https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3324340#M5964 <P>In case anyone finds this the fix for us was to restart the Tomcat Service on all of our Call Managers.&nbsp;</P> <P>&nbsp;</P> <P>We had an NTP issue a week ago and our MACs were still pointing to a high Stratum NTP server. Once we restarted the Tomcat Service they were able to login again.&nbsp;</P> Fri, 02 Feb 2018 19:20:20 GMT Matthew S 2018-02-02T19:20:20Z https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3321784#M5963 <P>I'm having an issue where MAC Jabber clients are receiving a SAML Metadata Not Initialized error and I'm confused as to why.&nbsp;</P> <P>&nbsp;</P> <P>I have SSO working on the rest of my environment, windows Jabber are fine using SSO but MAC clients seem to be having issues.&nbsp;</P> <P>Any help would be appreciated. Thanks.</P> <P>&nbsp;</P> <PRE>2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - servlet path :null 2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - recovery URL :null 2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - principal object in request is null 2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - Principal not found, sending http redirect to SAML Service Provider 2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - No relay url found in session, using current request url 2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - Relay url &gt;/ssosp/oauth/authorize?scope=UnifiedCommunications:readwrite&amp;response_type=token&amp;client_id=C41eb54529dd9907e01d3744ead3a991ba9cc4c772b0497ebe8a103fa69fe81a8&lt; 2018-01-30 10:37:46,680 DEBUG [http-bio-443-exec-20] filter.SSOAuthAgentFilter - Relay url encoded &gt;%2Fssosp%2Foauth%2Fauthorize%3Fscope%3DUnifiedCommunications%3Areadwrite%26response_type%3Dtoken%26client_id%3DC41eb54529dd9907e01d3744ead3a991ba9cc4c772b0497ebe8a103fa69fe81a8&lt; 2018-01-30 10:37:46,681 INFO [http-bio-443-exec-20] filter.SSOAuthAgentFilter - Relay url contains /oauth/authorize, forwarding to /saml/login?relayurl=%2Fssosp%2Foauth%2Fauthorize%3Fscope%3DUnifiedCommunications%3Areadwrite%26response_type%3Dtoken%26client_id%3DC41eb54529dd9907e01d3744ead3a991ba9cc4c772b0497ebe8a103fa69fe81a8 2018-01-30 10:37:46,681 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - SAML Response is ::null 2018-01-30 10:37:46,681 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - SAMLAuthenticator:processRequest 2018-01-30 10:37:46,681 INFO [http-bio-443-exec-20] utils.PropertiesFileUtil - No need, it's already loaded :ssoconfig.properties 2018-01-30 10:37:46,681 INFO [http-bio-443-exec-20] utils.PropertiesFileUtil - Loading the properties file content :ssoconfig.properties 2018-01-30 10:37:46,681 INFO [http-bio-443-exec-20] api.SAMLSSOManager - from properties file samlPlatformManagerImplClassName: com.cisco.vos.platform.api.manager.SAMLPlatformManager 2018-01-30 10:37:46,682 INFO [http-bio-443-exec-20] api.SAMLSSOManager - loaded samlPlatformManagerImplClassName: com.cisco.vos.platform.api.manager.SAMLPlatformManager 2018-01-30 10:37:46,682 DEBUG [http-bio-443-exec-20] api.SAMLSSOManager - enter getAcsUrlIndex 2018-01-30 10:37:46,682 INFO [http-bio-443-exec-20] utils.PropertiesFileUtil - No need, it's already loaded :ssoconfig.properties 2018-01-30 10:37:46,682 INFO [http-bio-443-exec-20] utils.PropertiesFileUtil - Loading the properties file content :ssoconfig.properties 2018-01-30 10:37:46,683 INFO [http-bio-443-exec-20] app.SSOConfigManager - Operation :getAcsUrlIndex 2018-01-30 10:37:46,683 DEBUG [http-bio-443-exec-20] app.SSOConfigManager - enter getAcsUrlIndex 2018-01-30 10:37:46,683 DEBUG [http-bio-443-exec-20] app.SSOConfigManager - exit getAcsUrlIndex 2018-01-30 10:37:46,683 DEBUG [http-bio-443-exec-20] app.SSOConfigManager - exit executeOperation 2018-01-30 10:37:46,683 INFO [http-bio-443-exec-20] api.SAMLSSOManager - successfully executed executeCommand for API - getAcsUrlIndex 2018-01-30 10:37:46,683 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Index :0 2018-01-30 10:37:46,684 INFO [http-bio-443-exec-20] authentication.SAMLAuthenticator - SAMLAuthenticator:validateIDPXMLForExpiredCertificate:Begin 2018-01-30 10:37:46,684 INFO [http-bio-443-exec-20] utils.PropertiesFileUtil - No need, it's already loaded :ssoconfig.properties 2018-01-30 10:37:46,684 INFO [http-bio-443-exec-20] utils.PropertiesFileUtil - Loading the properties file content :ssoconfig.properties 2018-01-30 10:37:46,684 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - IDP xml /usr/local/platform/sso/saml/metadata/idp.xml 2018-01-30 10:37:46,685 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Root element EntityDescriptor 2018-01-30 10:37:46,685 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Number of Certificates 0 2018-01-30 10:37:46,686 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Base 64 Encoded Certificate MIIC2jCCAcKgAwIBAgIQIio6VZphYqhKU7rEzfN2XTANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIEVuY3J5cHRpb24gLSBhZGZzLm5zZi5nb3YwHhcNMTcwMzE0MTQ1MDAyWhcNMTgwMzE0MTQ1MDAyWjApMScwJQYDVQQDEx5BREZTIEVuY3J5cHRpb24gLSBhZGZzLm5zZi5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqdc24SdqAmPA0Z6HEkUMjegbWzoE4XnDVef1cQORAjp+9An0fYGXKXIZjQJ/rgt3IRZVTxEgWbe4km3x1xci9rACNBww4EvOZJkkUoX0QRfeF9Vg5VcgsbmNtpu0lfFBi51Yn9GfZtBdqZLvtHlnc018F9qXN8+jiPh0Bl3k6US69YFtY5kDBhJBh/wMDyVgmgIo9ZxK3375sQGZw1IiD4JLULd1vUuITeqdvIwy4D+uYkKxzTHQaO4jMMuO4jXu+zSJUsGo6oYVZhXXY6sXm/Dl0ceHR9T2Giufz5Xios9SgX3ajASkP/Q7rJvK9/grW6CXB2e0iiQEshdTMGKhXAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAF3wif5CmUpUvd6or7AhN0DwYriLsCuoLIiChNrsGLrPxGW68krDvbpVCps3IidG7J8QHe03C3YsYuO6tWUIF0MCqESKviaAxcaUxQyH/dcv27wHP45vmPpiwRc9AbRYLqwlIKHiSlL5ExUGJZOISKsVJItszYDDRKIohsb/LfhlzOBVZMQhpDkbYflsrjJKIOYHOX2Q3cigeYMSkA709gSPBGnlQShIg7wzKcaGA7AzmilhM2Oy7zT1Eqm+rB4g80mO/acGJUH3/wkwA8IDAOdpgBKIeEJCiSBDQ+0n9plljAD0uDLNTdt0sTU4Vtu5Yv82eQijoa2HWZ+tfTA1k6Q= 2018-01-30 10:37:46,686 INFO [http-bio-443-exec-20] authentication.SAMLAuthenticator - SAMLAuthenticator:validateIDPXML:Begin 2018-01-30 10:37:46,686 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Generating for the Decoded Certificate String.. 2018-01-30 10:37:46,686 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Checking the Validity of the Generated Certificate.. 2018-01-30 10:37:46,686 INFO [http-bio-443-exec-20] authentication.SAMLAuthenticator - SAMLAuthenticator:validateIDPXML:End 2018-01-30 10:37:46,686 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Certificate Expiry Status: false 2018-01-30 10:37:46,686 INFO [http-bio-443-exec-20] authentication.SAMLAuthenticator - SAMLAuthenticator:validateIDPXMLForExpiredCertificate:End 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Determine matches for relayuri 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Match found ::%2Fssosp%2Foauth%2Fauthorize%3Fscope%3DUnifiedCommunications%3Areadwrite%26response_type%3Dtoken%26client_id%3DC41eb54529dd9907e01d3744ead3a991ba9cc4c772b0497ebe8a103fa69fe81a8 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - encoded relay uri ::%2Fssosp%2Foauth%2Fauthorize%3Fscope%3DUnifiedCommunications%3Areadwrite%26response_type%3Dtoken%26client_id%3DC41eb54529dd9907e01d3744ead3a991ba9cc4c772b0497ebe8a103fa69fe81a8:: 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - decoded relay uri ::/ssosp/oauth/authorize?scope=UnifiedCommunications:readwrite&amp;response_type=token&amp;client_id=C41eb54529dd9907e01d3744ead3a991ba9cc4c772b0497ebe8a103fa69fe81a8:: 2018-01-30 10:37:46,687 ERROR [http-bio-443-exec-20] authentication.SAMLAuthenticator - Metadata not initialized 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Error while processing saml request.... 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - Error in Metadata.. 2018-01-30 10:37:46,687 DEBUG [http-bio-443-exec-20] authentication.SAMLAuthenticator - error url is ::/ssosp/error?id=1000010 2018-01-30 10:37:46,706 INFO [http-bio-443-exec-20] servlet.ErrorServlet - Dname Cisco Unified Communications Manager 2018-01-30 10:37:46,706 INFO [http-bio-443-exec-20] servlet.ErrorServlet - SAML Metadata not initialized.Error Message</PRE> Mon, 18 Mar 2019 02:18:55 GMT https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3321784#M5963 Matthew S 2019-03-18T02:18:55Z https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3324340#M5964 <P>In case anyone finds this the fix for us was to restart the Tomcat Service on all of our Call Managers.&nbsp;</P> <P>&nbsp;</P> <P>We had an NTP issue a week ago and our MACs were still pointing to a high Stratum NTP server. Once we restarted the Tomcat Service they were able to login again.&nbsp;</P> Fri, 02 Feb 2018 19:20:20 GMT https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3324340#M5964 Matthew S 2018-02-02T19:20:20Z https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3397441#M5965 <P>tomcat restart fixed my SAML SSO issue too.</P> <P>&nbsp;</P> <P>Thanks for this post.</P> Mon, 11 Jun 2018 14:04:24 GMT https://community.cisco.com/t5/collaboration-applications/mac-jabber-clients-cannot-login-using-sso/m-p/3397441#M5965 Arun Kalpathi Ganapathi 2018-06-11T14:04:24Z