Hi All,<div><br></div><div>I am trying to test the shibboleth SP with IDP. I have configured my SP with Apache. And configured IDP with Tomcat. </div><div><br></div><div>Following is my configuration:</div><div><br></div><div>
SP: (shibboleth2.xml)</div><div><div><br></div><div> <ApplicationDefaults entityID=<b>"<a href="http://machineA/shibboleth">http://machineA/shibboleth</a></b>"</div><div> REMOTE_USER="eppn persistent-id targeted-id"></div>
<div> <Sessions lifetime="28800" timeout="3600" checkAddress="false" relayState="ss:mem" handlerSSL="false"></div><div> <SSO entityID="<b><a href="https://machineA:8443/idp/shibboleth">https://machineA:8443/idp/shibboleth</a></b>"></div>
<div> SAML2 SAML1</div><div> </SSO></div></div><div><br></div><div>IDP:</div><div><br></div><div>IDP metadata is accesible on "<a href="https://machineA:8443/idp/shibboleth">https://machineA:8443/idp/shibboleth</a>" and entityID in metadata is also same.</div>
<div><br></div><div><br></div><div>When i start the SP, IDP's metadata is getting loaded according to the "<MetadataProvider>" configuration. </div><div><br></div><div>And when i issue the login url "<a href="http://machineA/Shibboleth.sso/Login">http://machineA/Shibboleth.sso/Login</a>" user is getting authenticated on IDP and i can see the response in SP logs. Bu after that i am getting <b>"Unable to establish security of incoming assertion".</b></div>
<div><b><br></b></div><div>I tried to find out the information on this error but i could not figure out the actual problem. Is there anything i am missing. Please help me to resolve this issue.</div><div><br></div><div>Thank you in Advance.</div>
<div>-Pavan</div>