Shibboleth Developers

[Chad La Joie <>]

If you updated your IdP code recently take a look in handler.xml.  I 
went through and synchornized some capitalization items so the endpoints 
are now, normally

https://132.230.25.131/shibboleth-idp/profile/SAML2/POST/SSO

note the capitalized "SAML"

I sent a note about this on 6.12.07 at 23:23CET

Franck Borel wrote:
> Hi,
>
> I get this error message from my SP 2.0, when I try to connect directly 
> to my IdP:
>
> 2007-12-14 11:02:41 ERROR Shibboleth.SessionInitiator.SAML2 [1]: unable 
> to locate SAML 2.0 identity provider role for provider 
> (https://idp.aar.vascoda.de)
> 2007-12-14 11:02:41 ERROR Shibboleth.SessionInitiator.Shib1 [1]: unable 
> to locate compatible SSO service for provider (https://idp.aar.vascoda.de)
>
> My configuration:
> -----------------
>
> 1) shibboleth2.xml:
> ...
> <Sessions
> lifetime="28800"
> timeout="3600"
> checkAddress="false"
> handlerURL="/Shibboleth.sso"
> handlerSSL="false" 
> exportLocation="http://localhost/Shibboleth.sso/GetAssertion";
> idpHistory="false"
> idpHistoryDays="7">
>
> <SessionInitiator
> type="Chaining"
> Location="/Login"
> isDefault="true"
> id="Intranet"
> relayState="cookie"
> entityID="https://idp.aar.vascoda.de";>
>
> <SessionInitiator
> type="SAML2"
> defaultACSIndex="1"
> template="/etc/shibboleth/bindingTemplate.html"/>
> <SessionInitiator
> type="Shib1"
> defaultACSIndex="5"/>
> </SessionInitiator>
> ...
>
> 2) metadata
>
> ...
> <SingleSignOnService
> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
> Location="https://132.230.25.131/shibboleth-idp/profile/saml2/POST/SSO"; />
> ...
>
> Any idea, what is wrong?

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
 http://www.switch.ch