SAML response error: No return endpoint available for relying party

jfu jfu_gengyue at hotmail.com
Tue Dec 3 16:06:35 EST 2013


Thank you for all your reply.

Our service provider made change for their SP configuratio now, but we still
got the same error. 


*MetaData URL: http://SP_IP_Address
/simplesamlphp/www/saml2/sp/metadata.php* 
*
--- part of metadata.php -----------------------*<md:SPSSODescriptor
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
  <md:SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://SP_IP_Address/simplesamlphp/www/saml2/sp/SingleLogoutService.php"
/> 
 
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> 
  <md:AssertionConsumerService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://SP_IP_Address/simplesamlphp/www/saml2/sp/AssertionConsumerService.php"
index="0" /> 
  </md:SPSSODescriptor>

 
*SP EntityID*: http://SP_IP_Address
/simplesamlphp/www/module.php/saml/sp/metadata.php/default-sp 
AssertionConsumerService: http://SP_IP_Address
/simplesamlphp/www/module.php/saml/sp/saml2-acs.php/default-sp 
 
RelayState : http://SP_IP_Address
/simplesamlphp/www/module.php/core/webhome/saml_auth_index.php
 
------------- *Link to access SP* ----------------------------------
 
https://test.mycompany.com/idp/profile/Shibboleth/SSO
?shire=http://SP_IP_Address
/simplesamlphp/www/module.php/saml/sp/saml2-acs.php/default-sp
&target=http://SP_IP_Address
/simplesamlphp/www/module.php/core/webhome/saml_auth_index.php
&providerId=http://SP_IP_Address /simplesamlphp/www/saml2/sp/metadata.php



-------------* relying-party.xml: IDP metadata configuration
*-----------------------------

 ==== <rp:relyingParty> add after default relying party, optional.
With/Without it, I got same error ========
  <rp:RelyingParty
id="http://SP_IP_address/simplesamlphp/www/module.php/saml/sp/metadata.php/default-sp"
                             
provider="https://test.mycompany.com/idp/shibboleth"
                             
defaultAuthenticationMethod="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
                              defaultSigningCredentialRef="IdPCredential">
        <rp:ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile"
                              includeAttributeStatement="true" />
        <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" />
    </rp:RelyingParty>
 
 
<metadata:MetadataProvider id="SPMD"
xsi:type="metadata:FileBackedHTTPMetadataProvider"
                         
metadataURL="http://SP_IP_address/simplesamlphp/www/saml2/sp/metadata.php"
                        
backingFile="/opt/shibboleth-idp/metadata/metadata-sp.xml" >
            <metadata:MetadataFilter xsi:type="metadata:ChainingFilter">
                <metadata:MetadataFilter
xsi:type="metadata:SignatureValidation"
                               
trustEngineRef="shibboleth.TranzMetadataTrustEngine"
                                requireSignedMetadata="true" />
 
                 <metadata:MetadataFilter
xsi:type="metadata:EntityRoleWhiteList">
                
<metadata:RetainedRole>samlmd:SPSSODescriptor</metadata:RetainedRole>
                </metadata:MetadataFilter>
            </metadata:MetadataFilter>
        </metadata:MetadataProvider>

*----------------  IDP error log
----------------------------------------------------*
4:49:09.331 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:117] -
Attempting to retrieve IdP session cookie.
14:49:11.492 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:117] -
Attempting to retrieve IdP session cookie.
14:49:11.493 - INFO [Shibboleth-Access:73] -
20131203T204911Z|0:0:0:0:0:0:0:1|test.mycompany.com:80|/profile/Shibboleth/SSO|
14:49:11.493 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager:86]
- shibboleth.HandlerManager: Looking up profile handler for request path:
/Shibboleth/SSO
14:49:11.494 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager:97]
- shibboleth.HandlerManager: Located profile handler of the following type
for the request path:
edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler
14:49:11.494 - DEBUG
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:339] -
LoginContext key cookie was not present in request
14:49:11.494 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler:152]
- Incoming request does not contain a login context, processing as first leg
of request
14:49:11.494 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler:218]
- Decoding message with decoder binding
urn:mace:shibboleth:1.0:profiles:AuthnRequest
14:49:11.495 - DEBUG [org.opensaml.ws.message.decoder.BaseMessageDecoder:76]
- Beginning to decode message from inbound transport of type:
org.opensaml.ws.transport.http.HttpServletRequestAdapter
14:49:11.495 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.495 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.496 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:167] -
Metadata document does not contain an EntityDescriptor with the ID
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.496 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.496 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.496 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:128]
- Looking up relying party configuration for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.497 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:134]
- No custom relying party configuration found for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php, looking up
configuration based on metadata groups.
14:49:11.497 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.497 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.498 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:167] -
Metadata document does not contain an EntityDescriptor with the ID
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.498 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.498 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.498 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:157]
- No custom or group-based relying party configuration found for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php. Using default
relying party configuration.
14:49:11.499 - DEBUG
[org.opensaml.ws.message.decoder.BaseMessageDecoder:130] - Evaluating
security policy of type
'edu.internet2.middleware.shibboleth.common.security.ShibbolethSecurityPolicy'
for decoded message
14:49:11.499 - DEBUG [org.opensaml.ws.message.decoder.BaseMessageDecoder:85]
- Successfully decoded message.
14:49:11.499 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler:241]
- Decoded Shibboleth SSO request from relying party
'http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php'
14:49:11.499 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.500 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.500 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:167] -
Metadata document does not contain an EntityDescriptor with the ID
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.500 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.500 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.501 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:128]
- Looking up relying party configuration for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.501 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:134]
- No custom relying party configuration found for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php, looking up
configuration based on metadata groups.
14:49:11.501 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.501 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.502 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:167] -
Metadata document does not contain an EntityDescriptor with the ID
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.502 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.502 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:11.502 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:157]
- No custom or group-based relying party configuration found for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php. Using default
relying party configuration.
14:49:11.503 - DEBUG
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:181] -
Storing LoginContext to StorageService partition loginContexts, key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1
14:49:11.503 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler:195]
- Redirecting user to authentication engine at
http://test.mycompany.com:80/idp/AuthnEngine
14:49:11.518 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:117] -
Attempting to retrieve IdP session cookie.
14:49:11.518 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:209] -
Processing incoming request
14:49:11.518 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:11.518 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:355] -
Retrieved LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:11.519 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:240] -
Beginning user authentication process.
14:49:11.519 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:283] -
Filtering configured LoginHandlers:
{urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession=edu.internet2.middleware.shibboleth.idp.authn.provider.PreviousSessionLoginHandler at 31fc6b2,
urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middleware.shibboleth.idp.authn.provider.ExternalAuthnSystemLoginHandler at 1b2dd1b8}
14:49:11.520 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:332] -
Filtering out previous session login handler because there is no existing
IdP session
14:49:11.520 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:464] -
Selecting appropriate login handler from filtered set
{urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified=edu.internet2.middleware.shibboleth.idp.authn.provider.ExternalAuthnSystemLoginHandler at 1b2dd1b8}
14:49:11.520 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:497] -
Authenticating user with login handler of type
edu.internet2.middleware.shibboleth.idp.authn.provider.ExternalAuthnSystemLoginHandler
14:49:11.520 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.provider.ExternalAuthnSystemLoginHandler:102]
- Forwarding authentication request to index.jsp
14:49:11.521 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:11.521 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:355] -
Retrieved LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.595 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:117] -
Attempting to retrieve IdP session cookie.
14:49:21.595 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:144] -
Returning control to authentication engine
14:49:21.596 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.596 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:355] -
Retrieved LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.596 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:209] -
Processing incoming request
14:49:21.597 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.597 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:355] -
Retrieved LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.597 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:514] -
Completing user authentication process
14:49:21.597 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:585] -
Validating authentication was performed successfully
14:49:21.598 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:696] -
Updating session information for principal jfu
14:49:21.598 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:700] -
Creating shibboleth session for principal jfu
14:49:21.599 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.impl.SessionManagerImpl:98]
- Created session
054d5d0e17f2c9ca574354c8bb1a0307b4ba890a6b38ddead030f987c3ceabc4
14:49:21.599 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:815] -
Adding IdP session cookie to HTTP response
14:49:21.600 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:715] -
Recording authentication and service information in Shibboleth session for
principal: jfu
14:49:21.600 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.impl.SessionManagerImpl:173]
- Added index jfu to session
054d5d0e17f2c9ca574354c8bb1a0307b4ba890a6b38ddead030f987c3ceabc4
14:49:21.600 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:560] -
User jfu authenticated with method
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
14:49:21.600 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:161] -
Returning control to profile handler
14:49:21.601 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.601 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:355] -
Retrieved LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.601 - DEBUG
[edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine:177] -
Redirecting user to profile handler at
http://test.mycompany.com:80/idp/profile/Shibboleth/SSO
14:49:21.636 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:117] -
Attempting to retrieve IdP session cookie.
14:49:21.636 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:123] -
Found IdP session cookie.
14:49:21.637 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:81] -
Updating IdP session activity time and adding session object to the request
14:49:21.638 - INFO [Shibboleth-Access:73] -
20131203T204921Z|0:0:0:0:0:0:0:1|test.mycompany.com:80|/profile/Shibboleth/SSO|
14:49:21.638 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager:86]
- shibboleth.HandlerManager: Looking up profile handler for request path:
/Shibboleth/SSO
14:49:21.638 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager:97]
- shibboleth.HandlerManager: Located profile handler of the following type
for the request path:
edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler
14:49:21.639 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.639 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:355] -
Retrieved LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.639 - DEBUG
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:588] -
Unbinding LoginContext
14:49:21.639 - DEBUG
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:614] -
Expiring LoginContext cookie
14:49:21.640 - DEBUG
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:625] -
Removed LoginContext, with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1, from
StorageService partition loginContexts
14:49:21.640 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler:136]
- Incoming request contains a login context and indicates principal was
authenticated, processing second leg of request
14:49:21.640 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.640 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.641 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:167] -
Metadata document does not contain an EntityDescriptor with the ID
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.641 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.641 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.642 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.642 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php

14:49:21.642 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.643 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.643 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:128]
- Looking up relying party configuration for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.643 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:134]
- No custom relying party configuration found for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php, looking up
configuration based on metadata groups.
14:49:21.644 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.644 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.644 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:167] -
Metadata document does not contain an EntityDescriptor with the ID
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.644 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.645 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.645 - DEBUG
[edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager:157]
- No custom or group-based relying party configuration found for
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php. Using default
relying party configuration.
14:49:21.645 - DEBUG
[org.opensaml.saml2.metadata.provider.ChainingMetadataProvider:253] -
Checking child metadata provider for entity descriptor with entity ID:
https://test.mycompany.com/idp/shibboleth
14:49:21.646 - DEBUG
[org.opensaml.saml2.metadata.provider.AbstractMetadataProvider:520] -
Searching for entity descriptor with an entity ID of
https://test.mycompany.com/idp/shibboleth
14:49:21.646 - DEBUG
[edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOEndpointSelector:62]
- Unable to select endpoint, no entity role metadata available.
14:49:21.646 - ERROR
[edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler:447]
- No return endpoint available for relying party
http://SP_IP_Address/simplesamlphp/www/saml2/sp/metadata.php
14:49:21.648 - TRACE
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:349] -
Looking up LoginContext with key
da1e6ffb5b503cf03d0168deda08b1351dd4367c4a1d156414823c11e206a6a1 from
StorageService parition: loginContexts
14:49:21.648 - DEBUG
[edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:360] - No
login context in storage service
14:49:21.649 - DEBUG
[edu.internet2.middleware.shibboleth.idp.ui.ServiceContactTag:177] - No
relying party, nothing to display
14:49:21.686 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:117] -
Attempting to retrieve IdP session cookie.
14:49:21.687 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:123] -
Found IdP session cookie.
14:49:21.687 - TRACE
[edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:81] -
Updating IdP session activity time and adding session object to the request
*
----------------  SP Log -----------------------------*

Dec 04 00:22:43 simplesamlphp DEBUG [f24eedf68a] Template: Reading
[C:\inetpub\wwwroot\simplesamlphp/dictionaries/disco]
Dec 04 00:22:43 simplesamlphp INFO [f24eedf68a] Template: Looking up
[idpname_https://test.mycompany.com/idp/shibboleth]: not translated at all.
Dec 04 00:22:43 simplesamlphp INFO [f24eedf68a] Template: Looking up
[idpname_http://www.spcompany.com/spdir]: not translated at all.
Dec 04 00:22:43 simplesamlphp INFO [f24eedf68a] Template: Looking up
[idpname_Tranzlogic]: not translated at all.
Dec 04 00:22:50 simplesamlphp INFO [f24eedf68a] idpDisco.saml: Accessing
discovery service.
Dec 04 00:22:50 simplesamlphp INFO [f24eedf68a] idpDisco.saml: returnIdParam
initially set to [idpentityid]
Dec 04 00:22:50 simplesamlphp INFO [f24eedf68a] idpDisco.saml: isPassive
initially set to [FALSE]
Dec 04 00:22:50 simplesamlphp INFO [f24eedf68a] idpDisco.saml: Choice made
[https://test..mycompany.com/idp/shibboleth] Setting cookie.
Dec 04 00:22:50 simplesamlphp INFO [f24eedf68a] idpDisco.saml: Choice made
[https://test..mycompany.com/idp/shibboleth] (Redirecting the user back.
returnIDParam=idpentityid)
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] Loading state:
'_cb83132840fca0397c5664d858e7fcad7d7b39000e:http://SP_IP_Address/simplesamlphp/www/module.php/core/as_login.php?AuthId=default-sp&ReturnTo=http%3A%2F%SP_IP_Address%2Fsimplesamlphp%2Fwww%2Fmodule.php%2Fcore%2Fwebhome%2Fsaml_auth_index.php'
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] Saved state:
'_cb83132840fca0397c5664d858e7fcad7d7b39000e'
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] Sending SAML 2 AuthnRequest
to 'https://test..mycompany.com/idp/shibboleth'
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] Sending message:
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] <samlp:AuthnRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_cb83132840fca0397c5664d858e7fcad7d7b39000e" Version="2.0"
IssueInstant="2013-12-03T18:52:50Z"
Destination="https://test.mycompany.com/idp/profile/SAML2/Redirect/SSO"
AssertionConsumerServiceURL="http://SP_IP_Address/simplesamlphp/www/module.php/saml/sp/saml2-acs.php/default-sp"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST">
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]  
<saml:Issuer>http://SP_IP_Address/simplesamlphp/www/module.php/saml/sp/metadata.php/default-sp</saml:Issuer>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]   <samlp:NameIDPolicy
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
AllowCreate="true"/>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]   <samlp:Scoping
ProxyCount="2">
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]     <samlp:IDPList>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]       <samlp:IDPEntry
ProviderID="SPName"/>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]       <samlp:IDPEntry
ProviderID="http://www.SPcompany.com/mydir"/>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]       <samlp:IDPEntry
ProviderID="https://test.mycompany.com/idp/shibboleth"/>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]     </samlp:IDPList>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a]   </samlp:Scoping>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] </samlp:AuthnRequest>
Dec 04 00:22:50 simplesamlphp DEBUG [f24eedf68a] Redirect to 874 byte URL:
https://test.mycompany.com/idp/profile/SAML2/Redirect/SSO?SAMLRequest=nVNdj9MwEPwrkd8T5%2BP6cVZbqbQgKh1c1RQeeEGuvb1Ycuzgddorvx4nvUI5oYJ4irzemZ0dTybIa92weesrs4FvLaCPnmttkPUXU9I6wyxHhczwGpB5wcr5hweWJylrnPVWWE2uILcRHBGcV9aQaLWckq9iNy6yIh%2FfpXvB0%2BJ%2BJAbD4Z0cD8YwChU5kqNdcZ%2BmKZDoMzgMyCkJRAGO2MLKoOfGh1KaFXGWx2mxzcZskLNB%2BoVEy7CNMtz3qMr7BhmlPhSTGpyoAnJvWyPdKRG2pko2NGy0VxpoJzinG5DKgfC0LB9JNL9oX1iDbWAowR2UgE%2BbhzN7IM%2FScZINh0meJsMRRVU3Gnojq4Yej0daW9lqSLpjV6Z4%2FuYxF9hXJex5q32MDYnWL%2Fa%2BUUYq83Tb2d25Cdn77XYdrx%2FLLZlNOm7WO%2BVm%2F6%2BwBs8l9%2FyVwAm9pp%2Bcg%2FQxCFst11YrcYreWVdzf1t3V1Ey3vetzDtuUIHxwW6t7XHhgHuYEu9aIPQypBS2Cbt2Bj2fFuEJuwSQy20Y%2F6DQXx3fGu9OXfdBSXBd8LZhzndtn5T4xfrHxhfXgjMJb8Apjla3XQiwz8whZEgd%2FoHjr8nDSu12VoOvOjb6ahX62%2BI%2Fz9e%2F7ewH&RelayState=http%3A%2F%SP_IP_Address%2Fsimplesamlphp%2Fwww%2Fmodule.php%2Fcore%2Fwebhome%2Fsaml_auth_index.php







--
View this message in context: http://shibboleth.1660669.n2.nabble.com/SAML-response-error-No-return-endpoint-available-for-relying-party-tp7591912p7592058.html
Sent from the Shibboleth - Users mailing list archive at Nabble.com.


More information about the users mailing list