The requesting Service Provider ID "https://myHost.myDomain.Com/myApp" is not supported by the IDP!

book

Article ID: 207065

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

We're tunning Policy Server as IdP and when there's a specific request
as IdP initiated, the Federation transaction ends with this error :

smps.log :

  [9153/139742867879680][Mon Jan 18 2021
  16:56:40][AssertionGenerator.java][ERROR][sm-FedServer-00080]
  preProcess() returns fatal error.

  <Response ID="_362784d58b031be513f02665f664b3194b0b" InResponseTo="_04902f8d-6e9c-4daf-a9eb-f1ddb71532de" IssueInstant="2021-01-18T16:56:40Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
      <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">myNameID</ns1:Issuer>
      <Status>
   <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester">
       <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal"/>
   </StatusCode>
   <StatusMessage>The requesting Service Provider ID "https://myHost.myDomain.Com/myApp" is not supported by the IDP!</StatusMessage>
      </Status>
  </Response>

How can we fix this ?

 

Cause

 

At first glance, this error might show up if the Policy Server isn't
able to find the Service Provider ID in its configuration. That may be
due to several causes as problem with the data, etc. Mainly the Policy
Server tries to find the requested SP by its name or by its OID and it
doesn't find it.

 

Resolution

 

The EntityID value is case sensitive, and as such, setting it with the
exact syntax solved this issue.

The EntityID had value : https://myhost.mydomain.com/myApp

Setting it to : https://myHost.myDomain.Com/myApp solved the issue.