Hi Ben, There is a step "Change ‘OpenSSO Login URL’ under Login URL to SP Token Issuer Endpoint URL" in "*Setup Policy Agent in OpenSSO" in the document STS_Setup_manual.doc, where the Login URL should be like http://openssohost:openssoport/opensso/WSFederationServlet/metaAlias/Fedsp.*
What url do you use? Can you verify the configurations of SP&IdP by opening https://openssohost:openssoSecurityPort/opensso/WSFederationServlet/metaAlias/Fedsp?goto=https://openssohost:openssoSecurityPort/opensso? What's the result? BTW, you need to change the above URLs to the host and port you used. On Wed, Sep 30, 2009 at 11:36 PM, Ben Dewey <[email protected]> wrote: > Here are the setting from my agent properties > > # > # LOGIN URL > # Specifies the login URLs to be used by the Agent to redirect > # incoming users without sufficient credentials to the OpenSSO > # authentication service. > # Hot-Swap Enabled: Yes > # > com.sun.identity.agents.config.login.url[0] = > http://sp.stonehenge.com:8090/opensso/UI/Login > > # > # LOGOUT URL > # Specifies the logout URLs to be used by the Agent to log out > # the authenticated users from the OpenSSO authentication service. > # Hot-Swap Enabled: Yes > # > com.sun.identity.agents.config.logout.url[0] = > http://sp.stonehenge.com:8090/opensso/UI/Logout > > > > -----Original Message----- > From: Ming Jin [mailto:[email protected]] > Sent: Wednesday, September 30, 2009 6:24 PM > To: [email protected] > Subject: Re: Metro CBS > > Ben, > What is the SSO login url in agent's configuration in OpenSSO? > https://sp.stonehenge.com:8181/opensso/fedlet? > > > > On Wed, Sep 30, 2009 at 9:33 PM, Ben Dewey <[email protected]> wrote: > > > Ming, > > > > I have setup everything for the Passive STS based on the STS manual, > > unfortunately I think I still missing something. > > > > 1. I access http://www.stonehenge.com:8092/trader_client > > > > 2. I get directed to https://sp.stonehenge.com:8181/opensso/fedlet > > > > 3. I get directed to https://idp.stonehenge.com:8183/opensso/fedlet > > > > 4. I get directed to https://idp.stonehenge.com:8183/opensso/UI/login > > > > 5. I login using User0 and xxx > > > > 6. I get directed back to the trader client page with an 'Invalid session > > ID' error below [1] > > > > Any idea what I'm missing? > > > > - Ben Dewey > > > > > > [1]: HTTP Status 500 - > > > > type Exception report > > > > message > > descriptionThe server encountered an internal error () that prevented it > > from fulfilling this request. > > > > exception > > javax.servlet.ServletException: AmAgentFilter: An exception has occured > > > > root cause > > javax.servlet.ServletException: com.iplanet.sso.SSOException: Invalid > > session ID. > > > > root cause > > com.iplanet.sso.SSOException: Invalid session ID. > > > > > > -- > Ming Jin > > Consultant > Thoughtworks, Inc > Twitter: https://twitter.com/mingjin > -- Ming Jin Consultant Thoughtworks, Inc Twitter: https://twitter.com/mingjin
