Problem in Shibboleth Installation

92 views
Skip to first unread message

Geo P.C.

unread,
Mar 16, 2012, 9:31:11 AM3/16/12
to us...@shibboleth.net
Dear Sir


We are new to Shibboleth and for SSO we are trying to implement it. Currently we are checking the installation in our local CentOS Machine with hostname geopc.local and for installation and configuration we are referring the urls:
http://csrdu.org/blog/2011/07/04/shibboleth-idp-sp-installation-configuration/ and https://wiki.shibboleth.net/confluence/display/SHIB2/Installation

We downloaded shibboleth-identityprovider-2.3.6-bin.zip and use yum for shibboleth. Please see the details:

[root@geopc bin]# version.sh
Using CATALINA_BASE:   /opt/apache-tomcat-6.0.20
Using CATALINA_HOME:   /opt/apache-tomcat-6.0.20
Using CATALINA_TMPDIR: /opt/apache-tomcat-6.0.20/temp
Using JRE_HOME:       /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/
Server version: Apache Tomcat/6.0.20
Server built:   May 14 2009 01:13:50
Server number:  6.0.20.0
OS Name:        Linux
OS Version:     2.6.18-274.18.1.el5
Architecture:   amd64
JVM Version:    1.6.0_22-b22
JVM Vendor:     Sun Microsystems Inc.

We installed idp and sp and while checking the url: http://geopc.local:8080/idp/profile/Status we are getting “ok”. Now while accessing https://geopc.local/secure we are getting an error message:
-----------------------------------------------------------------------------------------------

opensaml::saml2md::MetadataException

The system encountered an error at Fri Mar 16 18:29:25 2012

To report this problem, please contact the site administrator at root@localhost.

Please include the following message in any email:

opensaml::saml2md::MetadataException at (https://geopc.local/secure)

Unable to locate metadata for identity provider (https://geopc.local/shibboleth)

--------------------------------------------------------------------------------------------

In error log it shows WARN Shibboleth.SessionInitiator.SAML2 [1]: unable to locate metadata for provider (https://geopc.local/shibboleth)

Also while acceessing the url: http://geopc.local:8080/idp/shibboleth we are getting an xml page. Please see the attached file for its contents.

Please help us on it. Thank in advance.

Geo P.C.

xmlpage.xml

Chad La Joie

unread,
Mar 16, 2012, 9:36:09 AM3/16/12
to Shib Users
The installation instructions for the IdP tell you you need to load
the metadata for the service providers with which you'll interact.
You didn't do that.

> --
> To unsubscribe from this list send an email to
> users-un...@shibboleth.net

--
Chad La Joie
www.itumi.biz
trusted identities, delivered
--
To unsubscribe from this list send an email to users-un...@shibboleth.net

Masud Khokhar

unread,
Mar 16, 2012, 9:36:45 AM3/16/12
to us...@shibboleth.net
Hi Geo,

Can you tell us what is configured under the following section in your shibboleth2.xml file?

<!-- Chains together all your metadata sources. -->
 <MetadataProvider type="Chaining">
...

Thank you.
Masud

Geo P.C.

unread,
Mar 16, 2012, 9:55:44 AM3/16/12
to Shib Users
In my /etc/shibboleth/shibboleth2.xml there is no section like this. Please see my complete file. Please help me in it.

Thanks
shibboleth2.xml

Cantor, Scott

unread,
Mar 16, 2012, 11:12:19 AM3/16/12
to us...@shibboleth.net
On 3/16/12 9:31 AM, "Geo P.C." <pcg...@gmail.com> wrote:
>while accessing https://geopc.local/secure we are getting an error
>message:

https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPTroubleshootin
gCommonErrors

Did you check that page?

-- Scott

Reply all
Reply to author
Forward
0 new messages