Unable to establish security of incoming assertion
Justin Russo
justin9 at ymail.com
Thu Jun 27 16:31:31 EDT 2013
Hi Scott,
I've checked the url you sent, but how do i turn up logging ?
should i send you the details from transact.log ?
Im currently using the shibboleth version.
the version of shibboleth im using is the one release prior to 17-Jun-2013.
thanks
Justin
________________________________
From: "Cantor, Scott" <cantor.2 at osu.edu>
To: Shib Users <users at shibboleth.net>
Sent: Thursday, June 27, 2013 4:16 PM
Subject: Re: Unable to establish security of incoming assertion
On 6/27/13 4:11 PM, "Justin Russo" <justin9 at ymail.com> wrote:
>Initially when i set up shibboleth for the first time i test using
>University of south California idp.
>Now when im trying to connect to my IDP provider "ABC Company" i used the
>existing shibboleth2.xml file and modified it accordingly.
Don't. Use a modern 2.5 shibboleth2.xml without all that complexity in it.
Change the entityID in the <SSO> element, supply metadata, and that's it.
>do you think this is the cause
No. I think your IdP is the cause, I don't think it's configured sensibly,
unless it's Shibboleth, in which case I don't know how you got it to do
something so odd.
I told you to turn up logging, and get a dump of the SAML message, and see
if any other information surrounds the warning in the log.
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPLogging
-- Scott
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130627/041326ab/attachment.html
More information about the users
mailing list