JISCMail - JISC-SHIBBOLETH Archives

 
 Hi, 

I have installed Shib 2 IDP and trying to connect to test shib service
provider  https://sp.testshib.org/.  When I enter my credentials I am
redirected to my IDP without any error message and prompted for my
username and password. 
When I enter my user name and password I am redirected to
https://shibboleth.brunel.ac.uk/idp/Authn/RemoteUser with a 403 Access
denied error message.
I checked the Catalina logs in tomcat 5.5 and there are no error logs.
The Shib process logs reports the following:

r https://sp.testshib.org/shibboleth-sp. Using default relying party
configuration.
13:17:25.794 DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler
:169] - Creating login context and transferring control to
authentication engine
13:17:25.826 DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:147]
- Processing incoming request
13:17:25.841 DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:184]
- Beginning user authentication process
13:17:25.841 DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:192]
- Possible authentication handlers for this request:
{urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middle
ware.shibboleth.idp.authn.provider.RemoteUserLoginHandler@1c4bcda,
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport=edu.in
ternet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginHa
ndler@14aa6c3,
urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession=edu.internet2.mid
dleware.shibboleth.idp.authn.provider.PreviousSessionLoginHandler@a6997}
13:17:25.841 DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:205]
- Possible authentication handlers after filtering:
{urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middle
ware.shibboleth.idp.authn.provider.RemoteUserLoginHandler@1c4bcda,
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport=edu.in
ternet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginHa
ndler@14aa6c3,
urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession=edu.internet2.mid
dleware.shibboleth.idp.authn.provider.PreviousSessionLoginHandler@a6997}
13:17:25.841 DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:394]
- Authenticating user with login handler of type
edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginHa
ndler
13:17:25.841 DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserLoginH
andler:75] - Redirecting to
https://shibboleth.brunel.ac.uk:443/idp/Authn/RemoteUser




I checked the login.conf, web.xml and server.xml and it seems fine. What
am I missing ? How to get this working please help.


Thanks
Karthik Shan 

PS:Tried this qustion on  on Internet 2 discussion forum and posting it
again on JISC group.