metadata-support - [Metadata-Support]
Subject: InCommon metadata support
List archive
- From: Jeffrey J Ramsay <>
- To: "metadata-suppo." <>
- Subject: [Metadata-Support]
- Date: Wed, 13 Jan 2016 16:26:33 -0500
Hello:
--
I have been struggling with this problem for over an hour and can't resolve it myself. I'm trying to configure my IdP to verify the InCommon metadata and it's failing with the following error message. If I remove "requireSignedRoot="true"" it will download the data without warnings but I suspect it's not verified.
Caused by: org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 36 in XML document from file [/u01/app/badm/apps/test/shibboleth-idp/conf/metadata-provid
ers.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 36; columnNumber: 63; cvc-complex-type.3.2.2: Attribute 'requireSignedRoot' is not allowed t
o appear in element 'MetadataFilter'.
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:399)
Caused by: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'requireSignedRoot' is not allowed to appear in element 'MetadataFilter'.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203)
2016-01-13 16:19:33,659 - ERROR [net.shibboleth.utilities.java.support.service.AbstractReloadableService:185] - Service 'shibboleth.MetadataResolverService': No further attempt
s will be made to reload
My setup is as follows:
<MetadataProvider id="INCXXXXX" xsi:type="FileBackedHTTPMetadataProvider"
backingFile="%{idp.home}/metadata/InCommon-metadata-preview.xml"
minRefreshDelay="PT5M" maxRefreshDelay="PT1H" refreshDelayFactor="0.75">
<MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"
certificateFile="%{idp.home}/credentials/inc-md-cert.pem"/>
<MetadataFilter xsi:type="RequiredValidUntil" maxValidityInterval="P14D"/>
<MetadataFilter xsi:type="EntityRoleWhiteList">
<RetainedRole>md:SPSSODescriptor</RetainedRole>
</MetadataFilter>
</MetadataProvider>
Thanks,
-Jeff
Jeffrey Ramsay
Assistant Director
Enterprise Software Infrastructure
and Technical Planning
Binghamton University
http://www.binghamton.edu
Assistant Director
Enterprise Software Infrastructure
and Technical Planning
Binghamton University
http://www.binghamton.edu
- [Metadata-Support], Jeffrey J Ramsay, 01/13/2016
- Re: [Metadata-Support], Tom Scavo, 01/13/2016
- Re: [Metadata-Support], Jeffrey J Ramsay, 01/13/2016
- Re: [Metadata-Support], Tom Scavo, 01/13/2016
- Re: [Metadata-Support], Jeffrey J Ramsay, 01/13/2016
- Re: [Metadata-Support], Tom Scavo, 01/13/2016
- Re: [Metadata-Support], Jeffrey J Ramsay, 01/13/2016
- Re: [Metadata-Support], Tom Scavo, 01/13/2016
Archive powered by MHonArc 2.6.16.