No value for Name ID requested

Mike Flynn shibbolethlynda at
Fri Feb 22 16:29:51 EST 2013

I should add, they claim no change on their side...

 From: Mike Flynn <shibbolethlynda at>
To: Shib Users <users at> 
Sent: Friday, February 22, 2013 1:08 PM
Subject: No value for Name ID requested

I have an Idp that has been online with us for a while.  Today a user reported this error to me:

opensaml:: FatalProfileException
The system encountered an error at Fri Feb 22 12:55:31 2013
To report this problem, please contact the site administrator at mflynn at
Please include the following message in any email:
opensaml:: FatalProfileException at ( Shibboleth.sso/SAML2/POST)
SAML response contained an error.
Error from identity provider:Status: urn:oasis:names:tc:SAML:2.0:status:Responder
Message: No value for Name ID requested

Googling this, I see this:

I am attempting to test SP initiated SSO and while trying to log in at
>the IdP I receive a FatalProfileException from Shibboleth caused by the
>following Response status:
>                <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/>
>                <samlp:StatusMessage>No value for Name ID requested</samlp:StatusMessage>

The IdP has a bug, it's requiring a value for Format inside NameIDPolicy
>in the SP's request.
The answer also references a setting that the SP can use to resolve this.  I assume my error is the same as above.  But why would this happen for a single user on the Idp after so much time online with us and not having an issue?

To unsubscribe from this list send an email to users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list