Thanks for the quick reply

Figured the target right after I sent the email, I'll add entidyid.

I also think my idp is NOT returning all required values eppn,...,...,...

Thanks again.


From: Aaron Coburn []
Sent: Tuesday, October 11, 2011 3:51 PM
Subject: Re: VCL Shibboleth

Hello, Yanik,
It seems that you are forgetting the "target" attribute in the URL.
Your configuration in conf.php should look something like this:

$authMechs = array(
            "Affiliation 1" => array("type" => "redirect"
=> "/Shibboleth.sso/Login?target=/shibauth&entityID={entityID for the IdP}"
"affiliationid" => 0);

It is also helpful to use the entityID attribute (depending on your SP 
configuration), especially if there are multiple IdPs involved. That value may 
look something like this:

Best regards,

Aaron Coburn
Systems Administrator and Programmer
Academic Technology Services, Amherst College
(413) 542-5451<>

On Oct 11, 2011, at 3:35 PM, Yannick Charbonneau wrote:

Hi All,

We have a testing vcl implementation up, we are currently trying to get it to 
authenticate using our shibboleth idp (simple, single idp).

I'm at the point now where I can pick Shibboleth, get redirected to our idp, 
but once I log in, I get redirected to the home of vcl as opposed to 

I manage to get to the right place if I play around with the actionurl, but 
then I always get;

You have attempted to log in to VCL using a Shibboleth
Identity Provider that VCL has not been configured to
work with. VCL administrators have been notified of the

What should I put in the URL field, I tried (without success);  (this one gets me back to the vcl 
home after successful logins, but NOT authenticated) This one gives me the error above

Thank you,

Sorry if this is NOT the right place.



Reply via email to