>>> On 15/05/2009 at 13:19, in message <[log in to unmask]>, Jethro R Binks <[log in to unmask]> wrote: > Is anyone experiencing problems today? > > I am getting end users forwarding messages like this: > > "Identity Provider failure at (/shibboleth-idp/SSO) > > 13:11:19,713 ERROR Assertion consumer service URL > (http://login.westlaw.co.uk/app/authentication/sso/ukfed/auth/rcv) is NOT > valid for provider (https://www.westlaw.co.uk/metadata). - > edu.internet2.middleware.shibboleth.idp.provider.ShibbolethV1SSOHandler > [TP-Processor18;20090515] > > and looking in the metadata, which I have manually refreshed, I see > entries like: > > <AssertionConsumerService > Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" > Location="https://login.westlaw.co.uk.ukclt.int.westlaw.com/app/authenticati > on/sso/ukfed/auth/rcv" > index="2"></AssertionConsumerService> > > "login.westlaw.co.uk.ukclt.int.westlaw.com" seems an odd hostname, and > there are similar ones. Odd, but correctly formed. > > Anyone else seeing issues? Yes, The ACS in the metadata is https://login.westlaw.co.uk/app/authentication/sso/ukfed/auth/rcv But they're coming in with http://etc which is what is generating the error. Would some at UK fed admin like to let them know, they've obviously been tinkering? Andy The University of Dundee is a registered Scottish charity, No: SC015096