<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hey all,<div><br class="webkit-block-placeholder"></div><div>I'm trying to run the ECP plugin against whatever I can to make sure it works right ... (which means it doesn't yet) ... although I am about to check in more changes today ...</div><div><br class="webkit-block-placeholder"></div><div>Any and or all test harness / staging server links would be most appreciated.</div><div><br class="webkit-block-placeholder"></div><div>I was going to send this email to Scott, but I guess I'm looking for help in general, not just targeting Scott.</div><div><br class="webkit-block-placeholder"></div><div><br><div><br class="webkit-block-placeholder"></div><div>The ECP now handles the response given from <a href="https://sp.example.org/cgi-bin/printenv">https://sp.example.org/cgi-bin/printenv</a></div><div><br class="webkit-block-placeholder"></div><div>kinda ...</div><div><br class="webkit-block-placeholder"></div><div>anyway, I get the response from the SP, and send a POST via XMLHttpRequest, with the filtered samlp:AuthnRequest node, like so ...</div><div><br class="webkit-block-placeholder"></div><div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><?xml version="1.0" encoding="ISO-8859-1"?></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><SOAP-ENV:Envelope xmlns:SOAP-ENV="<a href="http://schemas.xmlsoap.org/soap/envelope/">http://schemas.xmlsoap.org/soap/envelope/</a>" xmlns:samlp="<a href="urn:oasis:names:tc:SAML:2.0:protocol">urn:oasis:names:tc:SAML:2.0:protocol</a>"></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "> <SOAP-ENV:Body></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "> <samlp:AuthnRequest xmlns:samlp="<a href="urn:oasis:names:tc:SAML:2.0:protocol">urn:oasis:names:tc:SAML:2.0:protocol</a>" AssertionConsumerServiceURL="<a href="https://sp.example.org/Shibboleth.sso/SAML2/ECP">https://sp.example.org/Shibboleth.sso/SAML2/ECP</a>" ID="_fe0693b191d2daa228cfae76e1439d2a" IssueInstant="2008-03-13T15:10:55Z" ProtocolBinding="<a href="urn:oasis:names:tc:SAML:2.0:bindings:PAOS">urn:oasis:names:tc:SAML:2.0:bindings:PAOS</a>" Version="2.0"><saml:Issuer xmlns:saml="<a href="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:assertion</a>"><a href="https://sp.example.org/shibboleth">https://sp.example.org/shibboleth</a></saml:Issuer><samlp:NameIDPolicy AllowCreate="1"/><samlp:Scoping><samlp:IDPList><samlp:IDPEntry ProviderID="<a href="https://idp.example.org/shibboleth">https://idp.example.org/shibboleth</a>"/></samlp:IDPList></samlp:Scoping></samlp:AuthnRequest></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "> </SOAP-ENV:Body></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "></SOAP-ENV:Envelope></div></div><div><br class="webkit-block-placeholder"></div><div>to url (taken from IDPEntry providerID ) <span class="Apple-style-span" style="font-family: Monaco; font-size: 11px; "><a href="https://idp.example.org/shibboleth">https://idp.example.org/shibboleth</a></span></div><div><br class="webkit-block-placeholder"></div><div><br class="webkit-block-placeholder"></div><div>with </div><div><br class="webkit-block-placeholder"></div><div>Content-Type: text/xml</div><div>SOAPAction: ""</div><div><br class="webkit-block-placeholder"></div><div>and I get a 404 response ... is this just because the IdP is not set up right, or because I'm doing something wrong ...</div><div> any thoughts?</div><div><br class="webkit-block-placeholder"></div><div>NOTE: I was expecting to get a 'Loc' attribute from the IDPEntry node ... and in other places I have seen other variants ... anyone have an IdP to test the ECP against?</div><div><br class="webkit-block-placeholder"></div><div><br class="webkit-block-placeholder"></div><div>NOTE #2: Am I supposed to have an IdP url cached on the ECP plugin side (by providerID) or get it from the user or UserAgent? </div><div><br class="webkit-block-placeholder"></div><div>- Peter Pritchard</div><div><br class="webkit-block-placeholder"></div><div><a href="mailto:peter.openliberty@zenn.net">peter.openliberty@zenn.net</a><br><div><div><br></div></div></div></div></body></html>