I neglected to set entityID based on an active session, this fix adds that missing property to both the cases you identified as broken.
supportContact isn't really anything but a pass-through to the <Errors> element, so it will work (or not) regardless.
requestURL is set for cases where it's significant, but with the attribute checker, it would just be the URL to the handler, so it's self-evident. The "target" property in that case would be set if it's attached to the request as a query parameter (any query parameter is accessible that way).
Martin Hitschel June 15, 2012 at 8:54 AM
Edited
In 2.5 as of 2012-06-14 in the OpenSUSE repo for CentOS6, both ways do not work: a) the "old" style: <RequestMapper type="Native"> <RequestMap applicationId="default" accessError="accessError.html"> <AccessControl> <RuleRegex require="eppn">.+</RuleRegex> [...] ...with an <shibmlp entityID/> in accessError.html that will be empty b) the new style: <RelyingParty Name="https://example.org/idp/shibboleth" keyName="myself" sessionHook="/Shibboleth.sso/AttrChecker"/> and <Handler type="AttributeChecker" Location="/AttrChecker" template="attrChecker.html" attributes="eppn" flushSession="true"/> ...with an <shibmlp entityID/> in attrChecker.html that will be empty
in b) also <shibmlp requestURL /> is unusable, however, <shibmlp target /> is.
Fixed
Pinned fields
Click on the next to a field label to start pinning.
Wanted to customize an error template that outputs the entityID of an IdP as described in:
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPErrors
While <shibmlp supportContact/> works as expected, <shibmlp entityID/> as well as <shibmlp entityId/> remained empty.