|
Bugzilla – Full Text Bug Listing |
| Summary: | The default IdP metadata fails to parse | ||
|---|---|---|---|
| Product: | GridShib | Reporter: | sassa <o.otenko@kent.ac.uk> |
| Component: | Query Clients | Assignee: | Tim Freeman <tfreeman@mcs.anl.gov> |
| Status: | ASSIGNED | ||
| Severity: | normal | CC: | gridshib-dev@globus.org, trscavo@gmail.com, vwelch@uiuc.edu |
| Priority: | P3 | ||
| Version: | unspecified | ||
| Target Milestone: | beta | ||
| Hardware: | PC | ||
| OS: | Linux | ||
The default IdP metadata fails to be parsed by IdP tester. I get the following output: Error: Unable to read metadata: org.opensaml.MalformedException: Attribute invalid, requires name and namespace, and at least one value The exception is thrown inside some OpenSAML class, used by Shibboleth IdP classes to parse the attributes in Metadata. (used by IdP tester to load IdP metadata) The exception is caused by the attribute with no values in the example idp metadata provided with GridShib installation: <saml:Attribute ... Name="urn:mace:dir:attribute-def:eduPersonAffiliation" ...> <saml:AttributeValue>... <!-- this one is read fine --> </saml:Attribute> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:dir:attribute-def:eduPersonPrincipalName" NameFormat="urn:mace:shibboleth:1.0:attributeNamespace:uri"/> The last attribute does not have any values and causes errors inside OpenSAML library. A workaround is to comment the last attribute out from idp metadata. Check whether Shib IdP 1.3c supplies the right version of OpenSAML library?