Request missing SAMLResponse or TARGET form parameters.
Cantor, Scott
cantor.2 at osu.edu
Wed Dec 3 09:51:48 EST 2014
On 12/3/14, 11:09 AM, "Shirlei" <shirlei at gmail.com> wrote:
>Hello!
>Guys, I'm trying to communicate a shibboleth sp to a simplesaml idp and at
>the end of the login process, I got this error:
>
>opensaml::BindingException at
>(https://200.237.193.112/Shibboleth.sso/SAML/POST)
>Request missing SAMLResponse or TARGET form parameters.
That means what it says. Whatever you're doing, it's not a proper
integration. SSP works just fine, so you're doing something wrong
yourself, apparently trying to access the SP's SAML endpoint by hand or
something.
>I know by reading other threads that this is version related.
No, it's not.
> I installed saml tracer plugin and I can see that:
>
><saml1p:Response
>xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol"
> IssueInstant="2014-12-03T10:59:16.133Z"
> MajorVersion="1"
> MinorVersion="1"
>
>Recipient="https://<HOST>/simplesaml/module.php/saml/sp/saml1-acs.
>php/default-sp"
That shows a response issued to a SimpleSAML SP, not a Shibboleth SP.
>(...)
>
> <saml1:Assertion
>xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
>
>AssertionID="_161dee348388d012ea9243e8c72cd860"
> IssueInstant="2014-12-03T10:59:16.133Z"
> Issuer="https://<HOST>/idp/shibboleth"
And that suggests (just due to conventions for entityIDs) that the IdP is
Shibboleth. Exactly the opposite of what you claim to be doing.
>Where should I put effort to solve this version issue: on the sp side or
>on
>the IdP side? This is not clear to me.
It isn't clear to me what you're even doing.
-- Scott
More information about the users
mailing list