Upgrade from v4.0.1 to v4.2.1 - InvalidNameIDPolicy
Nilan Morjaria-Patel
N.Morjaria-Patel at soton.ac.uk
Wed Jun 22 08:54:35 UTC 2022
Hi Scott,
So https://play01982.soton.ac.uk/shibboleth is the entityID of a test SP. Swapping out the upgraded IDP for a non-upgraded IDP and it works fine, no InvalidNameIDPolicy error. So something I have missed in the Release notes that causes this perhaps? Any tips to diagnose, perhaps put into debug?
Thanks
________________________________
From: Cantor, Scott <cantor.2 at osu.edu>
Sent: 21 June 2022 13:02
To: Shib Users <users at shibboleth.net>
Cc: Nilan Morjaria-Patel <N.Morjaria-Patel at soton.ac.uk>
Subject: Re: Upgrade from v4.0.1 to v4.2.1 - InvalidNameIDPolicy
CAUTION: This e-mail originated outside the University of Southampton.
On 6/20/22, 10:08 AM, "users on behalf of Nilan Morjaria-Patel via users" <users-bounces at shibboleth.net on behalf of users at shibboleth.net> wrote:
> As stated in the subject I have just attempted to upgrade one of our dev Shibb IDP servers, however I now
> get the following in idp-warn.log:
There's nothing about an upgrade that suddenly makes a NameIDPolicy show up. That's the SP's choice.
> It appears the SP is requesting urn:oasis:names:tc:SAML:2.0:nameid-format:transient.
It doesn't appear that way at all, it's requesting persistent.
-- Scott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220622/31ee8c45/attachment.htm>
More information about the users
mailing list