{"type":"doc","content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Service Provider Single Server Configuration","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"/etc/shibboleth/shibboleth2.xml","type":"text"}]}]}]},{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n \n\n\n \n /shibboleth-sp\"\n REMOTE_USER=\"eppn subject-id pairwise-id persistent-id\"\n cipherSuites=\"DEFAULT:!EXP:!LOW:!aNULL:!eNULL:!DES:!IDEA:!SEED:!RC4:!3DES:!kRSA:!SSLv2:!SSLv3:!TLSv1:!TLSv1.1\">\n\n \n\n \n \"\n discoveryProtocol=\"SAMLDS\" \n discoveryURL=\"https://ds.example.org/DS/WAYF\">\n SAML2\n \n\n \n SAML2 Local\n\n \n \n \n \n\n \n \n\n \n \n\n \n \n \n\n \n \n\n \n \n\n \n \n \n \n\n \n \n\n \n \n\n \n \n \n\n \n\n \n \n\n \n \n\n\n","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Service Provider Multiple Server Configuration","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"/etc/shibboleth/shibboleth2.xml","type":"text"}]}]}]},{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n \n\n\n \n /shibboleth-sp\"\n REMOTE_USER=\"eppn subject-id pairwise-id persistent-id\"\n cipherSuites=\"DEFAULT:!EXP:!LOW:!aNULL:!eNULL:!DES:!IDEA:!SEED:!RC4:!3DES:!kRSA:!SSLv2:!SSLv3:!TLSv1:!TLSv1.1\">\n\n \n\n \n \"\n discoveryProtocol=\"SAMLDS\" \n discoveryURL=\"https://ds.example.org/DS/WAYF\">\n SAML2\n \n\n \n SAML2 Local\n\n \n\n \n \n\n \n \n\n \n \n\n \n \n \n\n \n \n\n \n \n\n \n \n url=\"http://md.incommon.org/InCommon/InCommon-metadata.xml\"\n backingFilePath=\"customer-metadata.xml\" maxRefreshDelay=\"7200\">\n \n \n\n \n \n\n \n \n\n \n \n \n\n\t\t\n /shibboleth-sp\"\n REMOTE_USER=\"uid\">\n \n \n\n \t\n \t\"\n discoveryProtocol=\"SAMLDS\" \n discoveryURL=\"https://ds.example.org/DS/WAYF\">\n SAML2\n \n SAML2 Local\n \n \n \n \n \n \n \n \n\n \n \n \n \n \n \n \n \n \n \n \n\n \n \n\n \n \n\n\n","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"type":"hardBreak"},{"text":"Troubleshooting","type":"text"}]},{"type":"paragraph","content":[{"text":"If for some reason, you are getting an error with authentication, you may want to turn off validation. ","type":"text"}]},{"type":"codeBlock","content":[{"text":"opensaml::FatalProfileException at (https://pcr360.ucla.edu/Shibboleth.sso/SAML2/POST)\n\nA valid authentication statement was not found in the incoming message.","type":"text"}]},{"type":"paragraph","content":[{"text":"Authenticating with Microsoft, for example, doesn’t use valid SAML2, and this can cause problems. Open /etc/shibboleth/shibboleth2.xml and modify the “validate” parameter. See the code snippet below:","type":"text"}]},{"type":"paragraph"},{"type":"paragraph"},{"type":"codeBlock","content":[{"text":" \n\n","type":"text"}]},{"type":"paragraph"}],"version":1}

Browser not supported