OpenSAML user discussion

[<>]

Title: Question SAML Exception

Hi all,

I use opensaml 1.0 for validating SAML messages.
I have the following exception in my logs:

org.opensaml.SAMLException: EGOV_USER_LEVEL2_LOCKED
  at org.opensaml.SAMLException.getInstance(Unknown Source)
  at org.opensaml.SAMLResponse.fromDOM(Unknown Source)
  at org.opensaml.SAMLResponse.<init>(Unknown Source)
  at be.cm.apps.cmweb.web.samlprocessing.SAMLValidator.startValidation(SAMLValidator.java:68)
at be.cm.apps.cmweb.web.samlprocessing.CmWebSamlProcessorServlet.doPost(CmWebSamlProcessorServlet.java:70)
  at ……etc.

The SAML Message we get has an error code (EGOV_USER_LEVEL2_LOCKED). That SAML message does not have thus any assertion, but only the signature and the status.

The line 68 of the class SAMLValidator is:

SAMLResponse samlResp = new SAMLResponse( XML.parserPool.parse(new ByteArrayInputStream(samlMsg)).getDocumentElement());

I have seen in the documentation of the parse method in the class ParsePool, and it says that the SAMLException is thrown if there is no parser available. I find this very strange because I think the SAML message gets parsed since I know its error status.

Does anyone have an idea of what's going on? Is this behaviour right?

Kind regards,
Miro Casanova