Shibboleth SP Issue: opensaml::saml2md::MetadataException

When integrating the Shibboleth IDP and the Shibboleth SP, I would receive the following saml2 metadata issue

opensaml::saml2md::MetadataException
The system encountered an error at
To report this problem, please contact the site administrator atroot@localhost.
Please include the following message in any email:
opensaml::saml2md::MetadataException at (http://HOSTNAME/secure/)
Unable to locate metadata for identity provider (https://HOSTNAME/idp/shibboleth)
December 13, 2016
ShibbolethIDPShibboleth-SPSAML2metadata

RESOLUTION

https://technicalconfessions.com/images/postimages/postimages/_437_1_Shibboleth Metadata error with IDP.png

A simple solution here, the mapping within the shibboleth2.xml file must point to the IDP. The issue here was that the Shibboleth IDP metadata was pointing correctly and the entity ID seemed to be correct <MetadataProvider type="XML" file="C:\App\shibboleth\Metadata\idp-metadata.xml"/>

The specific issue here was that the entity ID within the shibboleth2.xml must match the entity ID within the idp-metadata.xml (Which it was) though the entityID is case sensitive so after matching up the entityID exactly, resolved the issue

About the author

Daniel is a Technical Manager with over 10 years of consulting expertise in the Identity and Access Management space.
Daniel has built from scratch this blog as well as technicalconfessions.com
Follow Daniel on twitter @nervouswiggles

Comments

Other Posts

ForgeRock OpenIDM - InvalidCredentialException: Remote framework key is invalid

ICFIDMOpenIDMOpenICF

November 8, 2017
Created by: Daniel Redfern
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...
E_WARNING Error in file posts.php at line 464: fopen(http://www.technicalconfessions.com/images/postimages/postIcons/pp452.png): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found E_WARNING Error in file posts.php at line 464: fclose() expects parameter 1 to be resource, boolean given

org.forgerock.script.exception.ScriptCompilationException: missing ; before statement

IDMsync.confforgerockopenidm

November 8, 2017
Created by: Daniel Redfern
org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...

ForgeRock IDM - org.forgerock.script.exception.ScriptCompilationException: missing ; before statemen

OpenIDMsync.confForgeRock

September 17, 2017
Created by: Daniel Redfern
ForgeRock IDM - org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...

Caused by: org.forgerock.json.resource.BadRequestException: Target does not support attribute groups

OpenIDMForgeRockICFConnector

September 17, 2017
Created by: Daniel Redfern
When performing the attempt of a reconciliation from ForgeRock IDM to Active Directory, I would get the following error
Read More...

ForgeRock OpenIDM - InvalidCredentialException: Remote framework key is invalid

OpenIDMForgeRockICFConnectorAD

September 17, 2017
Created by: Daniel Redfern
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...

ERROR Caused by com.google.api.client.auth.oauth2.TokenResponseException 400 Bad Request - invalid_g

OpenIDMIDMGoogleGoogle-AppsICFreconciliation

September 12, 2017
Created by: Daniel Redfern
During the reconcilation from OpenIDM to the ICF google apps connector, the following error response would occur. ERROR Caused by com.google.api.client.auth.oauth2.TokenResponseException 400 Bad Request - invalid_grant
Read More...

forgerock-openidm-encryptedjwt-error

OpenIDMIDMForgeRockJWTIAM

August 29, 2017
Created by: Daniel Redfern
Received the JWT error
Read More...

Unexpected character ('¾' (code 190)): expected a valid value

ForgeRock-OpenIDMOpenIDMIDMKeystore

June 25, 2017
Created by: Daniel Redfern
Unexpected character occurred when the IP addresses changes and the virtual instance was migrated into a separate network subnet.
Read More...
E_WARNING Error in file posts.php at line 464: fopen(http://www.technicalconfessions.com/images/postimages/postIcons/pp444.png): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found E_WARNING Error in file posts.php at line 464: fclose() expects parameter 1 to be resource, boolean given

OpenDJ Error - Connect Error Result Code: 91 (Connect Error)

OpenDJLDAPldapsearchForgeRock

June 5, 2017
Created by: Daniel Redfern
When trying to connect, I would then receive the following error "Connect Error Result Code: 91 (Connect Error)"
Read More...

Tomcat NioEndpoint$SocketProcessor.doRun java.lang.NullPointerException error

TomcatJava-8PKICAS

June 5, 2017
Created by: Daniel Redfern
When initiating the Tomcat instance, the cas-stderr log file will log a SEVERE error logging multiple times every few seconds
Read More...