Duke@Work: Shibboleth login error

Duke@Work: Receiving FatalProfileException error at login


Symptom:

Customer reports the following error upon Shibboleth login:

opensaml::FatalProfileException 
The system encountered an error at Fri Mar 27 14:50:01 2015 
To report this problem, please contact the site administrator at Please close all browser windows and try again. If the problem persists, please call the OIT Service Desk at 684-2200.. 
Please include the following message in any email: 
opensaml::FatalProfileException at (https://work.duke.edu/Shibboleth.sso/SAML2/POST) 
Your client's current address (152.26.230.68) differs from the one used when you authenticated to your identity provider. To correct this problem, you may 



Cause

The client's IP address can change during authentication due to

1. An unstable network connection, whether wireless network connection or otherwise

2. Having both wireless and wired adapters enabled



Resolution

Please be sure to disable your wireless adapter if you are on a wired connection or attached to a docking station - (Lenovo instructions: http://support.lenovo.com/us/en/documents/ht072689) / Dell Latitude: http://smallbusiness.chron.com/turn-wireless-dell-latitude-laptop-53095.html)

If you still have trouble, the solution would be to connect to Duke VPN to ensure a constant IP address. (VPN instructions: https://oit.duke.edu/net-security/network/remote/vpn/)

Article number: KB0018219

Valid to: April 25, 2025