Skip to Content
Author's profile photo Former Member
Former Member
June 4, 2014 Less than a 1 minute read

Metadata contains trusted provider which is not an identity provider

Hello sir



I Installed  SAP NetWeaver AS Java 7.4 SR1 – 90 days trial version. We are  facing issue with   “Uploading Metadata File”.   Error mention below

“Metadata contains trusted provider which is not an identity provider”

We referred following  document for   Configuration ::::   http://wiki.scn.sap.com/wiki/display/Security/Single+Sign-On+with+SAML+2.0+and+ABAP+Systems+Supporting+SAP+Logon+Tickets?focusedCommentId=377389831#comment-377389831

Please suggest if any configuration is require?

Tejas Gandhi

Assigned Tags

      3 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Donka Dimitrova
      Donka Dimitrova

      Hello Tejas,

      What system is the Identity Provider in your implementation?

      Best regards,

      Donka Dimitrova

      Author's profile photo Former Member
      Former Member
      Blog Post Author

      Hello  Donka Dimotrova

      My system  Identity Provider   --- Automatic (Selection Mode)  &  attached   Metadata xml file & Error ScreenShots

      Thanks

      Tejas /wp-content/uploads/2014/06/2014_06_04_212633_467587.png/wp-content/uploads/2014/06/2014_06_04_212732_467592.png/wp-content/uploads/2014/06/2014_06_04_212711_467591.png

      Author's profile photo Donka Dimitrova
      Donka Dimitrova

      Hello Teijas,

      To describe it simply:

      For the SAML 2.0 implementation you have three sides: (1) user agent, (2) identity provider (IDP) and (3) service provider (SP).

      In the scenario usually the user agent requires some resources from the SP and the IDP is used by the user agent to prove his identity in front of the SP.

      Because of the initial trust established between SP and IDP these two systems know each other.

      Based on a request and after the respective authentication of the used agent to the IDP, the IDP will issue a SAML assertion for this user agent and this SP.

      Based on the SAML assertion (and because the SP trusts the IDP) the SP will believe that the user agent is the one he pretends to be and will respond with the requested resources.

      Here you will be able to find more details: help.sap.com

      The metadata import actually is the step where you are trying to establish the trust between the IDP and the SP. The SAP NW AS JAVA (you mentioned) could be the SP for your implementation and the metadata file has to describe the IDP. The messages you get mention that there is something wrong with the content of your metadata file. This is why I was asking in my previous post what is your IDP system and the question is still valid.

      Best regards,

      Donka Dimitrova