How to query decoded SAML response in Shbboleth SP version 3.0.1
Peter Schober
peter.schober at univie.ac.at
Fri Oct 22 12:49:35 UTC 2021
* Kannan, Satheesh (ELS-CON) <s.kannan.1 at elsevier.com> [2021-10-22 13:38]:
> I have successfully configured Assertion Export in sessions
> Element. When I try to access https://domain.com/SHIRE/GetAssertion
> seems to be getting Assertion Lookup Failed error returned with 500
> response code.
It seems you have found the documentation
https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335032/AssertionExport
but you're still not following the algorithm described there to get
access to the assertion. Quoting the relevant part below:
> Then, when instructed to do so for a request (via the exportAssertion
> content setting), the application will be given a header or variable
> called Shib-Assertion-Count with the number of assertions that are
> available.
>
> The URL to query for each assertion is passed in an individual header
> or variable named Shib-Assertion-NN, where NN is the two-digit
> sequence number of the assertion(01, 02, etc). Performing a GET on
> that location will result in the assertion, with a MIME type of
> "application/samlassertion+xml".
See this example code I wrote to illustrate usage:
https://shibboleth.net/pipermail/users/2017-December/038620.html
> 1.Apache Level configured below
[...]
> 2.Added Path in Request Mapper <Path authType="shibboleth" name="secure" />
There's no need to be using the Request Mapper (at all) when using
Apache httpd.
> ERROR Shibboleth.Handler.AssertionLookup : assertion lookup request
> failed, missing required parameter
"missing required parameter" is what's wrong.
-peter
More information about the users
mailing list