No value for Name ID requested

Mike Flynn shibbolethlynda at
Fri Feb 22 16:08:28 EST 2013

I have an Idp that has been online with us for a while.  Today a user reported this error to me:

The system encountered an error at Fri Feb 22 12:55:31 2013
To report this problem, please contact the site administrator at mflynn at
Please include the following message in any email:
opensaml::FatalProfileException at (
SAML response contained an error.
Error from identity provider:Status: urn:oasis:names:tc:SAML:2.0:status:Responder
Message: No value for Name ID requested

Googling this, I see this:

I am attempting to test SP initiated SSO and while trying to log in at
>the IdP I receive a FatalProfileException from Shibboleth caused by the
>following Response status:
>                <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/>
>                <samlp:StatusMessage>No value for Name ID requested</samlp:StatusMessage>

The IdP has a bug, it's requiring a value for Format inside NameIDPolicy
>in the SP's request.
The answer also references a setting that the SP can use to resolve this.  I assume my error is the same as above.  But why would this happen for a single user on the Idp after so much time online with us and not having an issue?
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list