SP: Assertion contains an unacceptable AudienceRestriction
Scott Gerlach
sgerlach at gmail.com
Thu Aug 13 13:52:55 EDT 2015
Thanks for the info Scott!
>Trace the SAML and see what it's putting in there.
So I removed the trailing slash and traced the SAML and get the same error,
but here is the SAML that's being posted back to the Shibboleth endpoint
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData
InResponseTo="_82f54b67d5db3a8a27d37ce4c86ab246"
NotOnOrAfter="2015-08-13T17:52:13.156Z"
Recipient="https://myserver.com/Shibboleth.sso/SAML2/POST"
/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2015-08-13T17:42:13.156Z"
NotOnOrAfter="2015-08-13T17:52:13.156Z"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
>
<saml2:AudienceRestriction>
<saml2:Audience>https://myserver.com</saml2:Audience>
</saml2:AudienceRestriction>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150813/1a31307c/attachment-0001.html>
More information about the users
mailing list