The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

Some SSL load balancers and accelerators can cause errors by changing the scheme used for incoming requests from https to http. As with other virtual hosting translation issues, this will break in most cases because redirects will be generated improperly and endpoint information in metadata will not match.

The web server needs to be informed about this situation in whatever manner it supports, usually commands related to virtual host setup. For older versions of Apache that do not support this feature, the ShibURLScheme command is provided, to be placed within the appropriate <VirtualHost>.

For IIS, which does not actually support this form of virtual hosting, this must be specified directly in shibboleth2.xml by modifying the <Site> element:

<ISAPI normalizeRequest="true">
    <Site id="1" name="sptest.tut.fi" scheme="https" port="443"/>
</ISAPI>
  • No labels