...
| Panel | ||||
|---|---|---|---|---|
You will probably also want to customize the error pages and support contact information listed in the Errors <Errors> element in $prefix/etc/shibboleth/shibboleth.xml (search for "You should customize these pages!"), e.g.:
The pages are used as follows: displayed if a session cannot be created after successful authentication, for example if shibd is not running. In a standard configuration, you can force this page to be displayed by visiting the server's /Shibboleth.sso location, e.g.: https://my-sp.mit.edu/Shibboleth.sso displayed in certain cases where there is no valid metadata for an identity provider. This should not happen using our standard configuration; it should only be possible when using the Artifact profile, or "lazy sessions", and there is a configuration problem. You can force the page to be displayed by visiting: https://my-sp.mit.edu/Shibboleth.sso?providerId=NoSuchIdP displayed when an exception occurs when exporting assertions into request headers. This indicates a software problem, and should not happen. displayed for access control failures. This should only happen if you have access control directives in the Apache configuration for your Shibboleth-protected content. You can force the page to be displayed by adding an access control directive that is certain to fail, for example "require NoSuchAlias" (remember to remove this configuration when you have completed testing). displayed when a POST is attempted using http instead of https, and RedirectToSSL is in effect. This should not happen on a properly configured server. error template files are located in $prefix/etc/shibboleth/ (you can override these locations in the <Errors> element). For more information, see https://spaces.internet2.edu/display/SHIB2/NativeSPErrors |
Letting the IdP know about your application
...