Unable to locate metadata for SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%'
6,368 views
Skip to first unread message
Rama Krishna Meka
Dec 1, 2015, 8:07:49 PM12/1/15
to SimpleSAMLphp
I'm getting the below error when I try to click on default-sp os Service Provider.
URL redirects to IDP
Unable to locate metadata for 'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp'
This is most likely a configuration problem on either the service provider or identity provider.
SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp\'')
Backtrace:
3 /web/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:301 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData)
2 /web/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:318 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig)
1 /web/simplesamlphp/modules/saml/lib/IdP/SAML2.php:303 (sspmod_saml_IdP_SAML2::receiveAuthnRequest)
0 /web/simplesamlphp/www/saml2/idp/SSOService.php:18 (N/A)
I have the following entry present In IDP server file saml20-sp-remote.php
$metadata['https://sp.com'] = array(
'AssertionConsumerService' => 'https://sp.com/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
'SingleLogoutService' => 'https://sp.com/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp',
);
On SP server file authsource.php i have below entries
'entityID' => null,
// The entity ID of the IdP this should SP should contact.
// Can be NULL/unset, in which case the user will be shown a list of available IdPs.
// 'idp' => 'https://openidp.feide.no',
// The URL to the discovery service.
// Can be NULL/unset, in which case a builtin discovery service will be used.
'discoURL' => null,
On SP server
on saml20-idp-remote.php
$metadata['https://idp.com/simplesaml/saml2/idp/SSOService.php'] = array(
'name' => array(
'en' => 'RGCCLOUD',
'no' => 'Feide RGCCLOUD',
),
'description' => 'Here you can login with your account on Feide RnD OpenID. If you do not already have an account on this identity provider, you can create a new one by following the create new account link and follow the instructions.',
'SingleSignOnService' => 'https://idp.com/simplesaml/saml2/idp/SSOService.php',
'SingleLogoutService' => 'https://idp.com/simplesaml/saml2/idp/SingleLogoutService.php',
'certFingerprint' => '19142eadced5b0e67f76f94b9ea40e71adfsdfsqwrdfsdf5f9f'
);
What could be the issue. I can authenticate my SP with https://openidp.feide.no,But not with my own IDP.
Jaime Perez Crespo
Dec 2, 2015, 4:21:58 AM12/2/15
to simple...@googlegroups.com
Hi,
> On 02 Dec 2015, at 02:07 AM, Rama Krishna Meka <ram...@gmail.com> wrote:
> I'm getting the below error when I try to click on default-sp os Service Provider.
> URL redirects to IDP
> https://idp.com/simplesaml/saml2/idp/SSOService.php?SAMLRequest=lVJLT%2BMwEP4r-dleted-some-strinf-SQTXfDkG2%2FYJ8Fsimplesaml%2Fmodule.php%2Fcore%2Fauthenticate.php%3Fas%3Ddefault-sp
>
> Unable to locate metadata for 'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp'
> This is most likely a configuration problem on either the service provider or identity provider.
>
> SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp\'')
> […]
> On SP server
> on saml20-idp-remote.php
> $metadata['https://idp.com/simplesaml/saml2/idp/SSOService.php'] = array(
This is not a valid entity ID for a SimpleSAMLphp entity. Again, check the IdP’s metadata to get the real entity ID, and use it here.
--
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
> On 02 Dec 2015, at 02:07 AM, Rama Krishna Meka <ram...@gmail.com> wrote:
> I'm getting the below error when I try to click on default-sp os Service Provider.
> URL redirects to IDP
> https://idp.com/simplesaml/saml2/idp/SSOService.php?SAMLRequest=lVJLT%2BMwEP4r-dleted-some-strinf-SQTXfDkG2%2FYJ8Fsimplesaml%2Fmodule.php%2Fcore%2Fauthenticate.php%3Fas%3Ddefault-sp
>
> Unable to locate metadata for 'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp'
> This is most likely a configuration problem on either the service provider or identity provider.
>
> SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp\'')
>
> I have the following entry present In IDP server file saml20-sp-remote.php
> $metadata['https://sp.com'] = array(
The entries in the $metadata array are indexed by the entitiy IDs of the SAML entities. Here you have “https://sp.com”, but that’s not the entity ID of the SP, as you can see in the error message.
> I have the following entry present In IDP server file saml20-sp-remote.php
> $metadata['https://sp.com'] = array(
> On SP server
> on saml20-idp-remote.php
> $metadata['https://idp.com/simplesaml/saml2/idp/SSOService.php'] = array(
--
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
ramkia6
Dec 2, 2015, 11:36:49 AM12/2/15
to simple...@googlegroups.com
Hello,
Thanks for your reply. I made the change and i no no longer get Unable to locate metadata for 'https://sp.com/simplesaml/module.php/saml/sp/metadata.php/default-sp'
However,
After entering the credentials I get
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace: 0 /var/www/html/simplesamlphp/www/module.php:179 (N/A) Caused by: SimpleSAML_Error_Exception: Cannot retrieve metadata for IdP 'https://idp.com/simplesaml/saml2/idp/metadata.php' because it isn't a valid IdP for this SP. Backtrace: 2 /var/www/html/simplesamlphp/modules/saml/lib/Auth/Source/SP.php:112 (sspmod_saml_Auth_Source_SP::getIdPMetadata) 1 /var/www/html/simplesamlphp/modules/saml/www/sp/saml2-acs.php:74 (require) 0 /var/www/html/simplesamlphp/www/module.php:134 (N/A)
But, I can download the metadata from https://idp.com/simplesaml/saml2/idp/metadata.php
Thanks for your help again.
--
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/1d3duYDPb0Q/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlph...@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at http://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.
Rama Krishna
ramkia6
Dec 2, 2015, 11:22:12 PM12/2/15
to simple...@googlegroups.com
Hi Jaime,
I made it working with your help. I have another issue. My IDP successfully authenticated against LDAP(I can login through example-ldap in IDP).
When I click on "default-sp" in SP and enter ldap credentials, it takes little while and browser(Browser SPIN WHEEL says POST) times out with redirecting to
ERR_CONNECTION_TIMED_OUT
Any hint on this ? Or, did i ask you dumb question 😤 ?
--
Rama Krishna
Peter Schober
Dec 3, 2015, 3:29:44 AM12/3/15
to simple...@googlegroups.com
* ramkia6 <ram...@gmail.com> [2015-12-03 05:22]:
for the SP resolve correctly and you can access the web server hosting
the SP with the schema/protocol as above.
Impossible to tell from your obfuscated examples.
-peter
> When I click on "default-sp" in SP and enter ldap credentials, it takes
> little while and browser(Browser SPIN WHEEL says POST) times out with
> redirecting to
> https://sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp
>
> ERR_CONNECTION_TIMED_OUT
Look at server log files (starting at the IDP), and make sure any URLs
> little while and browser(Browser SPIN WHEEL says POST) times out with
> redirecting to
> https://sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp
>
> ERR_CONNECTION_TIMED_OUT
for the SP resolve correctly and you can access the web server hosting
the SP with the schema/protocol as above.
Impossible to tell from your obfuscated examples.
-peter
ramkia6
Dec 18, 2015, 4:30:55 PM12/18/15
to simple...@googlegroups.com
Hi Peter,
My IDP requires my SP to pass the following. Any idea where I can put this ?<saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
SomeThing-
</saml:AuthnContextClassRef>
--
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/1d3duYDPb0Q/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlph...@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at http://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.
--
Rama Krishna
Binoy Chacko
Feb 11, 2017, 1:30:22 AM2/11/17
to SimpleSAMLphp
HI Jamie,
I have similar problem.
Metadata not found
Unable to locate metadata for 'http://oasisintranet/'This is most likely a configuration problem on either the service provider or identity provider.
- If you are an user who received this error after following a link on a site, you should report this error to the owner of that site.
- If you are a developer who is deploying a single sign-on solution, you have a problem with the metadata configuration. Verify that metadata is configured correctly on both the identity provider and service provider.
If you report this error, please also report this tracking number which makes it possible to locate your session in the logs available to the system administrator: 9953b14509
Debug information
The debug information below may be of interest to the administrator / help desk:
SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'http://oasisintranet/\'')
Backtrace: 3 /var/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:301 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData) 2 /var/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:318 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig) 1 /var/simplesamlphp/modules/saml/lib/IdP/SAML2.php:303 (sspmod_saml_IdP_SAML2::receiveAuthnRequest) 0 /var/simplesamlphp/www/saml2/idp/SSOService.php:18 (N/A)
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
In the SAML plugin in the Wordpress. In the IDENTITY PROVIDER SETTINGS
I have given the IDP settings as
IdP Entity Id *: http://ohidp.oasishospital.org/simplesaml/saml2/idp/metadata.php
Jaime Perez Crespo
Feb 11, 2017, 6:09:41 AM2/11/17
to SimpleSAMLphp
Hi Binoy,
On 11 Feb 2017, at 07:30 AM, Binoy Chacko <binoy....@oasishospital.org> wrote:
> HI Jamie,
It’s Jaime actually, Spanish name ;-)
> I have similar problem.
> Metadata not found
As I said previously, read the documentation:
https://simplesamlphp.org/docs/stable/simplesamlphp-idp#section_7
The sooner you read the documentation, the sooner you will fix this and stop trying things without any clue of what you are doing.
Your IdP is telling you that it doesn’t know anything about an “http://oasisintranet/“ service provider. You need to exchange metadata between the service provider and the identity provider. Forget about wordpress. Just find out the XML metadata for both the IdP and the SP, parse it with the “XML to SimpleSAMLphp metadata converter”, and paste the result in the corresponding file of the other entity. If you are adding the SAML metadata of the SP to the IdP, you need to add it to the “saml20-sp-remote.php” file of the IdP, and similarly, if you are adding the IdP’s metadata to the SP, you need to do that in the “saml20-idp-remote.php” of the SP.
--
Jaime Pérez
UNINETT / Feide
jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
On 11 Feb 2017, at 07:30 AM, Binoy Chacko <binoy....@oasishospital.org> wrote:
> HI Jamie,
It’s Jaime actually, Spanish name ;-)
> I have similar problem.
> Metadata not found
https://simplesamlphp.org/docs/stable/simplesamlphp-idp#section_7
The sooner you read the documentation, the sooner you will fix this and stop trying things without any clue of what you are doing.
Your IdP is telling you that it doesn’t know anything about an “http://oasisintranet/“ service provider. You need to exchange metadata between the service provider and the identity provider. Forget about wordpress. Just find out the XML metadata for both the IdP and the SP, parse it with the “XML to SimpleSAMLphp metadata converter”, and paste the result in the corresponding file of the other entity. If you are adding the SAML metadata of the SP to the IdP, you need to add it to the “saml20-sp-remote.php” file of the IdP, and similarly, if you are adding the IdP’s metadata to the SP, you need to do that in the “saml20-idp-remote.php” of the SP.
--
Jaime Pérez
UNINETT / Feide
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
Reply all
Reply to author
Forward
0 new messages