Unknown or Unusable Identity Provider issue...

Dennis Fazekas Dennis_Fazekas at SHI.com
Fri Apr 5 13:31:10 EDT 2019


We have a customer whom we cannot get working. We are seeing the following error from Shibboleth. I'm wondering if the problem is related to the customer's entityID; since it's not a valid URI.

Here is the snippet from the customer's metadata:

Snippet from partnermetadata/lly.production.xml

<md:EntityDescriptor ID="cADhVl_SqndvQACPbar0ae8GkKK" cacheDuration="PT1440M" entityID="lly-qa:saml2:idp" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">



In our shibboleth2.xml the MetadataProviders has the following entry which is correctly mapped to the customer's metadata.

<MetadataProvider type="XML" file="partnermetadata/lly.production.xml"/>

Unknown or Unusable Identity Provider

The identity provider supplying your login credentials is not authorized for use with this service or does not support the necessary capabilities.

To report this problem, please contact the site administrator at [cut_out].

Please include the following error message in any email:

Identity provider lookup failed at (https://sp.shi.com/Shibboleth.sso/Login)

EntityID: lly-qa:saml2:idp

opensaml::saml2md::MetadataException: Unable to locate metadata for identity provider (lly-qa:saml2:idp)

Any help would greatly be appreciated. Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190405/73674863/attachment.html>

More information about the users mailing list