -hc to
> specify the name of the HTTP client and then pass the name of the
> Spring file on the end of the plugin command.
well, I guess I missed out the "Optional Parameter" paragraph in the
wiki, and there was no xml example. Thanks for pointing that out to me.
So I moved my bean definition into a separate file now, but the
connection problem remains:
# /opt/shibboleth-idp/bin/plugin.sh --verbose -hc
shibboleth.UMRProxyHttpClient -i oidc-common-dist-1.1.0.tar.gz
umr-http-client.xml
> Maybe Apache's proxy support broke.
I guess so. Or are the parameters not consumed correctly by the
shibboleth.HttpClientFactory? I just found a JIRA ticket from
19-May-2021 which also states a HTTP proxy problem with
shibboleth.HttpClientFactory:
https://issues.shibboleth.net/jira/browse/JDUO-45
However, in my metadata-providers.xml configuration, I successfully
use the proxyHost and proxyPort attributes. Is this not based on the
Apache library?
Kind regards,
Manuel
>
> OTOH if you managed to get a proxy-supporting bean running and it
> still didn't work....not much I can say. It has worked in the past.
> Maybe Apache's proxy support broke.
>
> The plugin installer can also be forced to bypass remote connections
> in the worst case.
>
> -- Scott
>
> [1] https://wiki.shibboleth.net/confluence/display/IDP4/PluginInstallation
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
More information about the users
mailing list