Skip to Content.
Sympa Menu

shibboleth-dev - [Shib-Dev] user agent string for Shib SP 2.4 AttributeResolver

Subject: Shibboleth Developers

List archive

[Shib-Dev] user agent string for Shib SP 2.4 AttributeResolver


Chronological Thread 
  • From: Bradley Schwoerer <>
  • To:
  • Subject: [Shib-Dev] user agent string for Shib SP 2.4 AttributeResolver
  • Date: Fri, 14 Jan 2011 19:13:17 -0600

I just got around to implementing our first 2.4 SP and configured it to do AttributeResolver. We ended up having a weird 400 error.

2011-01-14 17:13:53 ERROR Shibboleth.AttributeResolver.SimpleAggregation [16]: exception during SAML query to https://aa.qa.iam.wisconsin.edu:8443/aa/profile/SAML2/SOAP/AttributeQuery: CURLSOAPTransport failed while contacting SOAP endpoint (https://aa.qa.iam.wisconsin.edu:8443/aa/profile/SAML2/SOAP/AttributeQuery): The requested URL returned error: 400

On the IdP the http logs are:

144.92.201.198 - - [14/Jan/2011:17:13:53 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 400 416 "-" "9X\r\x05 m*o%j~s\x8ao\x9b\xabv!Y#\x01\x17\xe8\x9b\x9a\xa5\xcb\xf8Ovy\xa3\xd683\xec\x05\x9a\xca\x8d\x17J\x9dS\xe3\x973a\x16\x19O\x9d]\x98\x85F\x8f\x8d\x9c\xc5\xd3\xdb\xd2,\x8b\x84\xbf\xd5\x85\xfai\xf5q\x878?TG\xa0\x84\xb2\x87Q\x1a\xe7\xbd\x9a\xfdHk\x89l\r\x1a\xb5\x89d\xc9\xc5O#?\x9d\xbd*\x07\xf8BDX\xf7[6\xb9\xf0Uy\xd2\xe9\xa7o\x83%\xd5\x07z\x10\xdf\x1d{\xbaP$\xc2\x96gt\xf1\xcd\xe9\xb2$\xc7 \xae\xb2]\xa3(~\x9b\xec_Ho\xc8\xf9\xc6\r\xc2v" 289 28717

The other requests from the 2.4 SP have similarly bad user agent strings
144.92.201.198 - - [14/Jan/2011:16:01:43 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "-" 336762 5718
144.92.201.198 - - [14/Jan/2011:16:11:34 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "" 364532 5721
144.92.201.198 - - [14/Jan/2011:16:17:58 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "\x03" 199589 28716
144.92.201.198 - - [14/Jan/2011:16:21:30 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "\x03" 221131 22016
144.92.201.198 - - [14/Jan/2011:16:26:08 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "-" 141626 32369
144.92.201.198 - - [14/Jan/2011:16:27:32 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "\x06" 87909 29939
144.92.201.198 - - [14/Jan/2011:17:03:31 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "(\xdb\xfa\xfd\xae*" 189379 7576
144.92.201.198 - - [14/Jan/2011:17:13:08 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "(\xdb\xfa\xfd\xae*" 130817 30622
144.92.201.198 - - [14/Jan/2011:17:13:41 -0600] "POST /aa/profile/SAML2/SOAP/AttributeQuery HTTP/1.1" 200 2591 "-" "q" 256945 28237

The requests for the metadata are as expected though:
144.92.201.198 - - [14/Jan/2011:15:30:53 -0600] "GET /metadata/wi-federation-metadata.xml HTTP/1.1" 200 233900 "-" "shibboleth/2.4 OpenSAML/2.4.0 XMLTooling/1.4.0 XML-Security-C/1.6.0 Xerces-C/3.1.1 log4shib/1.0.4 libcurl/7.15.5 OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008" 5863 32342

I am guess this is the result of https://bugs.internet2.edu/jira/browse/SSPCPP-297, which I had requested. I apologize for not testing earlier.


-Bradley Schwoerer



Archive powered by MHonArc 2.6.16.

Top of Page