Error: No valid Assertion Consumer Services in metadata import
search cancel

Error: No valid Assertion Consumer Services in metadata import

book

Article ID: 275875

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction


When running AdminUI, and trying to import a metadata file of a new Entity for a Partnership, the Policy Server reports error:

    Exception occurred: ERROR:  No valid Assertion Consumer Services were provided in the metadata document.

and the AdminUI can't upload the metadata file.

 

Cause


The following line from the metadata file has an enumeration problem in the SPSSODescriptor / protocolSupportEnumeration tag:

metadata.xml:

    <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">

The protocolSupportEnumeration presents the protocol 2.0, then 1.0 and 1.1 at the end. The protocol enumeration is expected in ascending order.

 

Resolution


In the metadata file, change the order of the protocol version in ascending way (1.0, 1.1, 2.0):

  set
  
    protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"

  instead of
 
       protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:1.1:protocol"

to fix this issue.

 

Powered by Wolken Software