在回复bobogin。

这就是我记忆中它工作的方式，是的。那时候的文档非常糟糕，但是现在已经改进了，也就是说我现在找不到任何关于它的参考了…

I ran into your post while debugging some ECP problems of my own. I would like some clarification. Do you mean that the ECP SSL certificate and the signing certificate for the web sso profiles must be the same and publicly trusted ?

This ECP test has saved my bacon. Thank you!

在回复webops。

是的，我们以前的一个同事用SNM工具和一些RRDTOOL做了一点hack

What did you use to graph your data? Did you just use rrdtool or did you have it pulled into nagios?

在回复guthypeter。

嗨Peter，

抱歉没有回复。据我所知它仍然有效’我们的配置没有’t改变，肯定仍然收到一个基本的认证头(Apache正在处理他们和我们的Shib将’t知道如何)，但我不能’t实际上看到原始数据包很容易。

你还有问题吗?< / p > https://blogs.开云体育app客服kent.ac.uk/unseenit/simple-shibboleth-ecp-test/#comment-28 guthypeter 2014年11月6日星期四07:16:27 +0000 http://blogs.开云体育app客服kent.ac.uk/unseenit/?p=19#comment-28 Hi, is this information still up-to-date? If I configure our Office 365 domain with "ActiveLogOnUri" set to our ECP endpoint (https://ouridp/idp/profile/SAML2/SOAP/ECP), we get requests sent to this URI like this: POST /idp/profile/SAML2/SOAP/ECP HTTP/1.0 Connection: Keep-Alive Content-Type: application/soap+xml Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 6.1; ..... Content-Length: 1592 Host: ouridp http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue https://ouridp:443/idp/profile/SAML2/SOAP/ECP MYREQUESTID a-username@ourfederateddomain thepassword 2014-12-05T12:55:44Z 2014-12-05T12:55:44Z http://schemas.xmlsoap.org/ws/2005/02/trust/Issue urn:federation:MicrosoftOnline http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey Nothing of an "Authorization" header with the Basic Auth data, but username + password as a soap header (). Is there a setting which enables sending the Basic Auth headers? Thank you very much in advance!

嗨，

这个信息是最新的吗?如果我用“ActiveLogOnUri”设置到我们的ECP端点(https://ouridp/idp/profile/SAML2/SOAP/ECP)，我们得到请求发送到这个URI，就像这样:
POST /idp/profile/SAML2/SOAP/ECP HTTP/1.0
Connection: Keep-Alive
Content-Type: application/ SOAP +xml
Accept: */*
User-Agent: Mozilla/4.0 (compatible;MSIE 6.0;Windows NT 6.1;& # 8230; . .
Content-Length: 1592
ouridp

http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
https://ouridp:443/idp/profile/SAML2/SOAP/ECP
MYREQUESTID

a-username@ourfederateddomain
thepassword

2014-12-05T12:55:44Z
2014-12-05T12:55:44Z

http://schemas.xmlsoap.org/ws/2005/02/trust/Issue

urn:federation:MicrosoftOnline

http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey

Nothing of an “Authorization” header with the Basic Auth data, but username + password as a soap header ().

Is there a setting which enables sending the Basic Auth headers?

Thank you very much in advance!