Translate meta data to SSO tag
ndk at signet.id
Thu Dec 3 18:01:17 UTC 2020
> I have successfully tested my Shibboleth set up against SAML test: https://samltest.id/ <https://samltest.id/>
Thanks for using SAMLtest.
> <SSO entityID="https://idp-dev.nss.udel.edu/idp/shibboleth <https://idp-dev.nss.udel.edu/idp/shibboleth>" discoveryProtocol="SAMLDS" discoveryURL="https://idp-dev.nss.udel.edu/idp/profile/Shibboleth/SSO <https://idp-dev.nss.udel.edu/idp/profile/Shibboleth/SSO>">
> opensaml::saml2md::MetadataException: Unable to locate metadata for
> identity provider (https://idp-dev.nss.udel.edu/idp/shibboleth <https://idp-dev.nss.udel.edu/idp/shibboleth>)
You just need to load the metadata for their identity provider. You also don't need any of the discovery attributes if your SP will be pointing directly at a single IdP. A quick check shows that their metadata is available at https://idp-dev.nss.udel.edu/idp/shibboleth, so you can just load it directly by adding to shibboleth2.xml next to the other MetadataProvider elements:
<MetadataProvider type="XML" url="https://idp-dev.nss.udel.edu/idp/shibboleth" backingFilePath="dev-udel-metadata.xml.bck" />
That should get you past this issue and probably all others. Eventually you'll want to rely on InCommon or another authority and signed metadata. I'm not sure what those <script> elements will do to the parser, but you may need to remove those and host a local copy without them. You'll see errors on startup of shibd if there's an issue.
More information about the users