CA SiteMinder IDP and Shibboleth SP
Peter Schober
peter.schober at univie.ac.at
Tue May 26 11:28:04 EDT 2015
* Bhattacharjee, Raja <Raja.Bhattacharjee at Level3.com> [2015-05-26 16:13]:
> [05/18/2015][19:08:42][2516][2552][1775d395-9edf9f17-457f6763-e8894ddd-729c5648-10fb][SSO.java][processAssertionGeneration][Denying
> request due to "NO" returned from SAML2 assertion generator.]
> [05/18/2015][19:08:42][2516][2552][1775d395-9edf9f17-457f6763-e8894ddd-729c5648-10fb][ErrorRedirectionHandler.java][redirectToErrorPage][Sending
> HTTP Error 500 ]
For the reason this other software generates an HTTP 500 error you'd
have to ask them (or the vendor).
> shibd.log (on our side) the last action was (which is correct)...
>
> 2015-05-22 20:16:50 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [92]: marshalled message:
> <samlp:AuthnRequest
> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
> AssertionConsumerServiceURL="https://shibsp.acmewidget.com/customer1/Shibboleth.sso/SAML2/POST"
> Destination="https://customer.idp.com/affwebservices/public/saml2sso"
> ID="_6e459925ae82dab6d2dd3d83de95fffc"
> IssueInstant="2015-05-22T20:16:50Z"
> ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
> Version="2.0"><saml:Issuer
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://
> shibsp.acmewidget.com/customer1/shibboleth</saml:Issuer><samlp:NameIDPolicy<https://collaboration-sso.cfer.com/nvidia/shibboleth%3c/saml:Issuer%3e%3csamlp:NameIDPolicy>
> AllowCreate="1"/></samlp:AuthnRequest>
That's badly messed up (and incorrect) XML, but probably from your
Mail User Agent.
-peter
More information about the users
mailing list