re:SAML 2 SSO profile is not configured for relying party

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

re:SAML 2 SSO profile is not configured for relying party

Jonathan Gershater
Nate

"The simplest fix here is to point the metadataURL at your SP's automatic metadata generator.  It defaults to http://yourserver/Shibboleth.sso/Metadata."

1. Which file contains the "metadataURL" ?
2. Which file contains the SP metadata?


---------- Forwarded message ----------
From: Nate Klingenstein <[hidden email]>
To: [hidden email]
Date: Wed, 17 Jun 2009 21:34:01 +0000
Subject: Re: [Shib-Users] SAML 2 SSO profile is not configured for relying party
Jonathan,

From the docs, https://spaces.internet2.edu/display/SHIB2/IdPRelyingParty I think I am supposed to copy the SP metadata.xml to the IdP?
If I am correct where do I put the SP's metadata.xml? In the /conf directory? And how do I tell the IdP where the SP's metadata.xml file is ?

You've got the error properly diagnosed.  Either your SP's metadata isn't stored in the idp-metadata.xml file you're pointing at(which wouldn't surprise me one bit), or your SP's entityID is improperly configured(less likely).

The simplest fix here is to point the metadataURL at your SP's automatic metadata generator.  It defaults to http://yourserver/Shibboleth.sso/Metadata.

Give it a try,
Nate.
Reply | Threaded
Open this post in threaded view
|

RE: re:SAML 2 SSO profile is not configured for relying party

Cantor, Scott E.
Jonathan Gershater wrote on 2009-06-18:
> 1. Which file contains the "metadataURL" ?
> 2. Which file contains the SP metadata?

I think you're missing the fundamental IdP config instructions for metadata:

https://spaces.internet2.edu/display/SHIB2/IdPMetadataProvider

I would simply say that you need to get the metadata about the SP, stick it
in the IdP's metadata folder, and then look at that doc page or the examples
in the relying-party file to see how to load it.

-- Scott