Hello, i try to have fun working thru your book __Schwartz/Machulak: Securing the Perimeter, Apress 2018__. Up to now i am in Chapter 3 SAML on page 87 in paragraph **Configure the Gluu Server Shibboleth IDP** I did setup a Trust Relationship as described in the book, pages 85 and 86. After Update and Activate of the TR in the IDP the log ``` /opt/shibboleth-idp/logs/idp-process.log ``` writes an error every five minutes: ``` ERROR [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver:376] - Metadata Resolver FilesystemMetadataResolver SiteSP1: Error occurred while attempting to refresh metadata from '/opt/shibboleth-idp/metadata/493a12d6-b96e-4bad-b9a7-52aebf0f329d-sp-metadata.xml' java.lang.IllegalStateException: ApplicationContext:shibboleth.MetadataResolverService has been closed already ``` Requesting ``` https://squid.fritz.box/protected/printHeaders.py ``` results in ``` This service requires information about you that your identity provider did not release. ``` Restarting shibd at the SP ``` # service shibd restart ``` causes this log entries in ``` /var/log/shibboleth/shibd.log : ``` log entries are at https://pastebin.com/9VKKuhj9 It seems as if my IDP does not release the admin identity to the SP, and this seems to cause an immediate remove of every session at the SP. Can you give me an hint what to configure at the ISP so the admin indentity is released to the SP with SAML? Help is very much appreciated, Johann