Shibboleth Developers

[André Cruz <>]

On Feb 25, 2010, at 16:48 , Scott Cantor wrote:

> An example today where this runs into problems is if the root signature's
> corrupt. I can't tell that until the filters run and the filters can alter
> the document, so if I wait to back it up until the filters run, it's too
> late. So I have to change it to a two stage process.

I tested the IDP 2.1.5 and it exhibits the same behavior regarding Metadata 
filters. When a botched signature occurs or the schema is not valid, the 
local file is overwritten with this metadata that can't be loaded.

>> Should I file it in JIRA?
> 
> I'm probably going to change it anyway, but having a bug filed is best.

Ok. I'll do it then.

> put XHTML in place of your metadata, or you could turn schema validation on.
> There's no way it would have validated.

According to 
https://spaces.internet2.edu/display/SHIB2/NativeSPMetadataProvider schema 
validation is only an option for the Dynamic MetadataProvider. I use the XML 
MetadataProvider.

On another note, both in the IDP and SP schema validation is off by default. 
At first glance schema validation seems like the logical thing to do, it is 
that expensive or requires remote network calls?

André