Australian Access Federation Support Desk

Troubleshooting General Shibboleth IdP Issues

by Paul Stepowski Follow

If you are having any type of problem with your IdP, the first thing you should do is increase the verbosity of the logging and inspect the log files.  To increase the verbosity of logging for your IdP, edit the file $SHIB_HOME/conf/logging.xml.  At the very top of the file, change the lines as follows, so that the logging level is set to DEBUG, which is the most verbose logging level.


<!-- Logs IdP, but not OpenSAML, messages -->
<logger name="edu.internet2.middleware.shibboleth" level="DEBUG"/>

<!-- Logs OpenSAML, but not IdP, messages -->
<logger name="org.opensaml" level="DEBUG"/>
<!-- Logs LDAP related messages -->
<logger name="edu.vt.middleware.ldap" level="DEBUG"/>


Then simply watch the log file and restart your tomcat server.


tail -100f $SHIB_HOME/logs/idp-process.log 


Note that this will generate a lot of logs, so you will probably want to grep for particular strings, but the cause of the problem you are seeing will very likely be logged somewhere in this file.


Don't forget to decrease the verbosity of logging back to it's original state once you've finished debugging the problem, otherwise you run the risk of using up all the space on your log partition.

Have more questions? Submit a request

Was this article helpful?
0 out of 0 found this helpful


Powered by Zendesk