Could not find service provider information for sp/idp NO_PROVIDER_INFO_FOUND
search cancel

Could not find service provider information for sp/idp NO_PROVIDER_INFO_FOUND

book

Article ID: 47083

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign-On SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction


Federation transactions are failing with 403 forbidden error in the browser.

Below are the errors at the Web Agent Option Pack (Federation Services) and the Policy Server:

FWSTrace logs:

[06/13/2016][04:51:37][][][][SAML2Base.java][getServiceProviderInfo][SAML2.0 SP Configuration is not in cache. Requesting to get from policy server [CHECKPOINT = SSOSAML2_SPCONFFROMPS_REQ]]
[06/13/2016][04:51:37][][][][SAML2Base.java][getServiceProviderInfo][Could not find service provider information for sp: example.com/ Message: .]
[06/13/2016][04:51:37][][][][SAML2Base.java][getServiceProviderInfo][Could not find service provider information for idp: example.com/.]
[06/13/2016][04:51:37][][][][SSO.java][processRequest][Transaction with ID:  failed. Reason: NO_PROVIDER_INFO_FOUND]
[06/13/2016][04:51:37][][][][SSO.java][processRequest][No SAML2 provider information found for SP example.com/.]
[06/13/2016][04:51:37][][][][SSO.java][processRequest][Ending SAML2 Single Sign-On Service request processing with HTTP error 400]

smtrace logs:

[06/13/2016][07:51:37.160][07:51:37][][][TunnelUtils][addProviderPasswords][][][][][][][][][][][][][][][][][][][][][Found passwords for oid: <value>]
[06/13/2016][07:51:37.161][07:51:37][][][TunnelUtils][addProviderPasswords][][][][][][][][][][][][][][][][][][][][][Exception while attempting to retrieve passwords:
java.lang.NoClassDefFoundError: Could not initialize class javax.crypto.JceSecurity
                at javax.crypto.Cipher.getInstance(Cipher.java:643)
                at com.ca.siteminder.sdk.agentapi.crypto.SmCryptoProvider.getBlockSize(SmCryptoProvider.java:1203)
                at com.ca.siteminder.sdk.agentapi.crypto.SmRC2SHA1CryptoProvider.<init>(SmRC2SHA1CryptoProvider.java:72)
                at com.ca.siteminder.sdk.agentapi.crypto.SmCryptoProvider.getInstance(SmCryptoProvider.java:203)
                at com.ca.siteminder.sdk.agentapi.crypto.SmServerCrypto.decryptInternal(SmServerCrypto.java:135)
                at com.ca.siteminder.sdk.agentapi.crypto.SmServerCrypto.decrypt(SmServerCrypto.java:123)
                at com.netegrity.federationps.tunnel.TunnelUtils.addPasswordsToMap(TunnelUtils.java:223)
                at com.netegrity.federationps.tunnel.TunnelUtils.addProviderPasswords(TunnelUtils.java:150)
                at com.netegrity.saml2ps.tunnel.SAMLSPbyIDTunnelService.tunnel(SAMLSPbyIDTunnelService.java:135)
                at com.netegrity.policyserver.smapi.TunnelServiceContext.tunnel(TunnelServiceContext.java:275)

 

Cause


Basically, password encryption at Policy Server side is done, and it needs JCE to be updated on Policy Server side.

RSA libraries are also used for the encryption, RSA libraries need latest JCE patches for key size and different algorithms.

 

Resolution

 

  1. Download the latest JCE patch for the Java configured for the Policy Server (1);
  2. Take the backup of existing local_policy.jar and US_export_policy.jar and update the new files;
  3. Restart the Policy Server.

 

Additional Information

Powered by Wolken Software