Unable to resolve outbound message endpoint
Ian Rifkin
irifkin at brandeis.edu
Mon Apr 25 15:26:16 EDT 2016
Hi,
I'm running Shibboleth IdP v3.2.1 and trying to set things up to work with
a vendor (iModules) SP.
In the logs I see that it's "Unable to resolve outbound message endpoint".
Digging deeper I see that the assertion URL in their metadata file and in
the SAML request differ in the latter has &gid=1 appended to the end.
I saw a couple other schools wrote to this list when upgrading to IdPv3 and
that's when I learned about the skipEndpointValidationWhenSigned flag. I
tried applying this to the relying party and in the logs it does say
Message Handler: Validation of protocol message signature succeeded,
message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
But then it still goes on to the EndpointResolutionFailed part.
I will attempt to convey to the vendor that their URLs don't match, but is
there any other way, even as a temporary measure, I can get this to work?
Note: Their metadata file is in InCommon so I don't think I could even edit
it if I wanted to "fix" it for them.
Suggestions?
Thanks,
Ian
--
Ian Rifkin '04, MS '09
Software Systems Manager
Library and Technology Services (LTS)
Brandeis University
http://go.brandeis.edu/u:irifkin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160425/2c1264f3/attachment-0001.html>
More information about the users
mailing list