Exception:
2015-06-18 17:26:12,105 DEBUG [TRC - DEFAULT - SID: 260162194708150277 - RID: 105101999724952484] | 001 FedLib: SAMLServiceManager: SAMLServiceManager: No POST to targets found
2015-06-18 17:26:12,105 DEBUG [TRC - DEFAULT - SID: 260162194708150277 - RID: 105101999724952484] | 001 FedLib: SAMLServiceManager: SAMLSMangr: add instanceID: https://localhost:0, serverURL=https://localhost:0, legacy serverURL=https://localhost:0, isthissite=true
2015-06-18 17:26:12,105 DEBUG [TRC - DEFAULT - SID: 260162194708150277 - RID: 105101999724952484] | 001 FedLib: SAMLServiceManager: SAMLServiceManager: No entry in partner url config!
...
2015-06-18 17:26:12,108 WARN [TRC - AuthServer - 0001 - SID: 260162194708150277 - RID: 106932016300606181] | 001 SamlErrorServlet: SAML2 Exception: Exception-ID 2108:4768, code="failedToProcessSSOResponse", message="Error retrieving meta data."; stack trace might be in the debug log
Reason 1:
possibly, the 'hosted=0|1' flag in sp-extended.xml is wrong
Solution 1:
set the flag correctly ("1" for the copy on the SP and to "0" for the copy on the IDP)
Reason 2:
In a setup where Airlock IAM is SAML SP, you test with localhost instead of the FQDN. It is currently unclear why this has an influence since the FQDN is not present in the SAML XML configuration files.
Solution 2:
Access the SAML SP with FQDN.