IdP initiated SSO
shibbolethlynda at yahoo.com
Thu Feb 7 15:43:16 EST 2013
OK, I used this example for the IDp:
The Idp tried both of these:
<saml:Conditions NotBefore="2013-02-07T19:51:27Z" NotOnOrAfter="2013-02-07T19:57:27Z">
<saml:Conditions NotBefore="2013-02-07T19:46:48Z" NotOnOrAfter="2013-02-07T19:52:48Z">
And gets this error with either one:
xmltooling::UnmarshallingException at (https://shib.lynda.com/Shibboleth.sso/SAML2/POST)
Invalid child element: AudienceRestriction
From: "Cantor, Scott" <cantor.2 at osu.edu>
To: Shib Users <users at shibboleth.net>
Sent: Thursday, February 7, 2013 11:40 AM
Subject: RE: IdP initiated SSO
> OK I dug up the setting in the Wiki, re-tested and we get this error:
Cool, or not so cool I suppose, that really should be getting logged. Sigh.
> AudienceRestriction must have at least one Audience
There's your bug then.
> Googling around with that, I assume the entityID for the request as the value
> for this should work, correct?
Yes, that's set to the entityID of your SP.
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users