ID 공급자에 대한 메타 데이터를 찾을 수 없습니다.

테스트 용도로 로컬 호스트에 Shibboleth 서비스 공급자와 ID 공급자를 모두 구성하려고합니다.ID 공급자에 대한 메타 데이터를 찾을 수 없습니다.

보호 된 리소스에 액세스하려고 할 때 "ID 공급자의 메타 데이터를 찾을 수 없습니다."라는 오류가 발생합니다.

저는 소프트웨어 구성 및이 오류 수정과 관련된 모든 자습서와 토론을 이미 읽었지만 아무 것도 작동하지 않습니다. SP 용

shibboleth2.xml의 구성 : SP의 구성에 의해

<SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config" 
xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config" 
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"  
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" 
clockSkew="180"> 

<InProcess logger="native.logger"> 
    <ISAPI normalizeRequest="true" safeHeaderNames="true"> 
     <Site id="1" name="localhost" /> 
    </ISAPI> 
</InProcess> 

<TCPListener address="127.0.0.1" port="1600" acl="127.0.0.1" /> 

<StorageService type="Memory" id="mem" cleanupInterval="900" /> 
<SessionCache type="StorageService" StorageService="mem" cacheAssertions="false" cacheAllowance="900" inprocTimeout="900" cleanupInterval="900" /> 
<ReplayCache StorageService="mem" /> 
<ArtifactMap artifactTTL="180" /> 

<RequestMapper type="Native"> 
    <RequestMap> 
     <Host name="localhost"> 
      <Path name="secure" authType="shibboleth" requireSession="true"/> 
     </Host> 
    </RequestMap> 
</RequestMapper> 

<ApplicationDefaults id="default" policyId="default" 
    entityID="http://localhost/secure" 
    homeURL="http://localhost/secure" 
    signing="false" encryption="false" 
    REMOTE_USER="eppn persistent-id targeted-id"> 

    <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" handlerURL="/Shibboleth.sso" 
       checkAddress="false" handlerSSL="false" cookieProps="http"> 
     <SSO entityID="https://bios-hp/idp/shibboleth"> 
      SAML2 SAML1 
     </SSO> 

     <Logout>SAML2 Local</Logout> 

     <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/> 
     <Handler type="Status" Location="/Status" acl="127.0.0.1 ::1"/> 
     <Handler type="Session" Location="/Session" showAttributeValues="false"/> 
     <Handler type="DiscoveryFeed" Location="/DiscoFeed"/> 

     <md:AssertionConsumerService Location="/SAML2/POST" index="1" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/> 
     <md:AssertionConsumerService Location="/SAML2/POST-SimpleSign" index="2" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"/> 
     <md:AssertionConsumerService Location="/SAML2/Artifact" index="3" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"/> 
     <md:AssertionConsumerService Location="/SAML2/ECP" index="4" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"/> 
     <md:AssertionConsumerService Location="/SAML/POST" index="5" 
      Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"/> 
     <md:AssertionConsumerService Location="/SAML/Artifact" index="6" 
      Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"/> 

     <LogoutInitiator type="Local" Location="/SLO/Logout"/> 

     <md:SingleLogoutService Location="/SLO/SOAP" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/> 
     <md:SingleLogoutService Location="/SLO/Redirect" conf:template="bindingTemplate.html" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/> 
     <md:SingleLogoutService Location="/SLO/POST" conf:template="bindingTemplate.html" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/> 
     <md:SingleLogoutService Location="/SLO/Artifact" conf:template="bindingTemplate.html" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"/> 

     <md:ManageNameIDService Location="/NIM/SOAP" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/> 
     <md:ManageNameIDService Location="/NIM/Redirect" conf:template="bindingTemplate.html" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/> 
     <md:ManageNameIDService Location="/NIM/POST" conf:template="bindingTemplate.html" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/> 
     <md:ManageNameIDService Location="/NIM/Artifact" conf:template="bindingTemplate.html" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"/> 

     <md:ArtifactResolutionService Location="/Artifact/SOAP" index="1" 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/> 
    </Sessions> 

    <Errors supportContact="[email protected]" 
     helpLocation="/about.html" 
     styleSheet="/shibboleth-sp/main.css"/> 

    <MetadataProvider type="XML" file="C:/opt/shibboleth-sp/etc/shibboleth/idp.metadata.xml"/> 

    <AttributeExtractor type="XML" validate="true" reloadChanges="false" path="attribute-map.xml"/> 

    <AttributeResolver type="Query" subjectMatch="true"/> 

    <AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/> 

    <CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/> 
</ApplicationDefaults> 

<SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/> 

<ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/>

idp.metadata.xml 참조 :

<?xml version="1.0" encoding="UTF-8"?><EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://bios-hp/idp/shibboleth" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"><Extensions><shibmd:Scope regexp="false"/></Extensions><KeyDescriptor><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIID...zY=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://bios-hp:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/><ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bios-hp:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/><NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat><SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://bios-hp/idp/profile/Shibboleth/SSO"/><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bios-hp/idp/profile/SAML2/POST/SSO"/><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://bios-hp/idp/profile/SAML2/POST-SimpleSign/SSO"/><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bios-hp/idp/profile/SAML2/Redirect/SSO"/></IDPSSODescriptor><AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"><Extensions><shibmd:Scope regexp="false"/></Extensions><KeyDescriptor><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIID...SzY=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://bios-hp:8443/idp/profile/SAML1/SOAP/AttributeQuery"/><AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bios-hp:8443/idp/profile/SAML2/SOAP/AttributeQuery"/><NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat></AttributeAuthorityDescriptor></EntityDescriptor>

주 모두 파일로서 동일한 ENTITYID 자사 내 실수의 일반적인 이유.

보호 된 사이트는 지역 IIS에서 호스팅하고 나는 오류가

http://bios-hp/secure

URL을 통해 액세스 할 수 있습니다.

SP 및 IdP 모두에 대해 가능한 모든 상태 URL이 성공적인 결과를 반환합니다.

아이디어가 있으십니까?

출처

2014-06-17 Vsevolod

은 확보 경로에 대해 알고하지 마십시오, 그러나 당신의 ENTITYID가 http하지 https으로, http://bios-hp/secure 것 같다, 그래서 당신의 확보 경로가 http 될 믿고 표어가 https와 함께 작동합니다.

일반적인 오류는 다음과 같습니다

ENTITYID는을 오타 :하지만 귀하의 경우
메타 데이터 파일 경로 실수되지 않습니다 :하지만 너무 귀하의 경우 IdP가에
SP의 구성이 아닙니다 측면 : 당신도 확인해야합니다.

출처

2014-06-18 06:21:59 Akshay

ID 공급자에 대한 메타 데이터를 찾을 수 없습니다.

답변

관련 문제