No Peer Endpoint - At a loss

Etan Weintraub eweintra at
Thu Nov 1 11:25:19 EDT 2012

Right, I changed it to POST in their config, and I get the error message about Error decoding authentication request message as follows:

10:58:17.558 - INFO [Shibboleth-Access:73] - 20121101T145817Z|||/profile/SAML2/POST/SSO|
10:58:17.568 - WARN [edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler:314] - Error decoding authentication request message This message deocoder only supports the HTTP POST method
        at org.opensaml.saml2.binding.decoding.HTTPPostDecoder.doDecode( [opensaml-2.3.0.jar:na]

-Etan E. Weintraub
Sr. Systems Engineer
Directory Architecture
IT at Johns Hopkins
Johns Hopkins at Mt. Washington
5801 Smith Ave.
Suite 3110B
Baltimore, MD 21209
Phone: 410-735-7945
E-mail: eweintra at

-----Original Message-----
From: users-bounces at [mailto:users-bounces at] On Behalf Of Cantor, Scott
Sent: Thursday, November 01, 2012 11:24 AM
To: Shib Users
Subject: Re: No Peer Endpoint - At a loss

On 11/1/12 11:20 AM, "Etan Weintraub" <eweintra at> wrote:

>I'll look into the log shrinking, what about the error decoding when I
>switch them to HTTP-POST though...any ideas on that?

What I said in the other emails. You can't just make the problem go away
with metadata. They're incorrectly requesting Redirect and I doubt very
much if the IdP supports the invalid choice of responding via Redirect.
That probably manifests as the original error you got, since the outgoing
binding choices in the IdP don't overlap with the request.

In short, it won't work. They have to use POST or Artifact and they have
to indicate that in the request.

-- Scott

To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list