Service Provider - IdP Initiated with ExternalApplicationOverrides

Chris Stefano stefano.chris at
Fri Nov 15 06:33:31 EST 2019


I've picked up a issue when using the "ExternalApplicationOverrides" method
of defining "ApplicationOverride" in separate files.

If the application configuration hasn't yet been loaded and you attempt an
IdP initiated authentication it fails with the following message:

> No destination registered for incoming message addressed to

For SP initiated authentication the ApplicationOverride loads fine and any
subsequent IdP initiated authentication requests work thereafter.

Moving the ApplicationOverride back into the shibboleth2.xml file works so
there is nothing wrong with the configuration.

I'm using Apache with mod_shib with latest stable Shibboleth SP version
3.0.4 on an Ubuntu server.

For the time being, I've added a step to my deployment process to make an
SP initiated authentication request to get the application configuration
loaded, but would prefer not to have this workaround.

Any assistance is appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list