Occasional SAML exception during SP/IdP handshake
Saimon Moore
saimonmoore at gmail.com
Fri Jul 26 05:13:58 EDT 2013
Hi,
I'm setting up a Shibboleth Service Provider and have it now working pretty
well in our staging environment.
Most times I can successfully complete the authentication round trip but
occasionally I get the following exception on the initial request to the
IdP (from the EDS and before authenticating with the IdP).
opensaml::FatalProfileException
The system encountered an error at Thu Jul 25 19:16:47 2013
To report this problem, please contact the site administrator at
support at example.org.
Please include the following message in any email:
opensaml::FatalProfileException at (
https://shibtest.teambox.com/Shibboleth.sso/SAML2/POST)
SAML response contained an error.
Error from identity provider:
Status: urn:oasis:names:tc:SAML:2.0:status:Responder
Sub-Status: urn:oasis:names:tc:SAML:2.0:status:AuthnFailed
After clearing cookies and retrying it works fine.
I was hoping someone could provide some pointers as to how I can go about
debugging this issue.
Any advice will be much appreciated.
Regards,
Saimon Moore
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130726/0b3fdd60/attachment.html
More information about the users
mailing list