No value for Name ID requested
Mike Flynn
shibbolethlynda at yahoo.com
Fri Feb 22 16:08:28 EST 2013
I have an Idp that has been online with us for a while. Today a user reported this error to me:
opensaml::FatalProfileException
The system encountered an error at Fri Feb 22 12:55:31 2013
To report this problem, please contact the site administrator at mflynn at lynda.com.
Please include the following message in any email:
opensaml::FatalProfileException at (https://shib.lynda.com/Shibboleth.sso/SAML2/POST)
SAML response contained an error.
Error from identity provider:Status: urn:oasis:names:tc:SAML:2.0:status:Responder
Message: No value for Name ID requested
Googling this, I see this:
Question:
I am attempting to test SP initiated SSO and while trying to log in at
>the IdP I receive a FatalProfileException from Shibboleth caused by the
>following Response status:
><samlp:Status>
> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/>
> <samlp:StatusMessage>No value for Name ID requested</samlp:StatusMessage>
></samlp:Status>
Answer:
The IdP has a bug, it's requiring a value for Format inside NameIDPolicy
>in the SP's request.
The answer also references a setting that the SP can use to resolve this. I assume my error is the same as above. But why would this happen for a single user on the Idp after so much time online with us and not having an issue?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130222/4872c3f2/attachment.html
More information about the users
mailing list