sp.testshib.org error

Kevin Foote kpfoote at uoregon.edu
Sun Nov 8 01:45:26 EST 2015


You have multiple metadata files on disk for your entityID. 
This could be leading to your issue. 
Please let me know which one you want to keep … 



-rw-r--r-- 1 apache apache 12558 Oct 16 07:31 idp-inflib.xml
-rw-r--r-- 1 apache apache 12542 Nov  4 05:00 infedmetadata.xml
-rw-r--r-- 1 apache apache 12542 Nov  4 06:16 infedtest.xml
-rw-r--r-- 1 apache apache 12558 Nov  3 08:08 infonetidp.xml
-rw-r--r-- 1 apache apache 12550 Oct 20 03:29 infoshibtest.xml
-rw-r--r-- 1 apache apache 12517 Oct 21 03:00 test-infed-idp.xml
-rw-r--r-- 1 apache apache 12525 Oct 26 03:23 testinfonetmetadata.xml


--------
thanks
 kevin.foote

> On Nov 7, 2015, at 10:33 PM, Raja Scientist B (CS) <raja at inflibnet.ac.in> wrote:
> 
> Hi,
> I am testing for sp.testshib.org with my IdP installation. Getting below error. Please guide me.
> 
> a3C1UYUnpa00eB/6O2DeA5ctU9lQPP6ZybBpeRY092NFQN4T/UJWzuSlfKOwWWIIgGt5G2lDx9h9
> jSQ/oBkOQ9EXnnBO8pZQEzCHoyc9BoYUwL3NVXuUdznAnTJbnPuuQ2Oq8QEhL+MUijMM4+lyxKtE
> Z/OK7o4GkCGdZ3I73jaNIYgF++B8Cp0XA9J5gEkiwcHji4XwXaycjBy7K9oCng==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/><saml2p:StatusMessage>An error occurred.</saml2p:StatusMessage></saml2p:Status></saml2p:Response>
> 2015-11-08 01:13:04 DEBUG OpenSAML.MessageDecoder.SAML2 [1369]: extracting issuer from SAML 2.0 protocol message
> 2015-11-08 01:13:04 DEBUG OpenSAML.MessageDecoder.SAML2 [1369]: message from (
> https://infonet.inflibnet.ac.in/idp/shibboleth
> )
> 2015-11-08 01:13:04 DEBUG OpenSAML.MessageDecoder.SAML2 [1369]: searching metadata for message issuer...
> 2015-11-08 01:13:04 DEBUG OpenSAML.SecurityPolicyRule.MessageFlow [1369]: evaluating message flow policy (replay checking on, expiration 60)
> 2015-11-08 01:13:04 DEBUG XMLTooling.StorageService [1369]: inserted record (_70f28f760fab4b3eadabc971b4ff937e) in context (MessageFlow) with expiration (1446963427)
> 2015-11-08 01:13:04 DEBUG OpenSAML.SecurityPolicyRule.XMLSigning [1369]: validating signature profile
> 2015-11-08 01:13:04 DEBUG XMLTooling.CredentialCriteria [1369]: keys didn't match
> 2015-11-08 01:13:04 DEBUG XMLTooling.TrustEngine.ExplicitKey [1369]: attempting to validate signature with the peer's credentials
> 2015-11-08 01:13:04 DEBUG XMLTooling.TrustEngine.ExplicitKey [1369]: signature validated with credential
> 2015-11-08 01:13:04 DEBUG OpenSAML.SecurityPolicyRule.XMLSigning [1369]: signature verified against message issuer
> 2015-11-08 01:13:04 DEBUG Shibboleth.SSO.SAML2 [1369]: processing message against SAML 2.0 SSO profile
> 2015-11-08 01:16:25 DEBUG Shibboleth.Listener [1370]: dispatching message (default/TestShib::run::SAML2SI)
> 2015-11-08 01:16:25 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1370]: validating input
> 2015-11-08 01:16:25 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1370]: marshalling, deflating, base64-encoding the message
> 2015-11-08 01:16:25 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1370]: marshalled message:
> <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="
> https://sp.testshib.org/Shibboleth.sso/SAML2/POST" Destination="https://infonet.inflibnet.ac.in/idp/profile/SAML2/Redirect/SSO" ID="_d06fdd86aead614a681afef05b6d8c2d" IssueInstant="2015-11-08T06:16:25Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://sp.testshib.org/shibboleth-sp
> </saml:Issuer><samlp:NameIDPolicy AllowCreate="1"/></samlp:AuthnRequest>
> 2015-11-08 01:16:25 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1370]: message encoded, sending redirect to client
> 2015-11-08 01:17:28 DEBUG Shibboleth.Listener [1374]: dispatching message (default/SAML2/POST)
> 2015-11-08 01:17:28 DEBUG OpenSAML.MessageDecoder.SAML2POST [1374]: validating input
> 2015-11-08 01:17:28 DEBUG OpenSAML.MessageDecoder.SAML2POST [1374]: decoded SAML message:
> <?xml version="1.0" encoding="UTF-8"?>
> <saml2p:Response Destination="
> https://sp.testshib.org/Shibboleth.sso/SAML2/POST" ID="_c4343ce1c23d77c499e457cc51620d75" InResponseTo="_d06fdd86aead614a681afef05b6d8c2d" IssueInstant="2015-11-08T06:17:31.080Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://infonet.inflibnet.ac.in/idp/shibboleth</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/><ds:Reference URI="#_c4343ce1c23d77c499e457cc51620d75"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512
> "/><ds:DigestValue>sq1gIomkGB59aOVnT1MzqLQeKKScxlHNoMbt9m5Uh21KiiKxCphfxojzpiu2/wKxlHRLyeNE9o+OwQUjyeGoyw==</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>SFFKpWxGvmAcGBv0BTkmlQPW4YEdep2C8qUUDS9PHG/HbmemygzPCTRaW62cYymD5WvROanS33rUEPFKSgaNZpLyxTU53yIVND4OfYKtAQCeycNG861rpRQIt6toUNsj4W6KMvPhyUwKYgbcOHOD/KLppogGgLvl38WZvKO7B+WhSXNcb1G21ie7dbJpTgx8cBsirmH0s2BZY8Ko+NCUl01EGr8T7tzdyeIvbwk6h3Vwmu+deRsrlDchWCRCggq7lSmxofv50ZrerE+6TAmpq/Dos2Y95i9tSyidHf/QcpGTLDgO1YiHwNpUiJL6jJrdotrbIY95WqZFleq561C9/A==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDSDCCAjCgAwIBAgIVAO4T2siWohDjWjO/74yQTR85BYTmMA0GCSqGSIb3DQEBCwUAMCIxIDAe
> BgNVBAMMF2luZm9uZXQuaW5mbGlibmV0LmFjLmluMB4XDTE1MTEwNDA5MzIzMloXDTM1MTEwNDA5
> MzIzMlowIjEgMB4GA1UEAwwXaW5mb25ldC5pbmZsaWJuZXQuYWMuaW4wggEiMA0GCSqGSIb3DQEB
> AQUAA4IBDwAwggEKAoIBAQCbsofn7oj4pEkFuUvuVT6M3SUHTysvwacYt0w6rdT7RYC7E/VAMxw2
> udbBdpodeX6/iQI9kc2EsTmU5aQE3tG5nZIjPK51evg2DN6RoprddNoYXVgOL6CWNW+fTpHn8+78
> KIPzs50jEct1xkIbTuITxUQuPv4aLRjFVNQh/YffbX8HGM82Qe58Rateh4c0p5Uy1VfvTHp9b9ut
> bfVNVy6JDn1prb2w+RQ/HuA3MTcF6deDVBZe39kya9OlngE9lW2jSQwMfJqxSO54xCzT67peZrFh
> uaPAd9ePQKVaocS2dwJWlC1lWZaM4f3EeXOZGnEJ8sFuQqSj61dldngPRAn9AgMBAAGjdTBzMB0G
> A1UdDgQWBBR7muaaK2YeybT/uaQHaHbVppEOmDBSBgNVHREESzBJghdpbmZvbmV0LmluZmxpYm5l
> dC5hYy5pboYuaHR0cHM6Ly9pbmZvbmV0LmluZmxpYm5ldC5hYy5pbi9pZHAvc2hpYmJvbGV0aDAN
> BgkqhkiG9w0BAQsFAAOCAQEAAKI+J41YeCk2dBxC1KCU+j4JdxqS2dWOzb2PZNYVeV/eC+BeBeOP
> 4E0EWnirTZbKtvoDRKGjIzwFRHHGT40xILMrL15H4BzZrzajVEtI+Kzuasi4Im+L7pd9ngm8+HsA
> a3C1UYUnpa00eB/6O2DeA5ctU9lQPP6ZybBpeRY092NFQN4T/UJWzuSlfKOwWWIIgGt5G2lDx9h9
> jSQ/oBkOQ9EXnnBO8pZQEzCHoyc9BoYUwL3NVXuUdznAnTJbnPuuQ2Oq8QEhL+MUijMM4+lyxKtE
> Z/OK7o4GkCGdZ3I73jaNIYgF++B8Cp0XA9J5gEkiwcHji4XwXaycjBy7K9oCng==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/><saml2p:StatusMessage>An error occurred.</saml2p:StatusMessage></saml2p:Status></saml2p:Response>
> 2015-11-08 01:17:28 DEBUG OpenSAML.MessageDecoder.SAML2 [1374]: extracting issuer from SAML 2.0 protocol message
> 2015-11-08 01:17:28 DEBUG OpenSAML.MessageDecoder.SAML2 [1374]: message from (
> https://infonet.inflibnet.ac.in/idp/shibboleth
> )
> 2015-11-08 01:17:28 DEBUG OpenSAML.MessageDecoder.SAML2 [1374]: searching metadata for message issuer...
> 2015-11-08 01:17:28 DEBUG OpenSAML.SecurityPolicyRule.MessageFlow [1374]: evaluating message flow policy (replay checking on, expiration 60)
> 2015-11-08 01:17:28 DEBUG XMLTooling.StorageService [1374]: inserted record (_c4343ce1c23d77c499e457cc51620d75) in context (MessageFlow) with expiration (1446963691)
> 2015-11-08 01:17:28 DEBUG OpenSAML.SecurityPolicyRule.XMLSigning [1374]: validating signature profile
> 2015-11-08 01:17:28 DEBUG XMLTooling.CredentialCriteria [1374]: keys didn't match
> 2015-11-08 01:17:28 DEBUG XMLTooling.TrustEngine.ExplicitKey [1374]: attempting to validate signature with the peer's credentials
> 2015-11-08 01:17:28 DEBUG XMLTooling.TrustEngine.ExplicitKey [1374]: signature validated with credential
> 2015-11-08 01:17:28 DEBUG OpenSAML.SecurityPolicyRule.XMLSigning [1374]: signature verified against message issuer
> 2015-11-08 01:17:28 DEBUG Shibboleth.SSO.SAML2 [1374]: processing message against SAML 2.0 SSO profile
> 
> 
> 
> 
> Thanks,
> Raja V
> 
> -- 
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net



More information about the users mailing list