2012-11-19 63 views
0

我也在嘗試探索fedlet + adfs聯邦。面臨的問題在adfs和fedlet fedular

我所擁有的是:

  1. 安裝在計算機A上ADFS服務器我還添加了Fedlet添加爲依託的一部分,但是當我進入回答黨聯合元數據網址,然後點擊測試其網址拋給我他的例外: 讀取聯合元數據時發生錯誤。驗證url或主機名是否爲有效的聯合元數據端點。 但我已經在依賴部分添加了fedlet的證書,並且還設置了算法是SHA-1。

  2. openam設置在機器上完成B.在同一臺機器上的openam和tomcat中添加了adfs證書。

  3. 創建使用該openam構建一個Fedlet添加和設置有被安裝在機器A上的ADFS爲我主持的身份提供者,這產生Fedlet添加戰也部署在機器B

發生了什麼:

  1. 當我訪問從它不必鏈接機器A的瀏覽器上線1的點擊它使調用ADFS並要求ADFS登錄憑據Fedlet添加鏈接。

  2. 一旦我輸入憑據它重定向我回Fedlet添加應用程序,但下面的異常是越來越拋出:

HTTP狀態500 - 響應無效的狀態代碼。

如果有人能幫我解決這個異常,我會非常感激。

更新:

當我解碼用firefox的SAML示蹤插件我得到以下發送到Fedlet添加應用程序的響應:

pVZpk6LKEv3%2BIt5%2F6Oj5SHSzimh0d0QBLqiobKJ8ecFSIsgmBbL8%2Bov2OK%2B7x5k39z6JcMlKT9bJU5WZL8iOo2yoQpSlCYIPkvj6%2BB% 2BX4TjW8ZinPU3vn5g9yz05LMs8eSzDEIRjk9CDj%2F%2F%2B18OX1wbmKEiT10fqmbizLCFUQilBhZ0UnQ9BUk8k%2BUQROjEY9ohhr%2F9M0rR1548iREWQ2MUV%2B1AUGRrieP18ffA99CJYfP%2BwsywK3KvnHRzhwvASu8yTYWqjAA0TO4ZoWLhDDciLYbfvofvuNCwTlEE32AfQu8cluWVMT18fEeUyFAG5Pst6vR7L0LTrsjTLUHZv4PaJHuvZLNlzaOJe1uo4StDwKsPvd5blaZG6aXQH4%2B3d9HJNcf4O%2BXswGyGYX%2FP0dslol1Db26 NnL43tIHl20%2Fj6G%2B%2BczoELEV7kJSpe8PcAt3AeGmqB3ylT5vA7Dw%2B9S9QBVlX1XNHPae7jFEEQODHAOx8PBf63x7f%2FcrihQE9K9unbZ3KXRcFO0qRTNQraq7IyLA6p9wAiP82D4hD%2FIiCJk8Ql4BOs3SeXZJJvjw%2F4HfgfDP4Q9xORHNlP6GCT96FVuIc5TFz4YKjS6%2BO3P7tYbz%2FrewHTcztB%2BzSP0R2Hn5z%2BHg2YnGGUZtB7Qrds%2FMzon8X5ExmuqPj%2F4niJKwZ%2BVwz%2BiVL3VfqMu7GjEr55ZX9anpIN2bf6qoct96bqrszMOs92r9ddfnT%2BIjr%2BUfWPhxz%2F1Sn%2FdATfMXf2EqT0SJLI49QOGnqZm0WTJUpPTaaypiog27Pbs7tjTUFgGCsmZlFu2cfjckU006q%2FHkT7zelc78wGyQythpzobCYBNjuhY6GUROvaU2%2FPMP05e9R9ZtuPPMWWpVHsj%2Bt1eZhVcrPqp9i2EElWbQQqFARrMAl3PqUjESMYV9C1FOgL45zmlrW2R%2BF%2BLmwXI08cGOo% 2BwAesH6hj3%2B%2BdMNiGU7IsqNY%2FlHr37lq8OeZmNUkJ7KHAcDgZr0f2om8d0h5LMbXXXYOpv%2FHLw1JbgRmcmU5ixgfBXXBOnzvJRL4O%2BRS%2BNwbhVJm6XLOwkCILo%2FmZQ81JdzyIn4WDJ2VujCowckdBKWm2T58oAF5ff4jwIdcfhJjD5qLNrXr%2BvSp2k3LbIwaiXdi%2FOGeXZeFSePeXNgXfZEkS6C7BwLV9UEk88CXFoOK68sPVmBmDjCYtpwYKbMGS94%2BnwzGYDCqCBwoaAxHksnasZtVO3CiKOGp4Xh1ZujReZhbVy5zY9RcaT9sm09itX1pmr91tZ8UiXp4dHcBxRdRyOKpl0a3k1mDkkLevtvazTRZQPddBwvvLDQ9kXRqN R2ok%2BwYVJU4clVYDCmnqZU44y1dCL3KS5cGNiXJHDYqOHy%2BFX%2FC%2BGgOwEoDCgcu64M%2B77yOQzeuUDHB9uuOqJZrI%2FcBuIW5PxxMu4bdYP%2FDS88KYZAZacO3By2miCEuVZ%2BtclRf0fn7Gp%2BegpbE6JVZy6ykGia1U3m0AEBkL2yxoYiEYRInlSdV4Hr6ar4Kgql1sPGkt6kTvBxUTCyaIHCTRbdavV4W%2F25BrsivLTTEjJ0Wk4dZ0MyvXihVmMuLoaGVtNqmhRhHGnYxeaRqN6QasFFcZq54napYw51lTj8wskQsNKD0qYo9OuLD0CO1VFVfpdWSRM2LJl%2BRaBAvZ3x7yqXscTBJB5wbqZK7vnXPeugI3O%2BSM0RLmCizNnSjHa0WjS42khd7a7Z82JEpzODpHI9USKJfWdoGAjs7BLxRJBArgZUBMBO000SSHFpURL1QGAEx33hTe8nLYqpQYOw3XAjvsT%2FltVyfWerYJnUgtx2OJYXYn2VDPYh1L3FkaVGo4XxaZcqIaQwudrZqmLhpVOzecjgWBNGe5iRlJuDrYbojpwuGEHTlmBU%2FmhK4yaZq4Jh3QvfocZlufqAmy8Bel4YOVtFtSq3mCHTcoL3DnCBtSbR14sPgQQUmiNDs4JtDugT1OcnYc6GW1sAG5Ya2d56i67i3pNVaLE6ewgbeeDTQ585Vdj1tjyr60HCoiG4xpbWuCTeudU2NGoG6zoBFhn%2BoNEnrixfpxEk6aza4AKcoJlipdUQyTZJxYuTZL5%2Bqq6wuxztIZu41509d0k8a74hMP5Hqzma5PUcnbalkY11Lz9bLf6RV3ysUL%2Fr0Q3aasT1XrZnwf27WiM37slZ%2FsQurBh2uZ%2B%2F0siK7eXd86lV1fg%2FlPde3%2FAJWScze4ectuXRLXaTedN5%2B78Av%2BFf0H7y8cb4bb5N2ZLs9f

以上代碼爲已編碼形式,請解壓縮。

所以根據我的理解,異常是由於一些無效的nameid策略而引起的。我應該如何解決這個問題?

回答

0

「讀取聯合元數據時發生錯誤。」

你可以經常忽略這個。我假設你的連接是https?

爲什麼你有一個針對fedlet的證書?你想簽署AuthnResponse嗎?

看那ADFS日誌 - How to Enable Debug Logging for Active Directory Federation Services 2.0 (AD FS 2.0)

設置在Fedlet添加登錄 - 在FederationConfig.properties:

#com.iplanet.services.debug.level=error 
com.iplanet.services.debug.level=message 

看那SAML數據 - ADFS : I want to see the SAML data

+0

我已經更新了我的問題與我得到的repsonse可以告訴出了什麼問題,我怎麼解決它。 –

+0

嘿,請你能幫我解決這個異常:http:// stackoverflow。com/questions/13496078/http-status-500-null-input-expect-while-redirecting-to-fedlet-from-adfs,並且我對上述評論問題表示贊同。 –