Spring Security Saml + Idp 3.1.2: The application you have accessed is not registered for use with this service

Павел Шашко pavel.shashko at gmail.com
Tue Aug 25 03:59:27 EDT 2015 

ok, I have reinstalled idp with default path (C:\opt\shibboleth-idp) and
took clear tomcat 8.

After reinstall I have done few steps:
- *configure tomcat connectors*
    <Connector port="80" protocol="HTTP/1.1"
            connectionTimeout="20000"
            redirectPort="8443" />

     <Connector port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"

 maxThreads="150"
 SSLEnabled="true"
 scheme="https"
 secure="true"
 clientAuth="want"
 keystoreFile="C:\opt\shibboleth-idp\credentials\idp-backchannel.p12"
 keystorePass="123456"
 keystoreType="PKCS12"
 trustManagerClassName="net.shibboleth.utilities.ssl.TrustAnyCertificate" />

- *copy to tomcat's lib dir 2 libs - trustany-ssl-1.0.0.jar
and jstl-1.2.jar*
- *deploy idp.war to tomcat and run status.bat - all is OK*

Next step I deсided to test my spring saml app. Steps:
*I use this
tutorial http://docs.spring.io/spring-security-saml/docs/current/reference/html/chapter-quick-start.html
<http://docs.spring.io/spring-security-saml/docs/current/reference/html/chapter-quick-start.html>*
- *I changed idp-metadata.xml as follows: (I add port 8443 because I think
https://localhost/idp. <https://localhost/idp.>.. is wrong url)*

  SingleSignOnService
Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="
https://localhost:8443/idp/profile/Shibboleth/SSO"/>
        <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="
https://localhost:8443/idp/profile/SAML2/POST/SSO"/>
        <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
Location="https://localhost:8443/idp/profile/SAML2/POST-SimpleSign/SSO"/>
        <SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="
https://localhost:8443/idp/profile/SAML2/Redirect/SSO"/>

*The error is the same:*

2015-08-25 10:33:00,425 - ERROR [net.shibboleth.idp.authn:-2] - Uncaught
runtime exception
org.springframework.webflow.definition.registry.FlowDefinitionConstructionException:
An exception occurred constructing the flow 'authn/Password'
        at
org.springframework.webflow.engine.builder.DefaultFlowHolder.assembleFlow(DefaultFlowHolder.java:111)
Caused by: org.springframework.webflow.engine.builder.FlowBuilderException:
Unable to get the model for this flow
        at
org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.doInit(FlowModelFlowBuilder.java:154)
Caused by:
org.springframework.webflow.engine.model.builder.FlowModelBuilderException:
Unable to find flow 'authn/conditions' to inherit from
        at
org.springframework.webflow.engine.model.builder.xml.XmlFlowModelBuilder.mergeFlows(XmlFlowModelBuilder.java:635)
Caused by:
org.springframework.webflow.engine.model.registry.NoSuchFlowModelException:
No flow model 'authn/conditions' found
        at
org.springframework.webflow.engine.model.registry.FlowModelRegistryImpl.getFlowModelHolder(FlowModelRegistryImpl.java:80)


I attach my idp and sp metadata files and securityContext.xml file

please help me understand my mistake

/Paul

2015-08-24 16:49 GMT+03:00 Cantor, Scott <cantor.2 at osu.edu>:

> On 8/24/15, 6:21 AM, "users on behalf of Павел Шашко" <
> users-bounces at shibboleth.net on behalf of pavel.shashko at gmail.com> wrote:
>
> >But in logs there is error:
>
> You have done something very unusual with your installation to get that
> kind of an error. You used some kind of unusual installation location and
> either triggered a bug or haven't configured things to account for that.
>
> Where did you tell it to install to, and why didn't you simply accept the
> default of c:\opt\shibboleth-idp?
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150825/e5ae1d29/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: urntestpshashkoklimovsk_sp.xml
Type: text/xml
Size: 5744 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20150825/e5ae1d29/attachment-0003.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: idp-metadata.xml
Type: text/xml
Size: 12343 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20150825/e5ae1d29/attachment-0004.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: securityContext.xml
Type: text/xml
Size: 14891 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20150825/e5ae1d29/attachment-0005.xml>

More information about the users mailing list