| Time |
S |
Nick |
Message |
| 00:16 |
|
|
shrink0r joined #rest |
| 01:28 |
|
|
navls joined #rest |
| 01:56 |
|
|
shrink0r_ joined #rest |
| 01:58 |
|
|
shrink0r joined #rest |
| 02:41 |
|
|
pezra joined #rest |
| 03:13 |
|
|
shrink0r_ joined #rest |
| 03:15 |
|
|
shrink0r joined #rest |
| 04:01 |
|
|
rhyselsmore joined #rest |
| 06:58 |
|
|
Left_Turn joined #rest |
| 08:03 |
|
|
graste joined #rest |
| 08:24 |
|
|
mgomezch joined #rest |
| 08:34 |
|
|
shrink0r joined #rest |
| 08:36 |
|
|
mezod joined #rest |
| 08:38 |
|
|
quimrstorres joined #rest |
| 08:48 |
|
|
quimrstorres joined #rest |
| 09:27 |
|
|
quimrstorres joined #rest |
| 09:46 |
|
|
quimrstorres joined #rest |
| 09:55 |
|
|
quimrstorres joined #rest |
| 10:13 |
|
|
quimrstorres joined #rest |
| 10:33 |
|
|
eschmidbauer joined #rest |
| 10:56 |
|
|
Jefffrey joined #rest |
| 11:15 |
|
|
quimrstorres joined #rest |
| 11:50 |
|
|
jcromartie joined #rest |
| 11:53 |
|
|
jgornick joined #rest |
| 12:20 |
|
|
quimrstorres joined #rest |
| 12:49 |
|
|
Left_Turn joined #rest |
| 12:50 |
|
|
nkoza joined #rest |
| 13:04 |
|
|
quimrsto_ joined #rest |
| 13:04 |
|
|
Left_Turn joined #rest |
| 13:38 |
|
|
quimrstorres joined #rest |
| 14:54 |
|
|
StatelessCat joined #rest |
| 14:58 |
|
|
shrink0r joined #rest |
| 15:33 |
|
|
quimrstorres joined #rest |
| 15:56 |
|
|
mezod_ joined #rest |
| 16:13 |
|
|
sfisque joined #rest |
| 16:32 |
|
|
quimrsto_ joined #rest |
| 16:45 |
|
|
quimrstorres joined #rest |
| 17:09 |
|
|
mezod joined #rest |
| 17:42 |
|
|
fsvehla joined #rest |
| 17:43 |
|
|
Andre-B joined #rest |
| 17:45 |
|
pdurbin |
whartung: a follow up on "commercial TLS is broken" http://shibboleth.net/pipermail/users/2015-April/021152.html |
| 17:46 |
|
whartung |
yea that's basically what he told me. THat's what I was looking for. He has issues with the politics (for lack of a better word) of the public trust arhcitecture, not an issue with TLS-the-protocol |
| 17:48 |
|
pdurbin |
auth is full of politics |
| 17:49 |
|
pdurbin |
whartung: do you or sfisque even want to hear more of my sad, sad Shibboleth story? |
| 17:50 |
|
whartung |
I relish sad Shib stories. Do you share them with Scott? |
| 17:50 |
|
|
eschmidbauer left #rest |
| 17:50 |
|
pdurbin |
I just emailed a link to the shib list |
| 17:51 |
|
pdurbin |
Running mod_shib on a non-standard port (i.e. 9999 rather than 443) - http://shibboleth.net/pipermail/users/2015-April/021153.html |
| 17:51 |
|
pdurbin |
here's a direct link: https://docs.google.com/document/d/1DdLVuh8_e_2DINO1xCTj28h35cAwnD0QdevOnEuTo_I/edit?usp=sharing |
| 17:52 |
|
whartung |
Do you want some SP code? |
| 17:52 |
|
whartung |
as a filter/servlet for java? |
| 17:53 |
|
pdurbin |
possibly. I know "write your own" is the approach you favor |
| 17:53 |
|
whartung |
worked for us! :) |
| 17:54 |
|
pdurbin |
whartung: do you see the list of Java apps in that doc that use mod_shib? mod_shib is sort of the standard in higher ed |
| 17:55 |
|
whartung |
I'm just trying to make your life easier. You've been fighting this thing since 1999... |
| 17:55 |
|
pdurbin |
but I'm not partying like it's 1999 |
| 17:57 |
|
pdurbin |
whartung: and use OpenSAML, right? |
| 17:57 |
|
whartung |
yes |
| 17:57 |
|
pdurbin |
whartung: sure, if you have some code to share, I'd be happy to take a look |
| 17:58 |
|
whartung |
ok, not today -- I'll work on it over the next few days. |
| 17:58 |
|
whartung |
if you like it, you have to promise to shine it up an dput it on git hub :) |
| 17:58 |
|
pdurbin |
deal! :) |
| 18:05 |
|
pdurbin |
it will shine like the sun |
| 18:13 |
|
pdurbin |
whartung: meanwhile do you understand Scott's response to my question 1? I'm confused: http://shibboleth.net/pipermail/users/2015-April/021154.html |
| 18:14 |
|
whartung |
he's saying that Apache is creating the URL, and apache beleives it's running on 443, rather than 9999. He's saying you need to convince Apache to build the URL correctly. |
| 18:15 |
|
pdurbin |
huh. I'm not convinced (yet) that Apache thinks it's running on 443 |
| 18:17 |
|
pdurbin |
whartung: here's a diff of my Apache config: http://danceb.in/DFvLvNLt5BGen3CuDMIysQ/raw |
| 18:18 |
|
whartung |
Asking me about apache configurations is likely to lead to disappointment :) |
| 18:23 |
|
pdurbin |
hmm, well I *do* see what he means about the AuthnRequest ... I can see 'AssertionConsumerServiceURL="https://shibtest.dataverse.org/Shibboleth.sso/SAML2/POST"' using https://addons.mozilla.org/en-us/firefox/addon/saml-tracer/ |
| 18:23 |
|
pdurbin |
(no port 9999 that is) |
| 18:30 |
|
|
fsvehla joined #rest |
| 18:34 |
|
whartung |
yea |
| 18:34 |
|
whartung |
that's the issue |
| 18:44 |
|
|
angular_mike joined #rest |
| 18:52 |
|
pdurbin |
I'm looking at the config at the bottom of http://www.jeesty.com/shibboleth for inspiration. |
| 19:02 |
|
pdurbin |
whartung: no 9999 port: http://i.imgur.com/q1a96c3.png |
| 19:02 |
|
whartung |
:( |
| 19:44 |
|
|
warehouse13 joined #rest |
| 19:59 |
|
pdurbin |
whartung: fixed: http://shibboleth.net/pipermail/users/2015-April/021158.html |
| 19:59 |
|
pdurbin |
misconfiguration (on my part) of https://shibboleth.net/products/embedded-discovery-service.html |
| 20:12 |
|
whartung |
cool |
| 20:24 |
|
|
CentaurWarchief joined #rest |
| 20:51 |
|
|
vanHoesel joined #rest |
| 21:54 |
|
|
fumanchu joined #rest |
| 23:58 |
|
|
begriffs joined #rest |
