'Re: [Shib-Users] Beginners question'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: [Shib-Users] Beginners question
From:       Chad La Joie <lajoie () itumi ! biz>
Date:       2011-04-25 13:50:09
Message-ID: 4DB57C11.1060301 () itumi ! biz
[Download RAW message or body]

Running on separate machines/VMs more closely models real world
deployments and is easier if you're not very comfortable with whichever
OS you're running but it is by no means necessary.  I run various test
setups where I have multiple SPs and an IdP on a single VM.

On 4/25/11 4:59 AM, B.E.N. van der Veen wrote:
> My tip (I also banged my head for some time ;-)) Install the IDP and SP
> on two seperate machines. (Or virtual boxes). This gives you more
> feeling what does what and where....
> 
> Nate Klingenstein schreef:
>> Chance,
>>
>> Did you register your IdP with TestShib?  It doesn't seem to recognize
>> you.
>>
>> 2011-04-24 22:20:43 WARN Shibboleth.SSO.SAML2 [20]: no metadata found,
>> can't establish identity of issuer (https://idp.elon.edu/idp/shibboleth)
>> 2011-04-24 22:20:43 DEBUG OpenSAML.SecurityPolicyRule.MessageFlow
>> [20]: evaluating message flow policy (replay checking on, expiration 60)
>> 2011-04-24 22:20:43 DEBUG XMLTooling.StorageService [20]: inserted
>> record (_90960e325351ead8a29617fe6f040e91) in context (MessageFlow)
>> 2011-04-24 22:20:43 DEBUG OpenSAML.SecurityPolicyRule.XMLSigning [20]:
>> ignoring message, no issuer metadata supplied
>> 2011-04-24 22:20:43 DEBUG OpenSAML.SecurityPolicyRule.SimpleSigning
>> [20]: ignoring message, no issuer metadata supplied
>> 2011-04-24 22:20:43 WARN Shibboleth.SSO.SAML2 [20]: detected a problem
>> with assertion: Unable to establish security of incoming assertion.
>> https://www.testshib.org/testshib-two/join.jsp
>>
>> Also, for future reference, TestShib makes its logs available to
>> deployers so you can easily debug these problems yourself.
>>
>> https://sp.testshib.org/cgi-bin/splog.cgi?lines=300&logname=shibd.log
>>
>> Have a great night,
>> Nate.
>>
>> On Apr 25, 2011, at 2:25 , Chance Cox wrote:
>>
>>> unbelievable, hours of banging my head and it is a case error....ugh
>>> thanks very much. i am now getting this error from testshib.
>>>
>>> opensaml::FatalProfileException at
>>> (https://sp.testshib.org/Shibboleth.sso/SAML2/POST)
>>>
>>> i guess i authenticated but i think something else is wrong.
>>>
>>> Thank You,
>>>
>>> -Chance
>>
>>
> 
> 

-- 
Chad La Joie
http://itumi.biz
trusted identities, delivered
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic