Hi,
I seem to be having frequent problems with invalid XML in the SAML response
I've seen this with different clients (mod_auth_cas and perl) and
different versions of CAS (4.0_RC1 and 3.5.2)
Some times it works and everything is fine, but often not - the XML
errors are not always in the same place.
I am using attribute release.
Any ideas how to track this down very welcome!
Thanks,
Ian
One example:
I've checked that the ResponseID and AssertionID match. (changed the
name identifier but otherwise as from the logs)
In the server logs I see:
2013-09-10 13:54:39,078 DEBUG [PROTOCOL_MESSAGE] -
......
<saml1:AuthenticationStatement
AuthenticationInstant="2013-09-10T13:47:19.447Z"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">
<saml1:Subject>
<saml1:NameIdentifier>m...@example.org</saml1:NameIdentifier>
<saml1:SubjectConfirmation>
<saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod>
</saml1:SubjectConfirmation>
</saml1:Subject>
</saml1:AuthenticationStatement>
In the client I see:
<saml1:AuthenticationStatement
AuthenticationInstant="2013-09-10T13:47:19.447Z"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">
<saml1:Subject>
<saml1:NameIdentifier>m...@example.urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod>
</saml1:SubjectConfirmation></saml1:Subject>
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
