Perl 6 - the future is here, just unevenly distributed

IRC log for #shibboleth, 2017-04-19

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:54 m9xDRv8TeTry joined ##shibboleth
14:00 Es0teric joined ##shibboleth
14:48 Es0teric joined ##shibboleth
16:25 yoberi joined ##shibboleth
17:13 Es0teric joined ##shibboleth
17:58 Es0teric joined ##shibboleth
18:06 cyberlard joined ##shibboleth
20:19 Es0teric joined ##shibboleth
20:39 Es0teric joined ##shibboleth
21:00 yoberi Hi all, I'm new to SAML in general and specifically to Shibboleth. I'm having a few issues with a test SAML installation. I have Shibboleth 3.3.1 on Ubuntu 16.04 LTS as an IdP which I've tested with the https://sp.testshib.org example with some success. One thing that I can't figure out how to do is for the SAML response sent to the SP to include an assertion  regarding the uid. I'm able to log in via the web forms shown by the
21:00 yoberi IdP upon redirect with the SAML Request. When I provide proper credentials, I see in the log file that authn is successful and a SAML response is generated and sent with a redirect back to the SP, however no LDAP sourced data ends up in the SAML response!  Should I be configuring metadata for this? Perhaps via a *.properties configuration file? Maybe relaying-party.xml or attribute-resolver.xml? I've tweaked each of these to some
21:00 yoberi degree without success. I'm using a local LDAP install that contains a few test users.
21:00 yoberi Thanks for any help/advice. I've been struggling with this issue for a bit now.
21:09 pdurbin yoberi: have you asked on the shib users mailing list yet?
21:09 yoberi I haven't; is that where I should ask for help first?
21:10 pdurbin It certainly doesn't hurt to ask here, to talk it out and all. I'd give other people some time to respond but then try the mailing list. I only know the SP side. Sorry.
21:15 yoberi Talking it out is often a good first step to defining the problem. I'll reply with a solution if/when I find it out. That's for chiming in pdurbin.
21:16 pdurbin Yeah. You're welcome. Good luck.
22:02 yoberi I think I found the solution to the issue with the SAMPL responses not containing any attributes: conf/attribute-filter.xml is set to a pretty restrictive default of not adding any attributes unless you relax the settings.
22:03 yoberi It's _a_ solution, perhaps not _the_ solution
22:31 pdurbin yoberi: sounds familiar to what I do on the SP side: http://guides.dataverse.org/en/4.6.1/installation/shibboleth.html#attribute-map-xml

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary