Shibboleth Developers

[Chad La Joie <>]

This was due to a couple small schema bugs, which are now fixed.  Go
ahead and grab the latest code and it should parse everything okay.

Olav Morken wrote:
> Hi,
> 
> I am currently testing the Shibboleth 2.0 IdP alpha release. I have got
> login working from a Shibboleth 2.0 SP with the SAML2 HTTP-POST binding.
> However, I have been unable to make the IdP sign the
> samlp:Response-element.
> 
> If I have understood the schemas correctly, then I am supposed to add a
> Credential-element as the last element in the RelayingPartyGroup-element
> in the 'relying-party.xml'-file. I have not been able to figure out the
> syntax of this element.
> 
> I have tried the following:
> 
>     <Credential>
>         <X509Inline id="testkey" xmlns="urn:mace:shibboleth:2.0:credential">
>             <KeyName>testkey</KeyName>
>             <PrivateKey>
>                 <!-- base64-encoded private key -->
>             </PrivateKey>
>             <Certificate>
>                 <!-- base64-encoded certificate -->
>             </Certificate>
>         </X509Inline>
>     </Credential>
> 
> This gives an exception while parsing the configuration files which is
> caused by:
> org.xml.sax.SAXParseException: cvc-type.2: The type definition cannot
> be abstract for element Credential.
> 
> I have also tried to specify the X509Inline-element without enclosing it
> in a Credential-element. This gives an exception which is caused by:
> org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content
> was found starting with element 'X509Inline'. One of 
> {"urn:mace:shibboleth:2.0:relying-party":Credential}' is expected.
> 
> I am wondering if this functionality is implemented yet, and what syntax
> I am supposed to use.
> 
> 
> Thanks,
> 
> Olav Morken
> UNINETT

-- 
Chad La Joie             2052-C Harris Bldg
OIS-Middleware           202.687.0124