[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: RE: Juniper ssl vpn strips double slash
From: Bart Ophelders <Bart.Ophelders () icts ! kuleuven ! be>
Date: 2011-07-27 10:17:42
Message-ID: AAD316D782B99545AEF3C52BBF3B1832A141716866 () ICTS-S-EXC2-CA ! luna ! kuleuven ! be
[Download RAW message or body]
Hello,
We have the same problem with our juniper ssl vpn.
We noticed that SP's using the SAML2 Artifact protocol get through without
problems.
Bart
-----Original Message-----
From: Peter Schober [mailto:peter.schober@univie.ac.at]
Sent: woensdag 27 juli 2011 9:25
To: users@shibboleth.net
Subject: Re: Juniper ssl vpn strips double slash
* Francesco Malvezzi <francesco.malvezzi@unimore.it> [2011-07-26 15:29]:
> when accessing a SP inside juniper ssl vpn, users authenticate on Idp,
> then receive an error:
>
> Error Message: No profile handler configured for request at path:
> /SAML2/Redirect/http:/sp.cesia.unimo.it/Shibboleth.sso/SAML2/POST
>
> It looks the correct url: http://sp.cesia.unimo.it get stripped by a
> slash and now is not correct any more: http:/sp.cesia.unimo.it
The problem is not dropping one slash from the URL. Slapping on an URL at
the end of REQUEST_URI /SAML2/Redirect/ does not make a valid request (or
protocol endpoint).
> Has anybody experienced something similar? Are there known work-around?
I've been reported the exact same behaviour a couple weeks ago, only with
our Cisco VPN when used in "Web VPN" mode (not using a real VPN client on
the client maschine). The current workarounds for us are to a. Recomend use
of a locally installed vpn client instead of web vpn b. Try to get web site
owners to not require campus IP address ranges
*and* SAML2 sessions simultaneously (the latter should suffice).
-peter
--
To unsubscribe from this group, send email to
users+unsubscribe@shibboleth.net
["smime.p7s" (application/pkcs7-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic