Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Problem Validating an Assertion

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Problem Validating an Assertion


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] Problem Validating an Assertion
  • Date: Mon, 01 Mar 2010 05:02:28 -0500



On 3/1/2010 1:07 AM, Sidhartha Priye wrote:
Suneet,

I may be wrong but this does not look right to me

<saml2:NameID Format="NameIdentifierType" NameQualifier="openiam">3006</saml2:NameID>

I am not sure if NameID Format can be any string. The experts here can speak to it. I know there are well defined formats you can choose from. For e.g.



Yes, that value is illegal - the NameID Format is defined in the schema as an xs:anyURI and the SAML spec further states that it is required to be an absolute URI (rather than relative).   However, OpenSAML just uses a String to represent most/all xs:anyURI's (mostly for the sake of simplicity of API), and it would be "accepted" by OpenSAML when unmarshalling the SAML structure.  This is definitely not causing the original poster's error, as I mentioned in my earlier note, it's a more general XML parsing issue.

--Brent




Archive powered by MHonArc 2.6.16.

Top of Page