Andy,
Firewall??
I cannot see *mgraytemp3.its.dundee.ac.uk* from here, so I am guessing
neither can TestShib.
Note ports 80, 443 and 8443 will need to be open.
Regards
Richard Annett
Federated Identity Specialist
Eduserv
innovative technology services
________________________________
[log in to unmask]
tel: +44 (0)1225 474373
fax: +44 (0)1225 474332
http://www.eduserv.org.uk/athens/
________________________________
Eduserv Athens is a service of Eduserv Technologies Limited
-----Original Message-----
From: Discussion list for Shibboleth developments
[mailto:[log in to unmask]] On Behalf Of Andy Swiffin
Sent: 13 June 2007 16:17
To: [log in to unmask]
Subject: Testshib - not getting attributes
Hi,
I have a very new baby IdP which I'm testing against the Testshib site.
It authenticates me OK but isn't sending any attributes, an extract from
the SP logs says:
"2007-06-13 10:42:39 INFO SAML.SAMLSOAPHTTPBinding [419] sessionGet:
sending SOAP message to
https://mgraytemp3.its.dundee.ac.uk:8443/shibboleth-idp/AA
2007-06-13 10:42:39 DEBUG SAML.libcurl [419] sessionGet: About to
connect() to mgraytemp3.its.dundee.ac.uk port 8443
2007-06-13 10:42:39 DEBUG SAML.libcurl [419] sessionGet: Trying
134.36.40.203...
2007-06-13 10:42:54 DEBUG SAML.libcurl [419] sessionGet: Timeout
2007-06-13 10:42:54 DEBUG SAML.libcurl [419] sessionGet: Closing
connection #0
2007-06-13 10:42:54 ERROR SAML.SAMLSOAPHTTPBinding [419] sessionGet:
failed while contacting SAML responder: no further information available
So it doesn't seem to be connecting to the AA. If I try manually with a
browser I do get connected and get a nice page with the shib logo and a
message telling me:
"Shibboleth Identity Provider Failure
The Shibboleth authentication system experienced a technical failure.
Please email root@localhost and include the following error message:
Identity Provider failure at (/shibboleth-idp/AA)
org.opensaml.SAMLException: General error processing request."
Is this a known obvious newbie problem that someone could tell me how to
fix or do I just have to plug at it the hard way? (like I did getting
Apache Tomcat and openSSL to work together, grrr :-)
Cheers
Andy Swiffin
Unless otherwise agreed expressly in writing by a senior manager of
Eduserv, this communication is to be treated as confidential and the
information in it may not be used or disclosed except for the purpose
for which it has been sent.
If you have reason to believe that you are not the intended recipient
of this communication, please contact the sender immediately.
No employee or agent is authorised to enter into any binding agreement
or contract on behalf of Eduserv or Eduserv Technologies Ltd., unless
that agreement is subsequently confirmed by the conclusion of a written
contract or the issue of a purchase order.
Eduserv (Limited by Guarantee) – company number 3763109 - and
Eduserv Technologies Ltd – company number – 4256630 - are both
companies incorporated in England and Wales and have their registered
offices at Queen Anne House, 11 Charlotte Street, Bath, BA1 2NE.
|