Shibboleth setup.. So close but can use some help..

Cantor, Scott cantor.2 at
Fri Sep 23 21:07:37 BST 2011

On 9/23/11 3:58 PM, "Garry Boyce" <gboyce at> wrote:


That is exactly why you don't run them on the same host, particularly to
start with. You should also not use the same entityID for both IdP and SP.
That way lies total confusion.

>Also I see
>            <AssertionConsumerService

Those are the URLs it's validating against, eventually anyway. I don't
think it's getting that far.

>14:31:03.816 - ERROR
>429] - No return endpoint available for relying party

There's something wrong with the metadata. I would use different names for
the IdP and SP, and try and make more sense of the log output then. You
might also post more of the metadata. Something just isn't right with it.

-- Scott

More information about the users mailing list