InCommon metadata support

["Hall, Gerry" <>]

I experienced the same issue with several SP’s for which the source of 
metadata is the InCommon aggregate file from about 3:28 PM until about 7:18 
PM on this past Friday 15 September.  Unfortunately, I was not made aware of 
the issue until the next day Saturday by which the issue was resolved.  I nor 
anyone on my team made any changes nor did we take any corrective action.  
Also, as the initial email  indicates, the issue only affected SP’s for which 
we rely on the InCommon aggregate file for as a source of metadata.

 The IdP logs had erros like the following:

10.110.29.20|2017-09-15 03:27:27,382 - ERROR 
[org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver:313] - 
Metadata Resolver FileBackedHTTPMetadataResolver InCommonMD: Error retrieving 
metadata from http://md.incommon.org/InCommon/InCommon-metadata.xml
org.apache.http.conn.HttpHostConnectException: Connect to md.incommon.org:80 
[md.incommon.org/163.253.32.9] failed: Connection refused
10.110.29.20|2017-09-15 03:27:27,382 - WARN 
[org.opensaml.saml.metadata.resolver.impl.FileBackedHTTPMetadataResolver:295] 
- Metadata Resolver FileBackedHTTPMetadataResolver InCommonMD: Problem 
reading metadata from remote source; detected existing cached metadata, 
skipping load of backup file

On 9/21/17, 11:47 AM, 
"
 on behalf of Cantor, Scott" 
<
 on behalf of 
>
 wrote:

    On 9/21/17, 8:42 AM, 
"
 on behalf of 
"
 
<
 on behalf of 
>
 wrote:

    > I ended up downloading a new InCommon metadata file and restarting our 
IdP
    > (since just restarting didn't change anything.)  That was around 5pm and
    > appeared to fix it.  I was just wondering if I had actually fixed it, 
or it
    > was just a coincidence that it started working again.

    As a matter of simple functional explanation, you cannot correct a 
problem that may exist in your IdP's metadata by changing the metadata your 
idP uses. Your IdP doesn't consume its own metadata.

    If the problem was in an SP's metadata, then obviously reloading it and 
changing the metadata the IdP uses is a very different matter.

    What seems more likely is that your system broke in some way and 
restarting it corrected that.

    -- Scott





________________________________

This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).