shibboleth-dev - RE: Feature request for metadatatool
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: Feature request for metadatatool
- Date: Wed, 23 Nov 2005 14:37:09 -0500
- Organization: The Ohio State University
> Yes, but that brings up a point. Our production installation won't
> verify the metadata. The tool always says "signature did not
> verify". Our development idp also 1.3, but version 1.3c, does
> verify the signatures OK.
That's a symptom of a bug in an opensaml build caused by the switch to
Xerces to fix the memory leaks that was accidentally left out of 1.3b but
released in 1.3c.
You can fix it by updating the opensaml jar in your <install>/lib folder
without disrupting your IdP itself.
> If the production system signs a file it can then verify it -
> and the dev system can verify it also. However, if the dev system
> signs a file the production system cannot verify it.
That's moderately surprising. I wouldn't expect it to verify anything that
included base64 blobs inside the signed content.
-- Scott
- Feature request for metadatatool, Lukas Haemmerle, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- Re: Feature request for metadatatool, Lukas Haemmerle, 11/24/2005
- Re: Feature request for metadatatool, Scott Cantor, 11/24/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
Archive powered by MHonArc 2.6.16.