...
| Expand | ||
|---|---|---|
| ||
| "Looping" refers to a situation in which an attempt to login to the SP results in a rapid cycle of redirections between the IdP and the SP with a new session created every time around. Please follow the instructions from Shibboleth WIKI page to troubleshoot. |
| Expand | ||
|---|---|---|
| ||
By default, Shibboleth attributes that released to your shibboleth SP are available to your application as server variables, not available in HTTP headers. But not all the server expose custom server variables to application, for example .asp. It's dangerous using HTTP headers. If you have to get Shibboleth attributes from HTTP header, you could enable it by adding useHeaders=”true” in <ISAPI tag>. In your application, you should always get authenticated user's netID from server variable REMOTE_USER. Detail and examples about attribute access https://wiki.shibboleth.net/confluence/display/SP3/AttributeAccess SpoofChecking if using HTTP headers https://wiki.shibboleth.net/confluence/display/SP3/SpoofChecking |
Need Help?
contact idmgmt@cornell.edu
...