Invalid Metadata on different versions of IdP
Michael Dahlberg
olgamirth at gmail.com
Thu Aug 30 06:50:45 EDT 2018
Rod:
That fixed it. I'm not sure why though. I always thought the "validUntil"
option was more of a suggestion rather than an actual validity range. The
reason I came to this conclusion was because a number of other SP's
metadata had "ValidUntil" values that would have resulted in in expired
metadata. Also, the process log contains many statements like
06:42:21.742 - WARN
[org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver:441]
- [] - Metadata Resolver FilesystemMetadataResolver bomgarMD: Entire
metadata document from '/usr/local/idp/metadata/bomgar.xml' was expired at
time of loading, existing metadata retained
06:42:21.742 - INFO
[org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver:324]
- [] - Metadata Resolver FilesystemMetadataResolver bomgarMD: Next refresh
cycle for metadata provider '/usr/local/idp/metadata/bomgar.xml' will occur
on '2018-08-30T10:47:21.742Z' ('2018-08-30T06:47:21.742-04:00' local time)
Am I incorrect? Should I be monitoring the loaded metadata from my SPs for
valid validity ranges?
Thanks,
Mike
On Thu, Aug 30, 2018 at 4:51 AM Rod Widdowson <rdw at steadingsoftware.com>
wrote:
> Check your metadata validity
>
> > " validUntil="2016-10-28T15:57:24.783Z"
>
>
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180830/507db6b9/attachment.html>
More information about the users
mailing list