{"type":"doc","content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Service Provider Single Server Configuration","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"/etc/shibboleth/shibboleth2.xml","type":"text"}]}]}]},{"type":"codeBlock","content":[{"text":"\n \n\t\n \n\t\t\n\t\t\t\n\t\t\t\tSAML2 SAML1\n\t\t\t\n \n\t\t\tSAML2 Local\n\t\t\t\n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\n\t \n\t\t\n \n\t\t\n\t \n\t\t\n\t \t\n\t \t\n\t \t\n \n\t\n \n\t\n\t\n \n","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Service Provider Multiple Server Configuration","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"/etc/shibboleth/shibboleth2.xml","type":"text"}]}]}]},{"type":"codeBlock","content":[{"text":"\n \n\t/shibboleth-sp\"\n\t\tREMOTE_USER=\"uid\">\n \n\t\t\n\t\t\t\"\n\t\t\t\tdiscoveryProtocol=\"SAMLDS\" \n\t\t\t\tdiscoveryURL=\"http://www.w3.org/2000/09/xmldsig#\">\n\t\t\t\tSAML2 SAML1\n\t\t\t\n \n\t\t\tSAML2 Local\n \t\t\t\n \t\t\t\n \t\t\t\n \t\t\t\n\t\t\n \n\t\t\n \n\t\t\"\n\t\t\tbackingFilePath=\"InCommon-metadata.xml\" \n\t\t\treloadInterval=\"180000\" />\n \n\t\t\n \t\t\n \t\t\n \t\t\n \n\t\t/shibboleth-sp\"\n\t\t\tREMOTE_USER=\"uid\">\n \n\t\t\t\n \t\t\t\t\"\n\t\t\t\t\tdiscoveryProtocol=\"SAMLDS\" \n\t\t\t\t\tdiscoveryURL=\"http://www.w3.org/2000/09/xmldsig#\">\n\t\t\t\t\tSAML2 SAML1\n\t\t\t\t\n \n\t\t\t\tSAML2 Local\n\t\t\t\t \n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\n \n\t\t\t\n \n\t\t\t\"\n\t\t\t\tbackingFilePath=\"InCommon-metadata.xml\" \n\t\t\t\treloadInterval=\"180000\" />\n\n\t\t\t\n\t\t\t\n\t\t\t\n\t\t\t\n\t\t\n\t\n \n\t\n\t\n \n","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"type":"hardBreak"},{"text":"Troubleshooting","type":"text"}]},{"type":"paragraph","content":[{"text":"If for some reason, you are getting an error with authentication, you may want to turn off validation. ","type":"text"}]},{"type":"codeBlock","content":[{"text":"opensaml::FatalProfileException at (https://pcr360.ucla.edu/Shibboleth.sso/SAML2/POST)\n\nA valid authentication statement was not found in the incoming message.","type":"text"}]},{"type":"paragraph","content":[{"text":"Authenticating with Microsoft, for example, doesn’t use valid SAML2, and this can cause problems. Open /etc/shibboleth/shibboleth2.xml and modify the “validate” parameter. See the code snippet below:","type":"text"}]},{"type":"paragraph"},{"type":"paragraph"},{"type":"codeBlock","content":[{"text":" \n\n","type":"text"}]},{"type":"paragraph"}],"version":1}

Browser not supported