Scott already had a look at in and stated this on the mailing list:
Since you're looking at the code, the bug is here:
// If there's still no template to use, just use pageError.html unless it's an access issue.
string fname;
if (!pathname.first) {
if (!accesserror) {
fname = string(page) + "Error.html";
pathname.second = fname.c_str();
}
}
else {
fname = pathname.second;
}
There's no check for the mderror boolean, and so it doesn't default to using "metadata" as the page name in that final bit of code.
Environment
Ubuntu trusty, libapache2-mod-shib2 version 2.5.2+dfsg-2
Just tested blacklisting an IdP. The resulting error page should use metadataError.html template, but uses the generic sessionError.html instead.
used error config in shibboleth2.xml:
<Errors supportContact="<contact-address>" helpLocation="/about.html" styleSheet="/shibboleth-sp/main.css"/>Scott already had a look at in and stated this on the mailing list:
Since you're looking at the code, the bug is here: // If there's still no template to use, just use pageError.html unless it's an access issue. string fname; if (!pathname.first) { if (!accesserror) { fname = string(page) + "Error.html"; pathname.second = fname.c_str(); } } else { fname = pathname.second; } There's no check for the mderror boolean, and so it doesn't default to using "metadata" as the page name in that final bit of code.