ADFS with shib SP metadata problem
Luke Alexander
luke at brandwatch.com
Mon May 11 09:52:46 EDT 2015
On Mon, May 11, 2015 at 01:28:01PM +0000, Cantor, Scott wrote:
> On 5/11/15, 8:01 AM, "Luke Alexander" <luke at brandwatch.com> wrote:
> >
> >We are trying to integrate our app with one of our clients who uses
> >ADFS, they have successfully imported our metadata for our staging
> >system into their staging ADFS but they are unable to import our
> >production metadata into their production ADFS, the error they get is:
>
> ADFS is probably trying to pull in the metadata remotely from a location with a cert it doesn't trust. Most uses of ADFS involve directly loading the metadata, not pulling it remotely. The security semantics of that feature are questionable at best.
>
Thanks Scott, I will check with the client what ADFS is trying to do
(although I won't be surprised if they know, as this is a MS product),
they are just trying to import a local metadata file - if you did
manage to view the image I sent in the response to Peter you should be
able to see that option in the background behind the error.
That said, it still does seem like ADFS _is_ trying to connect even
when the metadata file is being imported locally...
Thanks anyway
Luke
More information about the users
mailing list