000025508 - FIM error message 'name ID plug-in configuration for this format could not be retrieved'

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025508
Applies ToFederated Identity Management Module 3.1
IssueFIM error message "name ID plug-in configuration for this format could not be retrieved"

FIM error message:

2007-10-23 16:30:13,707, (SSOHelper.java:585), dmzuhadc011-021, , , , Unable to process the AuthnRequest message, com.rsa.fim.profile.sso.SSOProfileException: The name ID plug-in configuration for this format could not be retrievedurn:oasis:names:tc:SAML:2.0:nameid-format:persistent

CauseThis error indicates that there is no nameID plugin installed to handle the nameIDformat specified by the SP in the incoming request. 
ResolutionYou must register a nameID plugin for the NameIDformat and associate it with your Service Provider Application.

As per the installation guide Step 4: Adding Service Provider Applications (for SPs only)

If you configured an SP, you can configure each target SP application to require the IdP to use a specific name identifier format and to send specific attributes about the user. This configuration is used when the SP initiates web single sign-on (SSO) and requests identity federation for a user.

Note: This step is only applicable for SPs and it is optional. If you do not specify any attributes, FIM uses the default attribute set you define for the local entity.

FIM allows you to specify what nameIDformat the SP will request from the IDP.   (The text indicates that this is optional, but really the only optional part is the attribute set.)  You must specify a nameIDformat for your Service Provider Application, and your SP Entity must specify a Service Provider.  There is no way to configure the RSA FIM SP not to request a nameID without a format. 


Legacy Article IDa37536