Need to modify AuthnContextClassRef in ExternalAuth

Cantor, Scott cantor.2 at
Tue Dec 22 09:37:01 EST 2015

This was held in the moderator queue and I wasn't around yesterday, thus the delay.

On 12/21/15, 3:19 PM, "users on behalf of Stefan Santesson" <users-bounces at on behalf of stefan at> wrote:

>It’s because I’m not really sure what you want to know.
>It’s a standard SAML 2 Browser SSO. Nothing out of the ordinary.
>I’m running a standard installed Shib IdP V3.2.1

I didn't really know how to ask what I'm asking. If it's standard SSO, that's what I was trying to find out. I cannot, FWIW, understand how it's physically possible to end up with this error in that case unless you are not in fact using up to date config files due to a problem during an upgrade. That's the only reason I could think of.

Looking at your log trace, that's my immediate guess. I need to do some comparisons to a correctly working run, but the logging I'm seeing suggests that your config is not in sync. You have older flow config files being used instead of up to date ones. I'm not aware of any way that would be possible. An upgrade will overwrite those files.

Can you send me a copy of what's in system/flows/saml/saml2/sso-abstract-flow.xml?

Or really to the point, see if "ClientStorageLoad" appears in that file. If so, I'm pretty lost. But it seems very clear to me you don't have the right files.

-- Scott

More information about the users mailing list