Hi Nick,
It doesn't look as if the SP is worried about certificates any more.
What I am seeing now is:
> 2008-07-24 08:31:07 INFO SAML.SAMLSOAPHTTPBinding [356] sessionGet: sending SOAP message > to https://dev-wsos-shib.warwick.ac.uk:80/idp/profile/SAML1/SOAP/AttributeQuery
> 2008-07-24 08:31:07 INFO Shibboleth.Trust.Basic [356] sessionGet:
> certificate match found in KeyDescriptor
> 2008-07-24 08:31:07 ERROR shibtarget.SessionCache [356] sessionGet:
> caught SAML exception during SAML attribute query: CgoKPC
> FET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQu
> MDEgVHJhbnNpdGlvbmFsLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL1RSL2h0
> bWw0L3RyYW5zaXRpb25hbC5kdGQiPgo8aHRtbD4KPGhlYWQ+Cjx0aXRsZT4K
> CjwvdGl0bGU+CgogIDxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg
> Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiPgogIAog
> IDxNRVRBIE5BTUU9InJvYm90cyIgQ09OVEVOVD0ibm9pbmRleCxub2ZvbGxv
> [...lots of this, snipped...]
Decoding that as base64, it appears to be HTML, perhaps your SSO login page?
(Part pasted below). In any case it doesn't look like the SAML response
which the poor SP is expecting. Can you check to see that the above URL
is being correctly passed through the web server to the right part of
the IdP?
Fiona.
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/transitional.dtd">
<html>
<head>
<title>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<META NAME="robots" CONTENT="noindex,nofollow">
<link rel="stylesheet" href="/idp/css/standard5.css" type="text/css">
<!--[if lt IE 7]>
<link rel="stylesheet" href="/idp/css/ielt7.css" type="text/css">
<![endif]-->
<!--[if IE 5]>
<link rel="stylesheet" href="/idp/css/ie5.css" type="text/css">
<![endif]-->
<!-- <script type="text/javascript" src="/static_war/render/scripts/id5scripts.js"></script> -->
<link rel="stylesheet" href="/idp/css/sso.css" type="text/css" media="screen">
<script type="text/javascript" src="/idp/scripts/popuplib.js"></script>
<script type="text/javascript" src="/idp/scripts/helppopup.js"></script>
</head>
<body>
<div id="leftShadow"></div>
<div id="leftTopShadow"></div>
<div id="topLeftShadow"></div>
<div id="warwickBar">
<div id="warwickBarLeft">
<div id="warwickBarRight">
<div class="access-info">
<a name="topAnchor" id="topAnchor"></a>
<a href="#contentAnchor" accesskey="2">Skip to content</a>
<a href="#navAnchor">Skip to navigation</a>
</div>
<a href="http://www2.warwick.ac.uk"><img id="warwickLogo" alt="Warwick home" src="/idp/images/logo.png"/></a>
<div id="utilityStrip">
<!-- <c:choose>
<c:when test="true">
<strong><a href="<sso:loginlink />">Sign in</a></strong>
</c:when>
<c:otherwise>
Signed in as
<c:out value="" /> (<c:out
value="" />)
•
<strong><a href="<sso:logoutlink />">Sign out</a></strong>
</c:otherwise>
</c:choose> -->
</div>
|