Hi Akshik,
if you look at the log you find these lines:
2015-02-27 22:36:38 CRIT Shibboleth.Application : no MetadataProvider
available, configuration is probably unusable
2015-02-27 22:36:38 INFO Shibboleth.Application : no TrustEngine specified or
installed, using default chain {ExplicitKey, PKIX}
2015-02-27 22:36:38 INFO Shibboleth.Application : building AttributeExtractor
of type XML...
It seems there is a problem with your shibboleth2.xml. Check it against a
working one or try to increase the log verbosity to
figure out the problem.
Marco
> From: "Akshik DBK"
> To: "OpenStack Development Mailing List not for usage questions"
>
> Sent: Saturday, 28 February, 2015 17:05:23
> Subject: Re: [openstack-dev] Need help in configuring keystone
> Hi Marco,
> did you get a chance to look at the logs,
> Regards,
> Akshik
> From: aks...@outlook.com
> To: openstack-dev@lists.openstack.org
> Date: Fri, 27 Feb 2015 22:50:47 +0530
> Subject: Re: [openstack-dev] Need help in configuring keystone
> Hi Marco,
> Thanks for responding, Ive cleared the log file and have restarted the shibd
> service.
> the metadata file got created, i've attached the log file and metadata file as
> well.
> Regards,
> Akshik
> Date: Fri, 27 Feb 2015 15:12:39 +0100
> From: marco.farge...@ct.infn.it
> To: openstack-dev@lists.openstack.org
> Subject: Re: [openstack-dev] Need help in configuring keystone
> Hi Akshik,
> the metadata error is in your SP, if the error was on testshib you
> should not be redirected back after the login. Maybe there is a configuration
> problem with shibboleth. Try to restart the service and look at shibboleth
> logs.
> Check also the metadata of testshib are downloaded correctly because from the
> error
> it seems you have not the metadata of testshib.
> Cheers,
> Marco
> On Fri, Feb 27, 2015 at 06:39:30PM +0530, Akshik DBK wrote:
> > Hi Marek ,
>> I've registered with testshib, this is my keystone-apache-error.log log i get
>> [error] [client 121.243.33.212] No MetadataProvider available., referer:
> > https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
> > From: aks...@outlook.com
> > To: openstack-dev@lists.openstack.org
> > Date: Fri, 27 Feb 2015 15:56:57 +0530
> > Subject: [openstack-dev] Need help in configuring keystone
>> Hi I'm new to SAML, trying to integrate keystone with SAML, Im using Ubuntu
>> 12.04 with Icehouse,im following http://docs.openstack.org/developer/k...when
>> im trying to configure keystone with two idp,when i access
>> https://MYSERVER:5000/v3/OS-FEDERATIO...it gets redirected to testshib.org ,
>> it
>> prompts for username and password when the same is given im
>> gettingshibsp::ConfigurationException at (
>> https://MYSERVER:5000/Shibboleth.sso/... ) No MetadataProvider available.here
>> is my shibboleth2.xml content > xmlns="urn:mace:shibboleth:2.0:native:sp:config"
> > xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
> > xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
> > xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
> > xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
> > clockSkew="180">
> > https://MYSERVER:5000/Shibboleth";>
>> > relayState="ss:mem" handlerSSL="false">
> > https://idp.testshib.org/idp/shibboleth "
> > ECP="true">
> > SAML2 SAML1
> >
> > SAML2 Local
> > > signing="false"/>
> >
> > > showAttributeValues="false"/>
> >
> >
> > > logoLocation="/shibboleth-sp/logo.jpg"
> > styleSheet="/shibboleth-sp/main.css"/>
> > > path="attribute-map.xml"/>
> >
> > > path="attribute-policy.xml"/>
> > > certificate="sp-cert.pem"/>
> > > entityID="https://MYSERVER:5000/Shibboleth";>
> > > relayState="ss:mem" handlerSSL="false">
> > https://portal4.mss.internalidp.com/idp/shibboleth " ECP="true">
> > SAML2 SAML1
> >
> > SAML2 Local
> >
>> https://portal4.mss.internalidp.com/idp/shibboleth "
> > backingFilePath="/tmp/tata.xml" reloadInterval="18" />
> >
> > > entityID="https://MYSERVER:5000/Shibboleth";>
> > > relayState="ss:mem" handlerSSL="false">
> > https://idp.testshib.org/idp/shibboleth "
> > ECP="true">
> > SAML2 SAML1
> >
> > SAML2 Local
> >
> > https://idp.testshib.org/idp/shibboleth "
> > backingFilePath="/tmp/testshib.xml" reloadInterval="18"/>
> >
> >
> > > path="security-policy.xml"/>
>> > path="protocols.xml"/>
>> here is my wsgi-keystoneWSGIScriptAlias /keystone/main
> > /var/www/cgi-bin/keystone/main
> > WSGIScriptAlias /keystone/admin /var/www/cgi-bin/keystone/admin
