Shibboleth with Azure -

-

i trying follow documentation on integrating shibboleth idp 3 azure sso purposes, , in application receive exception when try acquire token (acquiretoken()):

an unhandled exception of type 'microsoft.identitymodel.clients.activedirectory.adalexception' occurred in microsoft.identitymodel.clients.activedirectory.dll

additional information: missing_federation_metadata_url: federation metadata url missing federated user. user type unsupported.

i trying understand telling me. best can tell it's expecting me upload metadata in acs (access control service) not see documented anywhere. means? if so, how can right metadata upload? in shibboleth, can find boilerplate metadata.

if i'm going down wrong path, clarify?

edit: please note i'm doing investigation, , i'm pretty new setting federated setup. may doing totally wrong. i've done far, , issues i've identified.

  1. set domain in azure, , connected onprem domain using azure connect tool. sync going ok. azure shows domain verified.

  2. installed shibboleth 3, jetty 9.3 on own server (not in azure). added azure metadata shibboleth.

  3. converted domain sso. can validate if try log in domain user azure through azure web login, sends me "https:///idp/profile/saml2/post/sso' url. @ point "web login service - unsupported request: application have accessed not registered use service". trying solve issue right now. not sure if it's related issue in question.

  4. created webapp , native client in azure use testing. when run native app, gives me error mentioned above. many guides talk office 365 integration, want integrate own service.

to point, followed various guides, such following. in cases hard tell if guides shibboleth 2 or 3.

plus additional ones in various blog posts more or less followed same approaches.

[edit2] adal usage:

i tried few variations, executing domain-joined machine:

var authority = "https://login.windows.net/{mytenant}"; var uc = new usercredential(upn); string native_client_id = "... native client uuid azure..."; uri native_client_redir = new uri("... native client redirect uri azure..."); ...  // gives above mentioned error         ... = authcontext.acquiretoken(resource, native_client_id, new usercredential())  // these bring generic login form, , once type in upn, form     // goes away , dies authentication_ui_failed error.      // suspect pointing somethign wrong shibboleth     // installation or url in azure being misconfigured? hoping     // took username hint.  ... = authcontext.acquiretoken(resource, native_client_id, native_client_redir,             promptbehavior.auto, new useridentifier(upn, useridentifiertype.uniqueid))  or  ... = authcontext.acquiretoken(resource, native_client_id, native_client_redir)

what trying is:

  1. be able authenticate domain user.

  2. hopefully in end allow sso without prompting, based on domain credentials.


Comments

Post a Comment

Popular posts from this blog

javascript - Chart.js (Radar Chart) different scaleLineColor for each scaleLine -

-
Image
i try , create radar chart using chart.js has various colours each scaleline, or coloured between scalelines. wondering if possible? from: to: i have working graph, though there doesn't seem method change individual scale lines. kind regards leigh you can extend radar chart type this, so chart.types.radar.extend({ name: "radaralt", initialize: function (data) { chart.types.radar.prototype.initialize.apply(this, arguments); var originalscaledraw = this.scale.draw; var ctx = this.chart.ctx; this.scale.draw = function () { var linewidth = this.linewidth; // bypasses line drawing in originalscaledraw this.linewidth = linewidth; originalscaledraw.apply(this, arguments); ctx.linewidth = this.linewidth; var scale = this; // draw chart.helpers.each(scale.ylabels, function (label, index) { // color of ...
Read more

apache - Error with PHP mail(): Multiple or malformed newlines found in additional_header -

-
suddenly have started receiving above error without changes having been made script. host 1and1 (i know...) the script still works fine on different server, , suspicion there must have been server config change has lead this, although hosts plead ignorance. there's no information on above error @ in google can find - have ideas? server running apache if helps. had similar problem. came out of blue. no php code changed. what changed: php upgraded 5.5.25-1 5.5.26. a security risk in php mail() function has been fixed , newlines in additional_headers allowed no more. because newlines mean: starts email message (and surely don't want inject newlines through headers followed evil message). what have worked fine, e.g. having newlines after headers or passing whole message additional_headers , function no more. solution : sanitize headers. no multiple newlines in additional_headers argument. these count "multiple or malformed newlines":...
Read more

java - Android – MapFragment overlay button shadow, just like MyLocation button -

-
Image
i'm struggling add shadow custom overlay button on google map. goal make custom button google's mylocation button. here's how app looks now: layout.xml <relativelayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" xmlns:map="http://schemas.android.com/apk/res-auto" android:layout_height="match_parent" android:layout_width="match_parent" style="@style/apptheme"> <fragment android:layout_width="match_parent" android:layout_height="match_parent" android:id="@+id/map" tools:context=".mapsactivity" android:name="com.google.android.gms.maps.supportmapfragment" android:layout_alignparentend="true" android:layout_alignparentstart="true" android:layout_alignparentbottom="true" ...
Read more