SHIBBOLETH SP - Shibboleth handler invoked at an unconfigured location - Shibboleth.sso/Session/
Found the answer:
The problem was actually with the way Apache is configured. It was rewriting urls to add a / at the end of each url. so https://mysite/Shibboleth.sso/Session
became https://mysite/Shibboleth.sso/Session/
. It is always the minor things!
Since the Apache configuration is necessary for another portion of the project, I changed the Location attribute to add a slash at the end and it worked perfectly! HT- Scott Cantor on [email protected] mailing list!
Related videos on Youtube
Kevin Finkenbinder
In terms of paying the bills, I am a website developer at Michigan State University's Libraries. Areas of my life that are important (not in order of importance): Drupal Developer Baptist Pastor and Christ Follower Faithful husband to my wife Proud father of 3 kids
Updated on September 18, 2022Comments
-
Kevin Finkenbinder almost 2 years
I am trying to get shibboleth configured. When I go to
https://mysite/secure/index.php
, it works properly, I can authenticate, etc. but when I go tohttps://mysite/Shibboleth.sso/Status
(or any otherhttps://mysite/Shibboleth.sso/*
) I get the following message:shibsp::ConfigurationException
The system encountered an error at Mon Jul 10 12:06:32 2017
To report this problem, please contact the site administrator at root@localhost.
Please include the following message in any email:
shibsp::ConfigurationException at (
https://mysite/Shibboleth.sso/Session/
)Shibboleth handler invoked at an unconfigured location.
My shibboleth2.xml is as follows (comments removed for brevity):
<SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" clockSkew="1800"> <ApplicationDefaults entityID="https://mysite/shibboleth" REMOTE_USER="eppn"> <Sessions lifetime="28800" timeout="3600" checkAddress="false" relayState="ss:mem" handlerSSL="true" cookieProps="https"> <SSO entityID="https://idp.testshib.org/idp/shibboleth"> SAML2 SAML1 </SSO> <Logout>SAML2 Local</Logout> <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/> <Handler type="Status" Location="/Status" acl="127.0.0.1 ::1"/> <Handler type="Session" Location="/Session" showAttributeValues="true"/> <Handler type="DiscoveryFeed" Location="/DiscoFeed"/> </Sessions> <Errors supportContact="root@localhost" logoLocation="/shibboleth-sp/logo.jpg" styleSheet="/shibboleth-sp/main.css"/> <MetadataProvider type="XML" uri="http://www.testshib.org/metadata/testshib-providers.xml" backingFilePath="testshib-two-idp-metadata.xml" reloadInterval="180000" /> <AttributeExtractor type="XML" validate="true" path="attribute-map.xml"/> <AttributeResolver type="Query" subjectMatch="true"/> <AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/> <CredentialResolver type="File" key="my_key" certificate="my_cert" extractNames="false"/> </ApplicationDefaults> <SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/> <ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/> </SPConfig>
I have examined every config file I can find, every setting I can think of. I turned on debug mode for native.logger and shibd.logger but not found anything.
What is wrong? or where should I look?