Shibboleth Developers

At 3:29 PM -0400 9/16/05, Howard Gilbert wrote:
> I propose instructions to change occurrences of "sp.example.org" to 
> the machine on which the SP is installed. This both sets the 
> handlerURL to the right value and establishes an Entity name that is 
> not in the IdP Metadata. The entity name of "sp.example.org" is in 
> its Metadata and produces a shire lookup error if not changed.

I accessed the IQ test page, and used  Example State as my IdP. This 
worked successfully. Here's the relevant contents of the SHAR log 
file;they describe the AA access

this, at least, tells you where the match occurred.....

2005-09-16 16:33:30 DEBUG SAML.SAMLSOAPHTTPBinding.CURLPool [2316] 
sessionGet: getting connection handle to 
https://wayf.internet2.edu:8443/shibboleth-idp/AA
2005-09-16 16:33:30 DEBUG SAML.SAMLSOAPHTTPBinding.CURLPool [2316] 
sessionGet: returning existing connection handle from pool
2005-09-16 16:33:30 INFO SAML.SAMLSOAPHTTPBinding [2316] sessionGet: 
sending SOAP message to 
https://wayf.internet2.edu:8443/shibboleth-idp/AA
2005-09-16 16:33:30 DEBUG SAML.libcurl [2316] sessionGet: About to 
connect() to wayf.internet2.edu port 8443
2005-09-16 16:33:30 DEBUG SAML.libcurl [2316] sessionGet:   Trying 
207.75.164.28...
2005-09-16 16:33:30 DEBUG SAML.libcurl [2316] sessionGet: connected
2005-09-16 16:33:30 DEBUG SAML.libcurl [2316] sessionGet: Connected 
to wayf.internet2.edu (207.75.164.28) port 8443
2005-09-16 16:33:30 DEBUG shibtarget.ShibHTTPHook [2316] sessionGet: 
OpenSAML invoked SSL context callback
2005-09-16 16:33:30 DEBUG SAML.libcurl [2316] sessionGet: SSL 
re-using session ID
2005-09-16 16:33:30 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Client hello (1):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Server hello (2):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, CERT (11):
2005-09-16 16:33:31 DEBUG OpenSSL [2316] sessionGet: invoking default 
X509 verify callback
2005-09-16 16:33:31 DEBUG Shibboleth.Trust.Basic [2316] sessionGet: 
comparing certificate to KeyDescriptors
2005-09-16 16:33:31 DEBUG Shibboleth.Trust.Basic [2316] sessionGet: 
failed to find an exact match for certificate in KeyDescriptors
2005-09-16 16:33:31 DEBUG Shibboleth.Trust.Shibboleth [2316] 
sessionGet: performing certificate path validation...
2005-09-16 16:33:31 DEBUG Shibboleth.Trust.Shibboleth [2316] 
sessionGet: building CA list from KeyAuthority extension
2005-09-16 16:33:31 INFO Shibboleth.Trust.Shibboleth [2316] 
sessionGet: successfully validated certificate chain
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Server key exchange (12):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Request CERT (13):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Server finished (14):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, CERT (11):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Client key exchange (16):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, CERT verify (15):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
change cipher, Client hello (1):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Finished (20):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
change cipher, Client hello (1):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSLv3, TLS 
handshake, Finished (20):
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSL 
connection using DHE-RSA-AES256-SHA
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: Server certificate:
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: SSL 
certificate verify ok.
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: POST 
/shibboleth-idp/AA HTTP/1.1
2005-09-16 16:33:31 DEBUG SAML.libcurl [2316] sessionGet: HTTP/1.1 200 OK