Shib 3.2.1

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Shib 3.2.1

ccheltenham

Hello All,

 

I am getting these errors in my process logs.

However the metdata is there.

 

 

 

8-06-27 10:27:46,822 - DEBUG [org.opensaml.saml.metadata.resolver.impl.BasicRoleDescriptorResolver:281] - Metadata document did not contain any role descriptors of type {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor for entity http://test.osmsinc.com/OSMS_bvc2017Portal/

2018-06-27 10:27:46,822 - DEBUG [org.opensaml.saml.metadata.resolver.impl.BasicRoleDescriptorResolver:252] - Metadata document does not contain a role of type {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor supporting protocol urn:oasis:names:tc:SAML:2.0:protocol for entity http://test.osmsinc.com/OSMS_bvc2017Portal/

2018-06-27 10:27:46,822 - INFO [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:128] - Message Handler:  No metadata returned for http://test.osmsinc.com/OSMS_bvc2017Portal/ in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol urn:oasis:names:tc:SAML:2.0:protocol

 

===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571


--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Shib 3.2.1

Rod Widdowson
> However the metdata is there.

Are you sure?  That’s not meant to be insulting, it's just that very often the system either isn't using the metadata that the
poster thinks it is, or that there is a typo.

In your case I see that the entityID starts "http://" - that is acceptable, but unusual.

/R

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Shib 3.2.1

ccheltenham
True but actually almost all of our vendors use and https:// for their
entity id.

To answer your question , am I sure its there.
Yes it is there .. I am going to

And I do not take it as an insult I make plenty of dumb mistakes :)


===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571

-----Original Message-----
From: users <[hidden email]> On Behalf Of Rod Widdowson
Sent: Wednesday, June 27, 2018 11:06 AM
To: 'Shib Users' <[hidden email]>
Subject: RE: Shib 3.2.1

> However the metdata is there.

Are you sure?  That's not meant to be insulting, it's just that very often
the system either isn't using the metadata that the poster thinks it is,
or that there is a typo.

In your case I see that the entityID starts "http://" - that is
acceptable, but unusual.

/R

--
For Consortium Member technical support, see
https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to
[hidden email]
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Shib 3.2.1

ccheltenham
In reply to this post by Rod Widdowson
So I have restarted the IDP with the same results.
I see a bunch of these.

Metadata backing store does not contain any EntityDescriptors with the ID:
http://test.osmsinc.com/OSMS_bvc2017Portal/



===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571


-----Original Message-----
From: users <[hidden email]> On Behalf Of Rod Widdowson
Sent: Wednesday, June 27, 2018 11:06 AM
To: 'Shib Users' <[hidden email]>
Subject: RE: Shib 3.2.1

> However the metdata is there.

Are you sure?  That's not meant to be insulting, it's just that very often
the system either isn't using the metadata that the poster thinks it is,
or that there is a typo.

In your case I see that the entityID starts "http://" - that is
acceptable, but unusual.

/R

--
For Consortium Member technical support, see
https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to
[hidden email]
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Shib 3.2.1

Tom O'Neill
Could you share the metadata?

Thanks,

Tom

-----Original Message-----
From: users <[hidden email]> On Behalf Of Cheltenham, Chris
Sent: Wednesday, June 27, 2018 11:22 AM
To: Shib Users <[hidden email]>
Subject: RE: Shib 3.2.1

So I have restarted the IDP with the same results.
I see a bunch of these.

Metadata backing store does not contain any EntityDescriptors with the ID:
http://test.osmsinc.com/OSMS_bvc2017Portal/



===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571


-----Original Message-----
From: users <[hidden email]> On Behalf Of Rod Widdowson
Sent: Wednesday, June 27, 2018 11:06 AM
To: 'Shib Users' <[hidden email]>
Subject: RE: Shib 3.2.1

> However the metdata is there.

Are you sure?  That's not meant to be insulting, it's just that very often the system either isn't using the metadata that the poster thinks it is, or that there is a typo.

In your case I see that the entityID starts "http://" - that is acceptable, but unusual.

/R

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Shib 3.2.1

Peter Schober
In reply to this post by ccheltenham
* Cheltenham, Chris <[hidden email]> [2018-06-27 16:47]:
> I am getting these errors in my process logs.
> However the metdata is there.
>
> 2018-06-27 10:27:46,822 - INFO
> [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:128] -
> Message Handler:  No metadata returned for
> http://test.osmsinc.com/OSMS_bvc2017Portal/ in role
> {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol
> urn:oasis:names:tc:SAML:2.0:protocol

Seems either you're not loading the metadata for this entity (how
exactly are you doing this?) or the metadata does not contain exactly
that. E.g. maybe it does not contain SAML 2.0 support, or is messed up
in some other way.

You could try to make sure the metadata you're loading is
syntactically correct, too:
https://wiki.shibboleth.net/confluence/display/IDP30/SchemaValidationFilter
and more generally
https://wiki.shibboleth.net/confluence/display/CONCEPT/MetadataCorrectness#MetadataCorrectness-ApproachesandTools

-peter

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]