Spring Security Saml + Idp 3.1.2: The application you have accessed is not registered for use with this service

Павел Шашко pavel.shashko at gmail.com
Tue Aug 25 04:40:21 EDT 2015 

I resolve problem. Additional to steps in last letter I add this to idp
webapp web.xml:
<context-param>
<param-name>idp.home</param-name>
<param-value>C:/opt/shibboleth-idp</param-value>
    </context-param>

thanks, guys :)

2015-08-25 10:59 GMT+03:00 Павел Шашко <pavel.shashko at gmail.com>:

> ok, I have reinstalled idp with default path (C:\opt\shibboleth-idp) and
> took clear tomcat 8.
>
> After reinstall I have done few steps:
> - *configure tomcat connectors*
>     <Connector port="80" protocol="HTTP/1.1"
>             connectionTimeout="20000"
>             redirectPort="8443" />
>
>      <Connector port="8443"
> protocol="org.apache.coyote.http11.Http11NioProtocol"
>
>  maxThreads="150"
>  SSLEnabled="true"
>  scheme="https"
>  secure="true"
>  clientAuth="want"
>  keystoreFile="C:\opt\shibboleth-idp\credentials\idp-backchannel.p12"
>  keystorePass="123456"
>  keystoreType="PKCS12"
>  trustManagerClassName="net.shibboleth.utilities.ssl.TrustAnyCertificate"
> />
>
> - *copy to tomcat's lib dir 2 libs - trustany-ssl-1.0.0.jar
> and jstl-1.2.jar*
> - *deploy idp.war to tomcat and run status.bat - all is OK*
>
> Next step I deсided to test my spring saml app. Steps:
> *I use this
> tutorial http://docs.spring.io/spring-security-saml/docs/current/reference/html/chapter-quick-start.html
> <http://docs.spring.io/spring-security-saml/docs/current/reference/html/chapter-quick-start.html>*
> - *I changed idp-metadata.xml as follows: (I add port 8443 because I
> think https://localhost/idp. <https://localhost/idp.>.. is wrong url)*
>
>   SingleSignOnService
> Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="
> https://localhost:8443/idp/profile/Shibboleth/SSO"/>
>         <SingleSignOnService
> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="
> https://localhost:8443/idp/profile/SAML2/POST/SSO"/>
>         <SingleSignOnService
> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
> Location="https://localhost:8443/idp/profile/SAML2/POST-SimpleSign/SSO"/>
>         <SingleSignOnService
> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="
> https://localhost:8443/idp/profile/SAML2/Redirect/SSO"/>
>
> *The error is the same:*
>
> 2015-08-25 10:33:00,425 - ERROR [net.shibboleth.idp.authn:-2] - Uncaught
> runtime exception
> org.springframework.webflow.definition.registry.FlowDefinitionConstructionException:
> An exception occurred constructing the flow 'authn/Password'
>         at
> org.springframework.webflow.engine.builder.DefaultFlowHolder.assembleFlow(DefaultFlowHolder.java:111)
> Caused by:
> org.springframework.webflow.engine.builder.FlowBuilderException: Unable to
> get the model for this flow
>         at
> org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.doInit(FlowModelFlowBuilder.java:154)
> Caused by:
> org.springframework.webflow.engine.model.builder.FlowModelBuilderException:
> Unable to find flow 'authn/conditions' to inherit from
>         at
> org.springframework.webflow.engine.model.builder.xml.XmlFlowModelBuilder.mergeFlows(XmlFlowModelBuilder.java:635)
> Caused by:
> org.springframework.webflow.engine.model.registry.NoSuchFlowModelException:
> No flow model 'authn/conditions' found
>         at
> org.springframework.webflow.engine.model.registry.FlowModelRegistryImpl.getFlowModelHolder(FlowModelRegistryImpl.java:80)
>
>
> I attach my idp and sp metadata files and securityContext.xml file
>
> please help me understand my mistake
>
> /Paul
>
> 2015-08-24 16:49 GMT+03:00 Cantor, Scott <cantor.2 at osu.edu>:
>
>> On 8/24/15, 6:21 AM, "users on behalf of Павел Шашко" <
>> users-bounces at shibboleth.net on behalf of pavel.shashko at gmail.com> wrote:
>>
>> >But in logs there is error:
>>
>> You have done something very unusual with your installation to get that
>> kind of an error. You used some kind of unusual installation location and
>> either triggered a bug or haven't configured things to account for that.
>>
>> Where did you tell it to install to, and why didn't you simply accept the
>> default of c:\opt\shibboleth-idp?
>>
>> -- Scott
>>
>> --
>> To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150825/7f4dc4db/attachment.html>

More information about the users mailing list