warn message in idp log

Cantor, Scott cantor.2 at osu.edu
Thu Dec 3 17:07:43 EST 2015

On 12/3/15, 4:32 PM, "users on behalf of Hong Ye" <users-bounces at shibboleth.net on behalf of hy93 at cornell.edu> wrote:

>We are running Shibboleth IDP 3.2.0 on a test server. I saw these warning message in idp-warn.log. What does it mean and how to resolve it?

I think that means you have no metadata for the requester. It probably won't have reached the stage of determining that the request is unverified and decided whether to fail or not by then, so the warning is probably unfixable in a no-metadata scenario.

Not ideal to have a WARN in that situation I would say since it's good practice to not ignore warnings, so if you wanted to file a RFE on that we could tweak it down to INFO. For most deployments, it's unusual to routinely handle requests with no metadata, so DEBUG is probably a bit low.

-- Scott

>2015-12-03 16:27:31,760 - WARN [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:60] - SAMLPeerContext did not contain either a SAMLMetadataContext or a RoleDescriptor,
> unable to evaluate rule

More information about the users mailing list