Upgrade IdPv2 to 3, error regarding relying-party

Cantor, Scott cantor.2 at osu.edu
Thu May 21 10:35:14 EDT 2015

On 5/21/15, 10:21 AM, "Moonlight" <mona0045 at gmail.com> wrote:

>Thanks for your reply. I am sorry, but I am confused.
>with simplified relying party version 2 and

Simplified doesn't mean anything here. There's legacy (V2) and non-legacy (V3/native Spring).

>#idp.service.relyingparty.resources= shibboleth.LegacyRelyingPartyResolverResources.

That is the opposite of the intended setting. You've commented out the property required to tell the system to handle a legacy RP file. The property is set by the upgrade script. Updating to a non-legacy file requires that it be commented out, as the documentation says.

>with #idp.service.relyingparty.resources=
>shibboleth.LegacyRelyingPartyResolverResources and new style relying-party.I

I think you have properties set specifying what credentials to use that don't exist because your upgraded system just copied in the old keypairs and you're trying to use settings that assume a fresh install.

The instructions on migrating from an upgraded configuration cover this.


Under Upgrade Tasks for relying-party.xml.

We don't care what you call the files at the end, but we can't go from an upgrade that doesn't touch them and keeps things mostly working to a default configuration that assumes the filenames are as normally generated, you have to account for any differences.

-- Scott

More information about the users mailing list