Wednesday, June 26, 2013

oracle.security.fed.event.exceptions.UnknownProviderException: Unknown Provider

While testing the IDP initiated SSO with IDP as OIF and SP as custom solution, we are getting 500 Internal Server error error.
The URL is of the format : http://idp_host:port/fed/idp/initiatesso?providerid=http://sp-host:port/app

We got the below exception in OIF logs.

[2013-06-25T13:00:29.732-07:00] [wls_oif1] [ERROR] [FED-15034] [oracle.security.fed.eventhandler.profiles.idp.sso.CreateAuthnRequestEventHandler] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 8285f2bb4b55ec93:-773f8c6e:13f5ce4fa24:-8000-000000000000e9a4,0] [APP: OIF#11.1.1.2.0] Profile is unknown: https://sp-host:443/sso/saml/SSO
[2013-06-25T13:00:29.732-07:00] [wls_oif1] [ERROR] [FED-12064] [oracle.security.fed.controller.ActionStateMachine] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 8285f2bb4b55ec93:-773f8c6e:13f5ce4fa24:-8000-000000000000e9a4,0] [APP: OIF#11.1.1.2.0] Exception: {0}[[
oracle.security.fed.event.exceptions.UnknownProviderException: Unknown Provider: https://sp-host:443/sso/saml/SSO


The root cause is accessing wrong service provider URL.
To know the correct provider ID URL, login to OIF console -> Oracle Identity Federation -> Federations. Notice the provider ID and use it in the IDP initiated SSO URL.