...
The status page can be accessed using the /status path with the IdP. So, for example if the IdP host is idp.example.org and the IdP has a servlet context path of idpthen then the URL to access the page is
No Format | ||
---|---|---|
| ||
http://idp.example.org/idp/status |
Per Relying Party Configuration
...
To access the relying party specific relying party configuration information add the URL parameter relyingParty
with the URL-encoded form of the entity ID. So, in the example above, if we wanted the relying party configuration to be used for
No Format | ||
---|---|---|
| ||
http://sp.example.org/shibboleth |
the status page access URL would become
No Format | ||
---|---|---|
| ||
http://idp.example.org/idp/status?relyingParty=http%3A%2F%2Fsp.example.org%2Fshibboleth |
Allow Access to the Status Page
...
To allow access from other IPs you must edit the src/main/webapp/WEB-INF/web.xml in the IdP's source. Within this file will be a servlet parameter named AllowedIPs
, located at line 119 (for Version 2.2.1) in the default file. On the line below is a space-separated list of CIDR blocks allowed to access the page. This list supports both IPv4 (in 'dotted' notation) and IPv6 (in 'colon' notation) ranges.
With IdP version 2.3.8 you will need to edit $IDP_HOME/conf/web.xml instead of src/main/webapp/WEB-INF/web.xml. The install.sh script will ignore any changes to the latter.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<!-- Servlet for displaying IdP status. -->
<servlet>
<servlet-name>Status</servlet-name>
<servlet-class>edu.internet2.middleware.shibboleth.idp.StatusServlet</servlet-class>
<!-- Space separated list of CIDR blocks allowed to access the status page -->
<init-param>
<param-name>AllowedIPs</param-name>
<param-value>127.0.0.1/32 ::1/128 192.168.0.0/16</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
|