Skip to Content.
Sympa Menu

shibboleth-dev - RE: Shib 2 IdP, Second Feature Set Release

Subject: Shibboleth Developers

List archive

RE: Shib 2 IdP, Second Feature Set Release


Chronological Thread 
  • From: <>
  • To: <>
  • Subject: RE: Shib 2 IdP, Second Feature Set Release
  • Date: Fri, 30 Nov 2007 09:46:23 -0500

I have 4 machines I have been trying to get aacli working on, and each failed
in a different way. It turns out this machine had the libraries endorsed
incorrectly (xerces was endorsed, since it was a new version in this beta
from the previous one), but Xalan was not. As an aside when Xerces is not
endorsed the error message generated says that exactly, which is probably why
it never occurred to me that I had endorsed one library and not the other.

I got it all working now though, and the mistakes on the other machines were
different configuration mistakes.

Thanks,
Jeff

________________________________

From: Chad La Joie
[mailto:]
Sent: Fri 11/30/2007 1:42 AM
To:

Subject: Re: Shib 2 IdP, Second Feature Set Release



Nope, that's the error for not having Xerces/Xalan endorsed. So
whatever you did to try to endorse the libs didn't work.

Note that the stacktrace clearly shows the Sun's parser classes:

com.sun.org.apache.xerces.internal.jaxp


wrote:
> Prior to the error messages below I had forgotten to endorse the
> provided xerces/xalan libraries, and I received different error messages
> that were quite clear. I endorsed the xerces/xalan libraries and
> started getting these errors.
>
> -----Original Message-----
> From:
>
>
> [mailto:]
> Sent: Thursday, November 29, 2007 7:02 PM
> To:
>
> Subject: RE: Shib 2 IdP, Second Feature Set Release
>
> Is the aacli utlity supposed to work with this release? I haven't tried
> deploying this new IDP to a servlet container, but I did want to do some
> testing with aacli to test some custom attribute connectors I have.
> Initially I did a more complex install/configuration, which did not work
> and left me with some strange errors. I did a new install, trying to
> minimize the changes I made to maximize reproducibility of the bug, and
> I am getting strange XML parsing errors. Glancing at the
> "shib-dist/xmltooling/resources/classpath/default-config.xml" and the
> associated schemas, it does not seem like the XML changed at all in this
> release, so I'm at a loss for why the validator is suddenly having
> problems.
>
> 18:44:34.189 [main] ERROR org.opensaml.xml.XMLConfigurator -
> Configuration file does not validate against schema
> org.xml.sax.SAXParseException: UndeclaredPrefix: Cannot resolve
> 'xt:DEFAULT' as a QName: the prefix 'xt' is not declared.
> at
> com.sun.org.apache.xerces.internal.jaxp.validation.Util.toSAXParseExcept
> ion(Util.java:109)
> at
> com.sun.org.apache.xerces.internal.jaxp.validation.Util.toSAXParseExcept
> ion(Util.java:109)
> at
> com.sun.org.apache.xerces.internal.jaxp.validation.ErrorHandlerAdaptor.e
> rror(ErrorHandlerAdaptor.java:104)
> at
> com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XML
> ErrorReporter.java:382)
> at
> com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XML
> ErrorReporter.java:316)
> at
> com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorRe
> porter.reportError(XMLSchemaValidator.java:429)
> at
> com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSche
> maError(XMLSchemaValidator.java:3185)
> at
> com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.processOne
> Attribute(XMLSchemaValidator.java:2799)
> at
> com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.processAtt
> ributes(XMLSchemaValidator.java:2735)
> at
> com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStar
> tElement(XMLSchemaValidator.java:2094)
> at
> com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startEleme
> nt(XMLSchemaValidator.java:705)
> at
> com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorHandlerImpl.
> startElement(ValidatorHandlerImpl.java:335)
> at
> org.apache.xalan.transformer.TransformerIdentityImpl.startElement(Transf
> ormerIdentityImpl.java:1072)
> at
> org.apache.xml.serializer.TreeWalker.startNode(TreeWalker.java:357)
> at
> org.apache.xml.serializer.TreeWalker.traverse(TreeWalker.java:143)
> at
> org.apache.xalan.transformer.TransformerIdentityImpl.transform(Transform
> erIdentityImpl.java:389)
> at
> com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorImpl.process
> (ValidatorImpl.java:220)
> at
> com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorImpl.validat
> e(ValidatorImpl.java:141)
> at javax.xml.validation.Validator.validate(Validator.java:82)
> at
> org.opensaml.xml.XMLConfigurator.validateConfiguration(XMLConfigurator.j
> ava:348)
> at
> org.opensaml.xml.XMLConfigurator.load(XMLConfigurator.java:145)
> at
> org.opensaml.xml.XMLConfigurator.load(XMLConfigurator.java:125)
> at
> org.opensaml.DefaultBootstrap.initializeXMLTooling(DefaultBootstrap.java
> :136)
> at
> org.opensaml.DefaultBootstrap.bootstrap(DefaultBootstrap.java:75)
> at
> edu.internet2.middleware.shibboleth.common.attribute.AttributeAuthorityC
> LI.initialize(AttributeAuthorityCLI.java:110)
> at
> edu.internet2.middleware.shibboleth.common.attribute.AttributeAuthorityC
> LI.main(AttributeAuthorityCLI.java:83)
>
>
> There are earlier log4j logging error messages as well, which don't seem
> to stop the code from running, but might be further clues to the
> problem:
>
> [debug] Couldn't find class
> org.apache.velocity.runtime.log.Log4JLogChute or necessary supporting
> classes in classpath.
> org/apache/log4j/Appender
> java.lang.NoClassDefFoundError: org/apache/log4j/Appender
> at java.lang.Class.forName0(Native Method)
> at java.lang.Class.forName(Class.java:242)
> at
> org.apache.velocity.util.ClassUtils.getClass(ClassUtils.java:63)
> at
> org.apache.velocity.util.ClassUtils.getNewInstance(ClassUtils.java:95)
> at
> org.apache.velocity.runtime.log.LogManager.createLogChute(LogManager.jav
> a:147)
> at
> org.apache.velocity.runtime.log.LogManager.updateLog(LogManager.java:208
> )
> at
> org.apache.velocity.runtime.RuntimeInstance.initializeLog(RuntimeInstanc
> e.java:728)
> at
> org.apache.velocity.runtime.RuntimeInstance.init(RuntimeInstance.java:24
> 0)
> at
> org.apache.velocity.runtime.RuntimeSingleton.init(RuntimeSingleton.java:
> 113)
> at org.apache.velocity.app.Velocity.init(Velocity.java:83)
> at
> org.opensaml.DefaultBootstrap.initializeVelocity(DefaultBootstrap.java:1
> 17)
> at
> org.opensaml.DefaultBootstrap.bootstrap(DefaultBootstrap.java:73)
> at
> edu.internet2.middleware.shibboleth.common.attribute.AttributeAuthorityC
> LI.initialize(AttributeAuthorityCLI.java:110)
> at
> edu.internet2.middleware.shibboleth.common.attribute.AttributeAuthorityC
> LI.main(AttributeAuthorityCLI.java:83)
>
> -----Original Message-----
> From: Chad La Joie
> [mailto:]
> Sent: Monday, November 19, 2007 4:39 PM
> To:
>
> Subject: Shib 2 IdP, Second Feature Set Release
>
> The second set of Shib 2 IdP functionality is ready for testing. The
> big items in this "release" are:
> - Inbound message security rules
> - NameID and Assertion encryption
> - Transient ID support
>
> A list of available features, and those not yet available, can be found
> here CHANGELOG file located in the doc directory of your IdP source
> tree.
>
> Sites that have been testing the first set of functionality should start
> with a fresh version of Tomcat (because of the changes to the logging
> system), a fresh download of the IdP code, and a new IDP_HOME location.
>
> Installation instructions can be found here:
> https://spaces.internet2.edu/display/SHIB2/IdPBetaTest
>
> The general Shib 2 documentation site:
> https://spaces.internet2.edu/display/SHIB2/Home
>
> --
> SWITCH
> Serving Swiss Universities
> --------------------------
> Chad La Joie, Software Engineer, Security Werdstrasse 2, P.O. Box, 8021
> Zurich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68
> ,
> http://www.switch.ch <http://www.switch.ch/>

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch <http://www.switch.ch/>


<<winmail.dat>>




Archive powered by MHonArc 2.6.16.

Top of Page