>>> On 15/05/2009 at 13:19, in message
<[log in to unmask]>, Jethro R Binks
<[log in to unmask]> wrote:
> Is anyone experiencing problems today?
>
> I am getting end users forwarding messages like this:
>
> "Identity Provider failure at (/shibboleth-idp/SSO)
>
> 13:11:19,713 ERROR Assertion consumer service URL
> (http://login.westlaw.co.uk/app/authentication/sso/ukfed/auth/rcv) is NOT
> valid for provider (https://www.westlaw.co.uk/metadata). -
> edu.internet2.middleware.shibboleth.idp.provider.ShibbolethV1SSOHandler
> [TP-Processor18;20090515]
>
> and looking in the metadata, which I have manually refreshed, I see
> entries like:
>
> <AssertionConsumerService
> Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
> Location="https://login.westlaw.co.uk.ukclt.int.westlaw.com/app/authenticati
> on/sso/ukfed/auth/rcv"
> index="2"></AssertionConsumerService>
>
> "login.westlaw.co.uk.ukclt.int.westlaw.com" seems an odd hostname, and
> there are similar ones.
Odd, but correctly formed.
>
> Anyone else seeing issues?
Yes, The ACS in the metadata is https://login.westlaw.co.uk/app/authentication/sso/ukfed/auth/rcv
But they're coming in with http://etc which is what is generating the error.
Would some at UK fed admin like to let them know, they've obviously been tinkering?
Andy
The University of Dundee is a registered Scottish charity, No: SC015096
|