No value for Name ID requested

[Mike Flynn]

I should add, they claim no change on their side...


________________________________
 From: Mike Flynn <shibbolethlynda at yahoo.com>
To: Shib Users <users at shibboleth.net> 
Sent: Friday, February 22, 2013 1:08 PM
Subject: No value for Name ID requested
 

I have an Idp that has been online with us for a while.  Today a user reported this error to me:

opensaml:: FatalProfileException
The system encountered an error at Fri Feb 22 12:55:31 2013
To report this problem, please contact the site administrator at mflynn at lynda.com.
Please include the following message in any email:
opensaml:: FatalProfileException at (https://shib.lynda.com/ Shibboleth.sso/SAML2/POST)
SAML response contained an error.
Error from identity provider:Status: urn:oasis:names:tc:SAML:2.0:status:Responder
Message: No value for Name ID requested


Googling this, I see this:

Question:
I am attempting to test SP initiated SSO and while trying to log in at
>the IdP I receive a FatalProfileException from Shibboleth caused by the
>following Response status:
><samlp:Status>
>                <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/>
>                <samlp:StatusMessage>No value for Name ID requested</samlp:StatusMessage>
></samlp:Status>


Answer:
The IdP has a bug, it's requiring a value for Format inside NameIDPolicy
>in the SP's request.
The answer also references a setting that the SP can use to resolve this.  I assume my error is the same as above.  But why would this happen for a single user on the Idp after so much time online with us and not having an issue?

--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130222/37ba0d40/attachment.html