Reputation: 3626
Shibboleth opensaml::FatalProfileException
I am implementing shibboleth IDP and SP. I have installed in my machine and tested it with testshib.org , both(IDP&SP) are working fine.
I am trying to use my own IDP with my SP.
Once I access the protected resource, SP redirects to the IDP login page correctly, after authentication is successful, it is redirected to the SP with the SAML encrypted response (With the servlet status code 500) Which shows the following error ,
"opensaml::FatalProfileException at (https://myip.address/Shibboleth.sso/SAML2/POST) A valid authentication statement was not found in the incoming message."
I checked the native log which shows the following message.
"2013-08-29 20:22:36 ERROR Shibboleth.Listener [28868] shib_handler: remoted message returned an error: A valid authentication statement was not found in the incoming message.
2013-08-29 20:22:36 ERROR Shibboleth.Apache [28868] shib_handler: A valid authentication statement was not found in the incoming message."
How can I rectify this problem?
Upvotes: 1
Views: 7551
Answers (1)
Reputation: 208
What do the IdP logs show for the corresponding authentication attempt? You may need to elevate the log levels to DEBUG for IdP, OpenSAML and/or LDAP (conf/logging.xml) to get sufficiently descriptive results.
Upvotes: 1
Related Questions
- Shibboleth: "Metadata root element was unsigned and signatures are required"
- Opensaml unmarshallMessage giving opensaml local part cannot be "null" when creating a QName Exception
- SpringSecurity-SAML(OpenSAML): Failed to unmarshall assertion: getting org.w3c.dom.DOMException: WRONG_DOCUMENT_ERR
- shibboleth-saml with Spring boot
- Error Message: No peer endpoint available to which to send SAML response
- Prepare SAML Authentication request using OpenSaml3.1.1
- OpenAM: Error processing AuthnRequest. null
- Single Log out not working with Shibboleth IdP
- Shibboleth Configuration
- SSLException: Received fatal alert: unexpected_message