Unable to establish security of incoming assertion.

Pavan K pavanonnet1986 at gmail.com
Wed Sep 7 01:06:16 BST 2011

Hi All,

I am trying to test the shibboleth SP with IDP. I have configured my SP with
Apache. And configured IDP with Tomcat.

Following is my configuration:

SP: (shibboleth2.xml)

    <ApplicationDefaults entityID=*"http://machineA/shibboleth*"
                         REMOTE_USER="eppn persistent-id targeted-id">
        <Sessions lifetime="28800" timeout="3600" checkAddress="false"
relayState="ss:mem" handlerSSL="false">
            <SSO entityID="*https://machineA:8443/idp/shibboleth*">
              SAML2 SAML1


IDP metadata is accesible on "https://machineA:8443/idp/shibboleth" and
entityID in metadata is also same.

When i start the SP, IDP's metadata is getting loaded according to the
"<MetadataProvider>" configuration.

And when i issue the login url "http://machineA/Shibboleth.sso/Login" user
is getting authenticated on IDP and i can see the response in SP logs. Bu
after that i am getting *"Unable to establish security of incoming
I tried to find out the information on this error but i could not figure out
the actual problem. Is there anything i am missing. Please help me to
resolve this issue.

Thank you in Advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20110906/8f3dd4b5/attachment-0001.html 

More information about the users mailing list