I commented out the SAML2SLO profile handler and was able to get it to come up. This is from the /idp/status
curl -k https://localhost:8443/idp/status ### Operating Environment Information operating_system: Linux operating_system_version: 2.6.32-431.el6.x86_64 operating_system_architecture: amd64 jdk_version: 1.7.0_45 available_cores: 2 used_memory: 353MB maximum_memory: 853MB start_time: 2014-06-25T21:36:13Z current_time: 2014-06-25T21:50:03Z uptime: 830815ms ### Identity Provider Information idp_version: 2.4.0 idp_start_time: 2014-06-25T21:36:13Z attribute_resolver_valid: true ### Relying Party Configurations relying_party_id: anonymous idp_entity_id: https://authenticate.uco.edu/idp/shibboleth default_authentication_method: none default_signing_tls_key: MIIDOzCCAiOgAwIBAgIUQEd8veDRh2EVM8czWY8iESBuDhgwDQYJKoZIhvcNAQEFBQAwHzEdMBsGA1UEAxMUYXV0aGVudGljYXRlLnVjby5lZHUwHhcNMTQwNjIwMTYwMjI4WhcNMzQwNjIwMTYwMjI4WjAfMR0wGwYDVQQDExRhdXRoZW50aWNhdGUudWNvLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKubhe8x74cKindiSdeyyYsYzp2eMnSh4N+t1yzxcDVGeqA7l97HvqXEs3EvG5DtGWP+ule3fuq/yEs2JGXq/0s50HHqbPhw0I6Yb87fcyVc4ytul81ONfWvFuldhBOLETC1z45SGOgCl3Gwew7UI79vrizMZL18xmMk3HTg47Gq6i+uJfGjKGpFg/Zzes7U8y0t6nHx3T5f8jmYRiefZrO4eV6Bb2lniVSzdHPWY/ksJ+LAmBCrpx0eLdWWtY61PTJVveMHzUL1IA0r7WJlFsCg1/jDOF6Y5wjkU8urJH9z0mK+4sJ0MnglZlWX0pSPU3NCr3zvWLuBzzZT3aHL2NMCAwEAAaNvMG0wTAYDVR0RBEUwQ4IUYXV0aGVudGljYXRlLnVjby5lZHWGK2h0dHBzOi8vYXV0aGVudGljYXRlLnVjby5lZHUvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFCAHuvtIxO/FxoduaE7c5Krc1mPxMA0GCSqGSIb3DQEBBQUAA4IBAQA++NuqD0mly7qNqQyOGuskNfjt560jcpGxULcS0bRRFluFR6xYKMYu4K7/xv7ex2UZaPOCTOmP/ZST7Gb4IwBg3pYPUm2b95neZ4aLeApLgqXRxkUVy/lmJQ1pGnIUedohw3jVuvuW8MbHCKO0Ij5jGzuxVDufIOZ0iIdJUEVANBomxJeCG5nhDATeT/PfUM5rcjHh+UinGbawWT5+tws7QwwY2fxd4ugNsnH2ReMfnpL1S2x1qTvt3c78L/wD1pKcPF6+dgQiZSjb7nv0pxHzD5gxlTIEjjilE88BdaffRmlVFEaugwNPi02F2+QlrZqwi2EL6EdDBQE1RkupI1HF relying_party_id: default idp_entity_id: https://authenticate.uco.edu/idp/shibboleth default_authentication_method: none default_signing_tls_key: MIIDOzCCAiOgAwIBAgIUQEd8veDRh2EVM8czWY8iESBuDhgwDQYJKoZIhvcNAQEFBQAwHzEdMBsGA1UEAxMUYXV0aGVudGljYXRlLnVjby5lZHUwHhcNMTQwNjIwMTYwMjI4WhcNMzQwNjIwMTYwMjI4WjAfMR0wGwYDVQQDExRhdXRoZW50aWNhdGUudWNvLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKubhe8x74cKindiSdeyyYsYzp2eMnSh4N+t1yzxcDVGeqA7l97HvqXEs3EvG5DtGWP+ule3fuq/yEs2JGXq/0s50HHqbPhw0I6Yb87fcyVc4ytul81ONfWvFuldhBOLETC1z45SGOgCl3Gwew7UI79vrizMZL18xmMk3HTg47Gq6i+uJfGjKGpFg/Zzes7U8y0t6nHx3T5f8jmYRiefZrO4eV6Bb2lniVSzdHPWY/ksJ+LAmBCrpx0eLdWWtY61PTJVveMHzUL1IA0r7WJlFsCg1/jDOF6Y5wjkU8urJH9z0mK+4sJ0MnglZlWX0pSPU3NCr3zvWLuBzzZT3aHL2NMCAwEAAaNvMG0wTAYDVR0RBEUwQ4IUYXV0aGVudGljYXRlLnVjby5lZHWGK2h0dHBzOi8vYXV0aGVudGljYXRlLnVjby5lZHUvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFCAHuvtIxO/FxoduaE7c5Krc1mPxMA0GCSqGSIb3DQEBBQUAA4IBAQA++NuqD0mly7qNqQyOGuskNfjt560jcpGxULcS0bRRFluFR6xYKMYu4K7/xv7ex2UZaPOCTOmP/ZST7Gb4IwBg3pYPUm2b95neZ4aLeApLgqXRxkUVy/lmJQ1pGnIUedohw3jVuvuW8MbHCKO0Ij5jGzuxVDufIOZ0iIdJUEVANBomxJeCG5nhDATeT/PfUM5rcjHh+UinGbawWT5+tws7QwwY2fxd4ugNsnH2ReMfnpL1S2x1qTvt3c78L/wD1pKcPF6+dgQiZSjb7nv0pxHzD5gxlTIEjjilE88BdaffRmlVFEaugwNPi02F2+QlrZqwi2EL6EdDBQE1RkupI1HF configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml2:query:attribute configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml1:sso configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml1:query:attribute configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml2:sso configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml2:logout configured_communication_profile: urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml1:query:artifact configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml2:query:artifact Ben Branch UNIX/Linux Administrator University of Central Oklahoma ITIL Foundation v3, Network+, RHCSA 100 N. University Drive, Box 122 Edmond, OK 73034 D: 405.974.2649 | M: 405.550.6804 | [email protected] | www.uco.edu “I am wiser than this man, for neither of us appears to know anything great and good; but he fancies he knows something, although he knows nothing; whereas I, as I do not know anything, so I do not fancy I do. In this trifling particular, then, I appear to be wiser than he, because I do not fancy I know what I do not know.” - Socrates -----Original Message----- From: Andrew Morgan [mailto:[email protected]] Sent: Wednesday, June 25, 2014 3:37 PM To: [email protected] Subject: RE: [cas-user] CAS-Shib Integration: Getting an error when deploying the idp.war The SAML2SLO profilehandler is new in IDP v2.4.0's XSD file. Are you perhaps using a handler.xml file from v2.4.0 but you are actually running IDP v2.3.8? The XSD file is stored in lib/shibboleth-identityprovider-2.4.0.jar (or lib/shibboleth-identityprovider-2.3.8.jar). Andy On Wed, 25 Jun 2014, Ben Branch wrote: > Okay, > > I made the change you recommended and I no longer get the error I was, but > I'm not getting a new error: > > Caused by: org.xml.sax.SAXParseException; lineNumber: 82; columnNumber: 105; > cvc-elt.4.2: Cannot resolve 'ph:SAML2SLO' to a type definition for element > 'ph:ProfileHandler'. > > ------------------------------------------- > > I haven't made any other changes to the handler.xml outside of the ones > recommended by Unicon in the CAS-Shib integration guide. > > > Ben Branch > UNIX/Linux Administrator > University of Central Oklahoma > ITIL Foundation v3, Network+, RHCSA > > 100 N. University Drive, Box 122 > Edmond, OK 73034 > D: 405.974.2649 | M: 405.550.6804 | [email protected] | www.uco.edu > > “I am wiser than this man, for neither of us appears to know anything > great and good; but he fancies he knows something, although he knows > nothing; whereas I, as I do not know anything, so I do not fancy I do. > In this trifling particular, then, I appear to be wiser than he, > because I do not fancy I know what I do not know.” - Socrates > > > -----Original Message----- > From: Andrew Morgan [mailto:[email protected]] > Sent: Wednesday, June 25, 2014 2:28 PM > To: [email protected] > Subject: RE: [cas-user] CAS-Shib Integration: Getting an error when > deploying the idp.war > > If I'm reading the shibboleth-2.0-idp-profile-handler.xsd right, the elements > must be placed in the file in a specific order: > > <xsd:element name="ProfileHandlerGroup"> > <xsd:annotation> > <xsd:documentation>Root of a profile handler configuration > file.</xsd:documentation> > </xsd:annotation> > <xsd:complexType> > <xsd:sequence> > <xsd:element name="ErrorHandler" type="ErrorHandlerType"/> > <xsd:element name="ProfileHandler" type="RequestHandlerType" > minOccurs="0" maxOccurs="unbounded"/> > <xsd:element name="LoginHandler" type="LoginHandlerType" > minOccurs="0" maxOccurs="unbounded"/> > </xsd:sequence> > </xsd:complexType> > </xsd:element> > > Put the CAS-Shib LoginHandler down with the other LoginHandler elements > (after the ProfileHandlers). > > Andy > > On Wed, 25 Jun 2014, Ben Branch wrote: > >> Chris, >> >> I should have posted the full xml file to show that I believe those >> pieces are in the handler.xml >> >> Full handler.xml: >> >> <?xml version="1.0" encoding="UTF-8"?> >> >> <ph:ProfileHandlerGroup >> xmlns:ph="urn:mace:shibboleth:2.0:idp:profile-handler" >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> xmlns:shib-cas="http://unicon.net/shib-cas/authn"; >> >> xsi:schemaLocation="urn:mace:shibboleth:2.0:idp:profile-handler >> >> classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd >> http://unicon.net/shib-cas/authn >> classpath:/schema/casLoginHandler.xsd"> >> >> >> <!-- CAS/Shib IDP External Login Handler. propertiesFile attribute >> is optional --> <ph:LoginHandler xsi:type="shib-cas:CasLoginHandler" >> >> propertiesFile="/opt/shibboleth-idp/conf/cas-shib.properties"> >> >> <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</ph:AuthenticationMethod> >> <shib-cas:paramBuilder >> class="net.unicon.idp.authn.provider.extra.EntityIdParameterBuilder" >> /> </ph:LoginHandler> >> >> <!-- Error Handler --> >> <ph:ErrorHandler xsi:type="ph:JSPErrorHandler" >> jspPagePath="/error.jsp"/> >> >> <!-- Profile Handlers --> >> <!-- >> All profile handlers defined below are accessed via the Servlet path >> "/profile" so if your profile >> handler's request path is "/Status" then the full path is >> "<servletContextName>/profile/Status" >> --> >> <ph:ProfileHandler xsi:type="ph:Status"> >> <ph:RequestPath>/Status</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAMLMetadata" >> metadataFile="/opt/shibboleth-idp/metadata/idp-metadata.xml"> >> <ph:RequestPath>/Metadata/SAML</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:ShibbolethSSO" >> inboundBinding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:1.0:profiles:browser-post >> >> urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"> >> <ph:RequestPath>/Shibboleth/SSO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML1AttributeQuery" >> inboundBinding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"> >> <ph:RequestPath>/SAML1/SOAP/AttributeQuery</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML1ArtifactResolution" >> inboundBinding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"> >> <ph:RequestPath>/SAML1/SOAP/ArtifactResolution</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SSO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/POST/SSO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SSO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/POST-SimpleSign/SSO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SSO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/Redirect/SSO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SSO" >> inboundBinding="urn:mace:shibboleth:2.0:profiles:AuthnRequest" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/Unsolicited/SSO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2ECP" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"> >> <ph:RequestPath>/SAML2/SOAP/ECP</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SLO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/Redirect/SLO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SLO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/POST/SLO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SLO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST >> >> urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"> >> <ph:RequestPath>/SAML2/POST-SimpleSign/SLO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SLO" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"> >> <ph:RequestPath>/SAML2/SOAP/SLO</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2SLO" >> inboundBinding="urn:mace:shibboleth:2.0:profiles:LocalLogout"> >> <ph:RequestPath>/Logout</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2AttributeQuery" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"> >> <ph:RequestPath>/SAML2/SOAP/AttributeQuery</ph:RequestPath> >> </ph:ProfileHandler> >> >> <ph:ProfileHandler xsi:type="ph:SAML2ArtifactResolution" >> inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" >> >> outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"> >> <ph:RequestPath>/SAML2/SOAP/ArtifactResolution</ph:RequestPath> >> </ph:ProfileHandler> >> >> <!-- Login Handlers --> >> <ph:LoginHandler xsi:type="ph:RemoteUser"> >> >> <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</ph:AuthenticationMethod> >> </ph:LoginHandler> >> >> <!-- Login handler that delegates the act of authentication to an >> external system. --> >> <!-- This login handler and the RemoteUser login handler will be merged >> in the next major release. --> >> <!-- >> <ph:LoginHandler xsi:type="ph:ExternalAuthn"> >> >> <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</ph:AuthenticationMethod> >> <ph:QueryParam name="foo" value="bar" /> >> </ph:LoginHandler> >> --> >> >> <!-- Username/password login handler --> >> <!-- >> <ph:LoginHandler xsi:type="ph:UsernamePassword" >> >> jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config"> >> >> <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod> >> </ph:LoginHandler> >> --> >> >> <!-- >> Removal of this login handler will disable SSO support, that is it >> will require the user to authenticate >> on every request. >> --> >> <ph:LoginHandler xsi:type="ph:PreviousSession"> >> >> <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</ph:AuthenticationMethod> >> </ph:LoginHandler> >> >> </ph:ProfileHandlerGroup> >> >> Ben Branch >> UNIX/Linux Administrator >> University of Central Oklahoma >> ITIL Foundation v3, Network+, RHCSA >> >> 100 N. University Drive, Box 122 >> Edmond, OK 73034 >> D: 405.974.2649 | M: 405.550.6804 | [email protected] | www.uco.edu >> >> “I am wiser than this man, for neither of us appears to know anything >> great and good; but he fancies he knows something, although he knows >> nothing; whereas I, as I do not know anything, so I do not fancy I do. >> In this trifling particular, then, I appear to be wiser than he, >> because I do not fancy I know what I do not know.” - Socrates >> >> -----Original Message----- >> From: Charles Hasegawa [mailto:[email protected]] >> Sent: Wednesday, June 25, 2014 1:04 PM >> To: [email protected] >> Subject: Re: [cas-user] CAS-Shib Integration: Getting an error when >> deploying the idp.war >> >> ok, seeing that their definition of login handler is expecting an >> ErrorHandler. >> >> You should check that they have a valid file. The expectation was that >> they'd ADD to the existing handler.xml, not just have a file with the header >> and loginHandler. They still need all the other stuff. >> >> >> >> ----- Original Message ----- >> From: "Ben Branch" <[email protected]> >> To: [email protected] >> Sent: Wednesday, June 25, 2014 10:18:38 AM >> Subject: [cas-user] CAS-Shib Integration: Getting an error when >> deploying the idp.war >> >> >> >> >> All, >> >> >> >> I’ve been following the Unicon guide on how to integrate Shibboleth with >> CAS. I thought I had everything configured properly, but that does not >> appear to be the case. I’m getting the following error in my catalina.out: >> >> >> >> Jun 25, 2014 11:32:47 AM org.apache.jk.server.JkMain start >> >> at >> org.apache.catalina.core.StandardService.start(StandardService.java:5 >> 1 >> 6) >> >> at >> org.apache.catalina.core.StandardServer.start(StandardServer.java:710 >> ) >> >> at org.apache.catalina.startup.Catalina.start(Catalina.java:593) >> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. >> j >> ava:57) >> >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces >> s >> orImpl.java:43) >> >> at java.lang.reflect.Method.invoke(Method.java:606) >> >> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) >> >> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) >> >> Caused by: >> edu.internet2.middleware.shibboleth.common.service.ServiceException: >> Configuration was not loaded for shibboleth.HandlerManager service, error >> creating components. >> >> at >> edu.internet2.middleware.shibboleth.common.config.BaseService.loadCon >> t >> ext(BaseService.java:192) >> >> at >> edu.internet2.middleware.shibboleth.common.config.BaseReloadableServi >> c >> e.initialize(BaseReloadableService.java:148) >> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. >> j >> ava:57) >> >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces >> s >> orImpl.java:43) >> >> at java.lang.reflect.Method.invoke(Method.java:606) >> >> at >> org.springframework.beans.factory.support.AbstractAutowireCapableBean >> F >> actory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java: >> 1414) >> >> at >> org.springframework.beans.factory.support.AbstractAutowireCapableBean >> F >> actory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1375 >> ) >> >> at >> org.springframework.beans.factory.support.AbstractAutowireCapableBean >> F >> actory.initializeBean(AbstractAutowireCapableBeanFactory.java:1335) >> >> ... 39 more >> >> Caused by: org.xml.sax.SAXParseException; lineNumber: 14; columnNumber: 66; >> cvc-complex-type.2.4.a: Invalid content was found starting with element >> 'ph:LoginHandler'. One of >> '{"urn:mace:shibboleth:2.0:idp:profile-handler":ErrorHandler}' is expected. >> >> at >> org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Un >> k >> nown Source) >> >> at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source) >> >> at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown >> Source) >> >> at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown >> Source) >> >> at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown >> Source) >> >> at >> org.apache.xerces.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportE >> r >> ror(Unknown Source) >> >> at >> org.apache.xerces.impl.xs.XMLSchemaValidator.reportSchemaError(Unknow >> n >> Source) >> >> at >> org.apache.xerces.impl.xs.XMLSchemaValidator.handleStartElement(Unkno >> w >> n Source) >> >> at org.apache.xerces.impl.xs.XMLSchemaValidator.startElement(Unknown >> Source) >> >> at >> org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unkn >> o >> wn Source) >> >> at >> org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContent >> D >> ispatcher.dispatch(Unknown Source) >> >> at >> org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Un >> k >> nown Source) >> >> at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) >> >> at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) >> >> at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) >> >> at org.apache.xerces.parsers.DOMParser.parse(Unknown Source) >> >> at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source) >> >> at >> edu.internet2.middleware.shibboleth.common.config.SpringDocumentLoade >> r >> .loadDocument(SpringDocumentLoader.java:56) >> >> at >> org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadB >> e >> anDefinitions(XmlBeanDefinitionReader.java:396) >> >> at >> org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBea >> n >> Definitions(XmlBeanDefinitionReader.java:342) >> >> at >> org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBea >> n >> Definitions(XmlBeanDefinitionReader.java:310) >> >> at >> org.springframework.beans.factory.support.AbstractBeanDefinitionReade >> r >> .loadBeanDefinitions(AbstractBeanDefinitionReader.java:143) >> >> at >> edu.internet2.middleware.shibboleth.common.config.SpringConfiguration >> U >> tils.populateRegistry(SpringConfigurationUtils.java:89) >> >> at >> edu.internet2.middleware.shibboleth.common.config.BaseService.loadCon >> t >> ext(BaseService.java:170) >> >> ... 47 more >> >> >> >> Jun 25, 2014 11:32:47 AM org.apache.catalina.core.StandardContext >> start >> >> SEVERE: Error listenerStart >> >> Jun 25, 2014 11:32:47 AM org.apache.catalina.core.StandardContext >> start >> >> SEVERE: Context [/idp] startup failed due to previous errors >> >> >> >> >> >> My /opt/shibboleth-idp/handler.xml (as per the Unicon guide): >> >> <ph:ProfileHandlerGroup >> xmlns:ph="urn:mace:shibboleth:2.0:idp:profile-handler" >> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> >> xmlns:shib-cas="http://unicon.net/shib-cas/authn"; >> >> xsi:schemaLocation="urn:mace:shibboleth:2.0:idp:profile-handler >> >> classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd >> >> http://unicon.net/shib-cas/authn >> >> classpath:/schema/casLoginHandler.xsd"> >> >> >> >> >> >> <!-- CAS/Shib IDP External Login Handler. propertiesFile attribute is >> optional --> >> >> <ph:LoginHandler xsi:type="shib-cas:CasLoginHandler" >> >> propertiesFile="/opt/shibboleth-idp/conf/cas-shib.properties"> >> >> <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspe >> c >> ified</ph:AuthenticationMethod> >> >> <shib-cas:paramBuilder >> class="net.unicon.idp.authn.provider.extra.EntityIdParameterBuilder" >> /> >> >> </ph:LoginHandler> >> >> >> >> ------------------------------------------------------------------- >> >> >> >> I’m not really sure where to go on this, I believe I have everything setup >> properly, but I do not understand why I am still receiving this error >> message. Any help on this would be greatly appreciated. >> >> >> >> >> >> Ben Branch >> UNIX/Linux Administrator >> >> University of Central Oklahoma >> >> ITIL Foundation v3, Network+, RHCSA >> >> 100 N. University Drive, Box 122 >> >> Edmond, OK 73034 >> >> D: 405.974.2649 | M: 405.550.6804 | bbranch@uco. edu | www.uco.edu >> >> >> >> “ I am wiser than this man, for neither of us appears to know >> anything great and good; but he fancies he knows something, although >> he knows nothing; whereas I, as I do not know anything, so I do not fancy I >> do. >> In this trifling particular, then, I appear to be wiser than he, >> because I do not fancy I know what I do not know. ” - Socrates >> >> >> **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, >> and Green! Please print this e-mail only if absolutely necessary! >> >> **CONFIDENTIALITY** -This e-mail (including any attachments) may >> contain confidential, proprietary and privileged information. Any >> unauthorized disclosure or use of this information is prohibited. -- >> You are currently subscribed to [email protected] as: >> [email protected] To unsubscribe, change settings or access >> archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] To unsubscribe, change settings or access archives, >> see http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> >> **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, >> and Green! Please print this e-mail only if absolutely necessary! >> >> **CONFIDENTIALITY** This e-mail (including any attachments) may contain >> confidential, proprietary and privileged information. Any unauthorized >> disclosure or use of this information is prohibited. >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] To unsubscribe, change settings or access archives, >> see http://www.ja-sig.org/wiki/display/JSG/cas-user > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user > > **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and > Green! Please print this e-mail only if absolutely necessary! > > **CONFIDENTIALITY** This e-mail (including any attachments) may contain > confidential, proprietary and privileged information. Any unauthorized > disclosure or use of this information is prohibited. > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and Green! Please print this e-mail only if absolutely necessary! **CONFIDENTIALITY** This e-mail (including any attachments) may contain confidential, proprietary and privileged information. Any unauthorized disclosure or use of this information is prohibited. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
