[Openstack] Keystone as Identity Provider or/and Service Provider

Marek Denis marek.denis at cern.ch
Tue Apr 21 08:36:07 UTC 2015


Hi Alexis,

On 17.04.2015 11:19, Alexis KOALLA wrote:
> Hi Marek,
> Thanks for your replies.
>
> Juts one remark: the IdP(Shibboleth)  and the SP(Keystone) are 
> installed on the same machine (all-in-one) .
> Here is the error I get when trying to access the Session or something 
> else
>
>  * _*https://10.192.228.82/Shibboleth.sso/Login*_
>
>
>  opensaml::saml2md::MetadataException
>
> The system encountered an error at Fri Apr 17 11:12:58 2015
>
> To report this problem, please contact the site administrator 
> atroot at localhost 
> <https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=root@localhost>.
>
> Please include the following message in any email:
>
> opensaml::saml2md::MetadataException at 
> (https://myshost/Shibboleth.sso/Login)
>
> Unable to locate metadata for identity provider 
> (https://myshost/idp/shibboleth)
>

The error message is somewhat self-explanatory, you seem tohave 
incorrectly configured the trust between the SP and the IdP. Did you 
specify the URL or path to the metadata file in your 
/etc/shibboleth/shibbboleth.xml configuration? Did you HUP or restarted 
shibd service? :-)
Maybe sharing a configuration file here is a good idea (if that's possible).

cheers,

Marek




More information about the Openstack mailing list