Skip to Content.
Sympa Menu

shibboleth-dev - Re: Custom IdP Extension - example schema does not work

Subject: Shibboleth Developers

List archive

Re: Custom IdP Extension - example schema does not work


Chronological Thread 
  • From: Jan Peter Stotz <>
  • To:
  • Subject: Re: Custom IdP Extension - example schema does not work
  • Date: Fri, 12 Mar 2010 09:58:10 +0100
Hi Jim,

thanks for your feedback. That you have managed to create a working
extension gives me hope that one day mine will run, too.

I think my major problem is that there is no information available how
to specify the extended handler in handler.xml. Even in the
Springframework documentation the case of extending an existing type is
not covered. My extended schema is now as follows:

<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema
targetNamespace="http://ist-swift.org/idmcard/shibboleth/idp/authn";
xmlns="urn:mace:shibboleth:2.0:idp:profile-handler"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
elementFormDefault="qualified">

<xsd:import
schemaLocation="classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd" />

<xsd:complexType name="SmartCard">
<xsd:complexContent>
<xsd:extension base="LoginHandlerType">
<xsd:attribute name="appletID" type="xsd:string" />
<xsd:attribute name="authenticationServletURL"
type="xsd:string" />
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:schema>

And I added the my handler in handler.xml using this snippet:

<LoginHandler xsi:type="SmartCard" appletID="4f6e43617264496450">
<AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthenticationMethod>
</LoginHandler>

But it looks like my custom schema is not being included, because when I
start tomcat with the extended idp I get an exception:

org.xml.sax.SAXParseException: cvc-elt.4.2: Cannot resolve 'SmartCard'
to a type definition for element 'LoginHandler'.

Any help on that topic would be appreciated...

Ciao, Jan

Jim Fox wrote:
> I've used that guide several times. Although I see that my xsd files
> have explicit namespace declarations everywhere, and the default
> namespace is the profile handler's, i.e.,
>
> <xsd:schema
> targetNamespace="urn:mace:shibboleth:2.0:idp:ext:ecp:profile-handler"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns="urn:mace:shibboleth:2.0:idp:profile-handler"
> xmlns:idpprofile="urn:mace:shibboleth:2.0:idp:profile-handler"
>
> xmlns:ecpprofile="urn:mace:shibboleth:2.0:idp:ext:ecp:profile-handler"
> elementFormDefault="qualified">
>
> <xsd:import namespace="urn:mace:shibboleth:2.0:idp:profile-handler"
>
> schemaLocation="classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd"/>
>
> and etc.
>
>
> Don't remember if that was necessary though.

Archive powered by MHonArc 2.6.16.

Top of Page