[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[upki-fed:00596] Re: SP$B$G(B"unable to connect socket" ERROR (Test Fed.)

Subject: [upki-fed:00596] Re: SP$B$G(B"unable to connect socket" ERROR (Test Fed.)
Date: Fri, 28 Dec 2012 13:35:21 +0900
From: Akazawa TS <xxxxxxxx@xxxxxxxxxxxxxx>
$B3XG'$N3'MM(B

$B!!ET0e3X8&$N@VBt$G$9!#(B
$B!!8@$$K:$l$^$7$?$,!"5;=Q%,%$%I$N!V(BSP$B$X$N@\B33NG'!W$K$D$$$F$O(B
$B!!0J2<$N$h$&$K!V(B<Status><OK/></Status>$B!W$,4^$^$l$F$*$j$^$9!#(B
https://www.gakunin.jp/docs/fed/technical/sp/customize/sp-test1

$B!!D9$/$J$C$F$7$^$$62=L$G$9$,!"=PNO$5$l$?$b$N$rE=$jIU$1$F$*$-$^$9!#(B
------------------------------------------------------------------------
[root@sptest ~]# wget --no-check-certificate -nv -O -
https://localhost/Shibboleth.sso/Status
WARNING: certificate common name `sptest.igakuken.or.jp' doesn't match
requested host name `localhost'.
<StatusHandler time='2012-12-28T04:30:07Z'><Version Xerces-C='3.1.1'
XML-Tooling-C='1.5.2' XML-Security-C='1.7.0' OpenSAML-C='2.5.1'
Shibboleth='2.5.1'/><NonWindows sysname='Linux'
nodename='sptest.igakuken.or.jp' release='2.6.18-164.15.1.el5'
version='#1 SMP Wed Mar 17 11:37:14 EDT 2010'
machine='i686'/><SessionCache><OK/></SessionCache><Application
id='default'
entityID='https://sptest.igakuken.or.jp/shibboleth-sp'/><MetadataProvider source='https://metadata.gakunin.nii.ac.jp/gakunin-test-metadata.xml'
reloadInterval='7200'/><Handlers><Handler
type='ArtifactResolutionService' Location='/Artifact/SOAP'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:SOAP'/><Handler
type='AssertionConsumerService' Location='/SAML2/POST'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'/><Handler
type='AssertionConsumerService' Location='/SAML2/POST-SimpleSign'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign'/><Handler
type='AssertionConsumerService' Location='/SAML2/Artifact'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'/><Handler
type='AssertionConsumerService' Location='/SAML2/ECP'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:PAOS'/><Handler
type='AssertionConsumerService' Location='/SAML/POST'
Binding='urn:oasis:names:tc:SAML:1.0:profiles:browser-post'/><Handler
type='AssertionConsumerService' Location='/SAML/Artifact'
Binding='urn:oasis:names:tc:SAML:1.0:profiles:artifact-01'/><Handler
type='SessionInitiator' Location='/Login'/><Handler
type='SingleLogoutService' Location='/SLO/SOAP'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:SOAP'/><Handler
type='SingleLogoutService' Location='/SLO/Redirect'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'/><Handler
type='SingleLogoutService' Location='/SLO/POST'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'/><Handler
type='SingleLogoutService' Location='/SLO/Artifact'
Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'/><Handler
type='LogoutInitiator' Location='/Logout'/><Handler
type='MetadataGenerator' Location='/Metadata'/><Handler type='Status'
Location='/Status'/><Handler type='Session'
Location='/Session'/><Handler type='DiscoveryFeed'
Location='/DiscoFeed'/><Handler type='SessionInitiator'
Location='/DS'/></Handlers><Status><OK/></Status></StatusHandler>2012-12-28
13:30:07 URL:https://localhost/Shibboleth.sso/Status [2297/2297] -> "-" [1]
------------------------------------------------------------------------

$B$h$m$7$/$*4j$$CW$7$^$9!#(B

--
$B@VBtG/0l(B
$B!J8x:b!KEl5~ET0e3XAm9g8&5f=j!!>pJs%7%9%F%`<<(B



> $B3XG'$N3'MM(B
> 
> $B!!$$$D$b$*@$OC$K$J$j$^$9!#(B
> $B!!ET0e3X8&$N@VBt$G$9!#(B
> 
> $B!!8=:_!"%F%9%H%U%'%G%l!<%7%g%s$K;22C$5$;$F$$$?$@$$$F$*$j$^$9!#(B
> $B!!%F%9%HMQ(BIdP$B$K$D$$$F$O@hF|=u$1$F$$$?$@$-2TF/$5$;$k$3$H$,(B
> $B!!$G$-$^$7$?!#(B
> 
> $B!!:#2s!"5;=Q%,%$%I$K1h$C$F!"?7$?$K%F%9%HMQ(BSP$B!J0J2<(B SP$B!K$rN)$A(B
> $B!!>e$2$h$&$H$7$F$*$j$^$9!#(B
> 
> $B!!(Bshibd $B$r(Bstart $B$5$;$?;~E@$G(B shibboleth$B$N%m%0%U%!%$%k(B (/var/log/
> $B!!(Bshibboleth/shibd_warn.log) $B$KB??t$N(B WARN/ERROR/CRIT $B$,5-O?$5$l(B
> $B!!;DG0$J$,$i9T$-5M$^$C$F$*$j$^$9!#62$lF~$j$^$9$,$4=u8@$r$*4j$$(B
> $B!!$G$-$^$9$G$7$g$&$+!#(B
> 
> $B!|(BSP$B$NDs6!%5!<%S%9(B
> 
> $B!!5;=Q%,%$%I$N!V(BIdP$B$H(BSP$B@\B33NG'!W$N%Z!<%8$K5-:\$N!VB0@-3NG'MQ$N(B
> $B!!4JC1$J(BPHP$B%W%m%0%i%`!W$r%@%&%s%m!<%I$7!"(B/var/www/html/secure/
> $B!!(Bindex.php $B$H$7$FCV$-$^$7$?!#(B
> 
> $B!|(BSP$BMQ%5!<%P$N4D6-(B
> 
> $B!!(BOS: CentOS 5.4 (32bit)
> $B!!(BHTTP Server : Apache 2.2.3
> $B!!(BPHP: 5.1.6
> $B!!(Bshibboleth: 2.5.1
> $B!!%$%s%9%H!<%k$H@_Dj:n6H$O(Broot$B$G9T$$$^$7$?!#(B
> 
> $B!|%/%i%$%"%s%H$N4D6-(B
> 
> $B!!(BOS: MacOS X 10.7.5
> $B!!%V%i%&%6(B: Firefox 17.0.1
> 
> $B!|G'>ZITMW$N(Bweb$B%3%s%F%s%D$O1\Mw2D(B
> 
> $B!!(Bhttps://sptest.igakuken.or.jp/dummy.html
> 
> $B!|(Bshibd_warn.log
> 
> $B!!:rM<$K(B shibd $B$r2TF/$5$;$?;~E@$G(B WARN/ERROR/CRIT $B$,(B
> $B!!H/@8$7$^$7$?$,!":#D+%m%0$r8+$k$H#2;~4V$4$H$KH/@8$7$F$$$k(B
> $B!!$b$N$K$D$$$F$H$j$"$($:7G:\$5$;$F$$$?$@$-$^$9!#(B
> $B!!8+$d$9$$$h$&$KE,592~9T$rF~$l!"7QB39T$OH>3Q%9%Z!<%9$G%$%s%G%s%H(B
> $B!!$7$F$*$-$^$9!#(B
> ---------------------------------------------------------------------
> 2012-12-28 10:19:41
>   ERROR XMLTooling.ParserPool :
>   fatal error on line 0, column 0, message:
>   unable to connect socket for URL
>   'https://metadata.gakunin.nii.ac.jp/gakunin-test-metadata.xml'
> 2012-12-28 10:19:41
>   ERROR OpenSAML.MetadataProvider.XML :
>   error while loading resource
>   (https://metadata.gakunin.nii.ac.jp/gakunin-test-metadata.xml):
>   XML error(s) during parsing, check log for specifics
> 2012-12-28 10:19:41
>   WARN OpenSAML.MetadataProvider.XML :
>   adjusted reload interval to 7200 seconds
> 2012-12-28 10:19:41
>   WARN OpenSAML.MetadataProvider.XML :
>   trying backup file, exception loading remote resource:
>   XML error(s) during parsing, check log for specifics
> 2012-12-28 10:19:41
>   ERROR XMLTooling.ParserPool :
>   fatal error on line 0, column 0, message:
>   unable to open primary document entity
> '/var/cache/shibboleth/federation-metadata.xml'
> 2012-12-28 10:19:41
>   ERROR OpenSAML.MetadataProvider.XML :
>   error while loading resource
>   (/var/cache/shibboleth/federation-metadata.xml):
>   XML error(s) during parsing, check log for specifics
> 2012-12-28 10:19:41
>   CRIT OpenSAML.MetadataProvider.XML :
>   maintaining existing configuration, error reloading resource
>   (https://metadata.gakunin.nii.ac.jp/gakunin-test-metadata.xml):
>   XML error(s) during parsing, check log for specifics
> ---------------------------------------------------------------------
> 
> $B!|(Bshibboleth2.xml
> 
> $B!!0J2<$N$h$&$K@_Dj$7$F$*$j$^$9!#(B
> (1) entityID
> ---------------------------------------------------------------------
> <!-- The ApplicationDefaults element is where most of Shibboleth's SAML
> bits are defined. -->
> <ApplicationDefaults entityID="https://sptest.igakuken.or.jp/shibboleth-sp"
>   REMOTE_USER="eppn persistent-id targeted-id">
> ---------------------------------------------------------------------
> 
> (2) DS$B%5!<%P$N;2>H(B
> ---------------------------------------------------------------------
>    <!-- JSON feed of discovery information. -->
>    <Handler type="DiscoveryFeed" Location="/DiscoFeed"/>
>    <SessionInitiator type="Chaining" Location="/DS" isDefault="true" id="DS">
>      <SessionInitiator type="SAML2" template="bindingTemplate.html"/>
>      <SessionInitiator type="Shib1"/>
>      <SessionInitiator type="SAMLDS"
> URL="https://test-ds.gakunin.nii.ac.jp/WAYF"/>
>    </SessionInitiator>
> </Sessions>
> ---------------------------------------------------------------------
> 
> (3)$B%a%?%G!<%?$N<+F099?7@_Dj(B
> 
> $B!!#2;~4V$*$-$K(Bshibd_warn.log$B$K5-:\$5$l$F$$$k%m%0$O!"$?$V$s$3$3$N(B
> $B!!@_Dj$K$^$:$$$3$H$,$"$k$h$&$J5$$,$7$^$9$,!"$$$+$,$G$7$g$&(B?
> ---------------------------------------------------------------------
> <!-- Example of remotely supplied batch of signed metadata. -->
> <!-- -->
> <MetadataProvider type="XML"
> uri="https://metadata.gakunin.nii.ac.jp/gakunin-test-metadata.xml"
>                backingFilePath="federation-metadata.xml"
> reloadInterval="7200">
>    <MetadataFilter type="RequireValidUntil" maxValidityInterval="1296000"/>
>    <MetadataFilter type="Signature"
> certificate="/etc/shibboleth/cert/gakunin-test-signer-2011.cer"/>
> </MetadataProvider>
> <!-- -->
> ---------------------------------------------------------------------
> 
> (4)$B%5!<%P>ZL@=q$HHkL)80$N;XDj(B
> ---------------------------------------------------------------------
> <!-- Simple file-based resolver for using a single keypair. -->
> <CredentialResolver type="File" key="cert/sptest_nopw.key"
> certificate="cert/sptest.igakuken.or.jp.cer"/>
> ---------------------------------------------------------------------
> 
> $B!!%5!<%P>ZL@=q$HHkL)80$O2<5-$N$h$&$K$A$c$s$HCV$$$F$"$j$^$9!#(B
> .....................................................................
> [root@sptest cert]# pwd
> /etc/shibboleth/cert
> [root@sptest cert]# ls -al
> total 20
> drwxr-xr-x 2 root root   4096 Dec 27 14:43 .
> drwxr-xr-x 3 root root   4096 Dec 28 12:28 ..
> -rw-r--r-- 1 root root   1501 Jan 14  2011 gakunin-test-signer-2011.cer
> -rw-r--r-- 1 root apache 1781 Dec 27 11:51 sptest.igakuken.or.jp.cer
> -r-------- 1 root root   1679 Dec 27 11:51 sptest_nopw.key
> .....................................................................
> 
> $B!|?75,(BSP$B?=@A!J%F%9%H%U%'%G%l!<%7%g%s!K(B
> 
> $B!!3XG'?=@A%7%9%F%`!J%F%9%H%U%'%G%l!<%7%g%s!K$+$i!V?75,(BSP$B?=@A!W$r(B
> $B!!9T$$$^$7$?!#(B
> 
> $B!!!V(BDS$B$+$i$N%j%?!<%s(BURL$B!W$K2?$r5-:\$7$F$h$$$N$+$o$+$i$:!"(B
> $B!!!V(Bhttps://sptest.igakuken.or.jp/$B!W$HF~NO$7$F$7$^$$$^$7$?$,!"(B
> $B!!K\%a!<%kKAF,$K$*<($7$7$?!V!|(BSP$B$NDs6!%5!<%S%9!W$rhttps://sptest.igakuken.or.jp/secure/index.php$B!W$r(B
> $B!!F~NO$9$Y$-$H$$$&$3$H$K$J$j$^$9$G$7$g$&$+!#(B
> 
> $B62$lF~$j$^$9$,!"0J>e$h$m$7$/$*4j$$CW$7$^$9!#(B
>
References:
- [upki-fed:00594] SP$B$G(B"unable to connect socket" ERROR (Test Fed.)
  - From: Akazawa TS
Prev by Date: [upki-fed:00595] Re: attribute-resolver Mapped Attribute Definition$B$K(B$B$D$$$F(B
Next by Date: [upki-fed:00597] Re: SP$B$G(B"unable to connect socket" ERROR (Test Fed.)
Previous by thread: [upki-fed:00594] SP$B$G(B"unable to connect socket" ERROR (Test Fed.)
Next by thread: [upki-fed:00597] Re: SP$B$G(B"unable to connect socket" ERROR (Test Fed.)
Index(es):
- Date
- Thread
[upki-fed:00596] Re: SP$B$G(B"unable to connect socket" ERROR (Test Fed.)

[upki-fed:00596] Re: SP$B$G(B"unable to connect socket" ERROR (Test Fed.)
