<div dir="ltr"><div>Here is my metadata provider, currently the only configured provider:</div><div><br></div><div><blockquote class="gmail_quote" style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><MetadataProvider id="LocalEntityMetadataCRC" xsi:type="FilesystemMetadataProvider"</blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">                      metadataFile="/opt/shibboleth-idp/metadata/meta-cert2.xml"></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">        <MetadataFilter xsi:type="Predicate" direction="include" removeEmptyEntitiesDescriptors="true"></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">            <Entity><a href="https://mySP/rest/v2/sso/message/shibboleth/metadata">https://mySP/rest/v2/sso/message/shibboleth/metadata</a></Entity></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">        </MetadataFilter> </blockquote></blockquote><blockquote class="gmail_quote" style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"></MetadataProvider></blockquote></blockquote><br></div><div><div><br></div><div>The metadata contains the following: </div></div><div class="gmail-m_4787229116508880199gmail_signature"><div dir="ltr"><p></p><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">entityID="<a href="https://mySP.net/">https://mySP.net/</a><wbr>rest/v2/sso/message/<wbr>shibboleth/metadata"</span><br style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">ID="_<wbr>ef844bd930b2aed9154854a0cb80ae<wbr>78"</span><br></div><div dir="ltr"><br></div><div><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">When I try to access the IdP's login page, the logs say:</span></div><div><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span style="background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Metadata Resolver FilesystemMetadataResolver LocalEntityMetadataCRC: Metadata backing store does not contain any EntityDescriptors with the ID: <a href="https://mySP.net/rest/v2/sso/message/shibboleth/metadata">https://mySP.net/rest/v2/sso/message/shibboleth/metadata</a></span></blockquote><div><br></div><div>Which I understand it appears to be looking at the ID instead of the entityID.</div><div><br></div><div>Here is my relying party:</div><div><br></div><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><bean parent="RelyingPartyByName" c:relyingPartyIds="<a href="https://mySP.net/rest/v2/sso/message/shibboleth/metadata">https://mySP.net/rest/v2/sso/message/shibboleth/metadata</a>"><br>            <property name="profileConfigurations"><br>                <list><br>                    <bean parent="SAML2.SSO" p:postAuthenticationFlows="attribute-release" p:encryptAssertions="false" /><br>                </list><br>            </property><br></bean></blockquote></div><span style="background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div>Even when I edited the metadata file so that ID=<span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">"<a href="https://mySP.net/">https://mySP.net/</a></span><wbr style="font-size:small;text-decoration-style:initial;text-decoration-color:initial"><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">rest/v2/sso/message/</span><wbr style="font-size:small;text-decoration-style:initial;text-decoration-color:initial"><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">shibboleth/metadata", after I restarted shibboleth and tried accessing the login screen again the logs still had the same message in the logs about the backing store not containing any EntityDescriptors with the provided ID. I have double and triple checked that the entityID and the ID are "<a href="https://mySPnet/rest/v2/sso/message/shibboleth/metadata">https://mySPnet/rest/v2/sso/message/shibboleth/metadata</a>" I have also double and triple checked that the metadata file is where it is supposed to be. So my two questions are:<br><br>1. Why would the IdP be looking at the ID instead of the entityID in the metadata? Where is this configured?<br>2. Even after I change the ID to be what the IdP is looking for, why would it not be recognizing the change? </span></div></div>
</div>