shibboleth-dev - 1.3 SP with IdP 2.0
Subject: Shibboleth Developers
List archive
- From: Franck Borel <>
- To:
- Subject: 1.3 SP with IdP 2.0
- Date: Wed, 02 Jan 2008 13:31:42 +0100
- Delivery-date: Wed, 02 Jan 2008 13:31:45 +0100
Happy New Year!
after getting Shib 2.0 working, I try to make an Service Provider 1.3 speak with an IdP 2.0. The authentication request works, but the attribute request failed. Any idea?
SP 1.3 logging
==============
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Server certificate:
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: SSL certificate verify ok.
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: POST /shibboleth-idp/profile/SAML1/SOAP/AttributeQuery HTTP/1.1
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: HTTP/1.1 200 OK
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Date: Wed, 02 Jan 2008 12:16:43 GMT
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Server: Apache/2.2.4 (Linux/SUSE)
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Set-Cookie: JSESSIONID=8EBA1A29D163AF16EBB5067D3EAB094E; Path=/shibboleth-idp; Secure
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Content-Length: 146
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Content-Type: text/html;charset=ISO-8859-1
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Connection #0 to host aar.vascoda.de left intact
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: Closing connection #0
2008-01-02 13:16:43 DEBUG SAML.libcurl [1] sessionGet: SSLv3, TLS alert, Client hello (1):
2008-01-02 13:16:43 ERROR shibtarget.SessionCache [1] sessionGet: caught SAML exception during SAML attribute query: CgoKCjxodG1sPgoKPGJvZHk+Cgk8aW1nIHNyYz0
iL3NoaWJib2xldGgtaWRw
L2ltYWdlcy9sb2dvLmpwZyIgLz4KCTxoMz5FUlJPUjwvaDM+CglFcnJvciBN
ZXNzYWdlOiBJbnZhbGlkIFNBTUwgUmVxdWVzdCBtZXNzYWdlLgoJCjwvYm9k
eT4KCjwvaHRtbD4=
2008-01-02 13:16:43 WARN shibtarget.SessionCache [1] sessionGet: skipping binding on unsupported protocol (urn:oasis:names:tc:SAML:2.0:bindings:SOAP)
2008-01-02 13:16:43 ERROR shibtarget.SessionCache [1] sessionGet: no response obtained
2008-01-02 13:16:43 DEBUG shibtarget.Listener [2] sessionGet: checking for session:
2008-01-02 13:16:43 DEBUG shibtarget.Listener [2] sessionGet: application: default
2008-01-02 13:16:43 DEBUG shibtarget.SessionCache [2] sessionGet: searching memory cache for key (_4be0453fc7a1373a5b33ba3be249aa31)
2008-01-02 13:16:43 DEBUG shibtarget.SessionCache [2] sessionGet: Match found
2008-01-02 13:16:43 DEBUG shibtarget.Listener [2] sessionGet: Checking address against 132.230.25.122
2008-01-02 13:16:43 DEBUG shibtarget.SessionCache [2] sessionGet: testing session (ID: _4be0453fc7a1373a5b33ba3be249aa31) (lifetime=7200, timeout=3600)
2008-01-02 13:16:43 DEBUG shibtarget.Listener [2] sessionGet: session ok
2008-01-02 13:16:43 DEBUG shibtarget.SessionCache [2] sessionGet: populating attributes for session (ID: _4be0453fc7a1373a5b33ba3be249aa31)
IdP 2.0 logging
===============
13:16:43.906 INFO [Shibboleth-Access] 20080102T121643Z|132.230.25.113|aar.vascoda.de:8443|/profile/SAML1/SOAP/AttributeQuery|
13:16:43.915 ERROR [edu.internet2.middleware.shibboleth.idp.profile.saml1.AttributeQueryProfileHandler] Incomming message was not a Request, it was a org.o
pensaml.ws.soap.soap11.impl.EnvelopeImpl
13:16:43.918 ERROR [edu.internet2.middleware.shibboleth.common.profile.ProfileRequestDispatcherServlet] Encountered error processing request to /SAML1/SOAP
/AttributeQuery, invoking error handler
edu.internet2.middleware.shibboleth.common.profile.ProfileException: Invalid SAML Request message.
at edu.internet2.middleware.shibboleth.idp.profile.saml1.AttributeQueryProfileHandler.decodeRequest(AttributeQueryProfileHandler.java:153)
at edu.internet2.middleware.shibboleth.idp.profile.saml1.AttributeQueryProfileHandler.processRequest(AttributeQueryProfileHandler.java:75)
at edu.internet2.middleware.shibboleth.idp.profile.saml1.AttributeQueryProfileHandler.processRequest(AttributeQueryProfileHandler.java:52)
at edu.internet2.middleware.shibboleth.common.profile.ProfileRequestDispatcherServlet.service(ProfileRequestDispatcherServlet.java:74)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:595)
-- Franck
- 1.3 SP with IdP 2.0, Franck Borel, 01/02/2008
- Re: 1.3 SP with IdP 2.0, Franck Borel, 01/02/2008
- Re: 1.3 SP with IdP 2.0, Chad La Joie, 01/02/2008
- Re: 1.3 SP with IdP 2.0, Franck Borel, 01/02/2008
Archive powered by MHonArc 2.6.16.