Retrieving Status Information about the IdP
As of release 2.1.3 the IdP has a new Status page that provides health and configuration information.
Accessing the Status Page
The status page can be accessed using the /status path with the IdP. So, for example if the IdP host is idp.example.org and the IdP has a servlet context path of idp then then the URL to access the page is
http://idp.example.org/idp/status
Per Relying Party Configuration
By default the status page will provide a description of all relying party configuration currently configured for the IdP. However, it can also provide the relying party configuration that will be used for a specific relying party, as identified by its entity ID.
To access the relying party specific relying party configuration information add the URL parameter relyingParty
with the URL-encoded form of the entity ID. So, in the example above, if we wanted the relying party configuration to be used for
http://sp.example.org/shibboleth
the status page access URL would become
http://idp.example.org/idp/status?relyingParty=http%3A%2F%2Fsp.example.org%2Fshibboleth
Allow Access to the Status Page
The status page is restricted by IP-based access. By default only localhost connection (those originating from 127.0.0.1) may access the page.
To allow access from other IPs you must edit the src/main/webapp/WEB-INF/web.xml in the IdP's source. Within this file will be a servlet parameter named AllowedIPs
, located at line 119 (for Version 2.2.1) in the default file. On the line below is a space-separated list of CIDR blocks allowed to access the page. This list supports both IPv4 (in 'dotted' notation) and IPv6 (in 'colon' notation) ranges.
<!-- Servlet for displaying IdP status. --> <servlet> <servlet-name>Status</servlet-name> <servlet-class>edu.internet2.middleware.shibboleth.idp.StatusServlet</servlet-class> <!-- Space separated list of CIDR blocks allowed to access the status page --> <init-param> <param-name>AllowedIPs</param-name> <param-value>127.0.0.1/32 ::1/128 192.168.0.0/16</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet>