testshib.org registration issue

Discussion:

Michael Clemente

2014-10-16 14:25:33 UTC

When I try to upload my idp-metadata file I get an error saying that my xml
file is invalid. However, it is currently working in our production
environment and InCommon approved it for joining their federation. Is
there any way I can find out why it is being rejected?
--
Michael Clemente
Swarthmore College
Information Technology Services
500 College Avenue
Swarthmore, PA 19081
mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org
(610) 328-8675

Swarthmore College ITS staff will never ask you for your password,
including by email. Please keep your passwords private to protect yourself
and the security of our network.

Kevin Foote

2014-10-16 14:32:37 UTC

Permalink

Hi Michael,
It runs the xml through a quick pass against xmlsectool I believe. I'll have to review that check.

You can send me the file direct and I can take a look & add it in about 30 min. Or you can run it through xmlsectool and find the complaint. :)

- sent from mobile

On Oct 16, 2014, at 7:25 AM, Michael Clemente <mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org<mailto:mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org>> wrote:

When I try to upload my idp-metadata file I get an error saying that my xml file is invalid. However, it is currently working in our production environment and InCommon approved it for joining their federation. Is there any way I can find out why it is being rejected?

--
Michael Clemente
Swarthmore College
Information Technology Services
500 College Avenue
Swarthmore, PA 19081
mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org<mailto:mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org>
(610) 328-8675

Swarthmore College ITS staff will never ask you for your password, including by email. Please keep your passwords private to protect yourself and the security of our network.

Nate Klingenstein

2014-10-16 14:32:50 UTC

Permalink

Michael,

One of the XML validation checks is failing. You can run xmllint with schema validation against the SAML 2.0 specification yourself against the file and it should fail in the same way.

Exactly what's failing and why is more of a mystery, but the parser will tell you more. The most common cause is dingbats injected by browsers.

Hope this helps,
Nate.

On Oct 16, 2014, at 8:25 AM, Michael Clemente <mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org<mailto:mclemen2-Mvf1E5Z1flgA+OwIx0YR/***@public.gmane.org>> wrote:

When I try to upload my idp-metadata file I get an error saying that my xml file is invalid. However, it is currently working in our production environment and InCommon approved it for joining their federation. Is there any way I can find out why it is being rejected?

Cantor, Scott

2014-10-16 14:48:37 UTC

Permalink

Post by Michael Clemente
When I try to upload my idp-metadata file I get an error saying that my
xml file is invalid. However, it is currently working in our production
environment and InCommon approved it for
joining their federation.

InCommon doesn't take XML submissions, so there is no equatability. They
may have accepted the data in the sense that you provided the same
information, but the metadata you're building now is still (possibly)
invalid.

The wiki has lots of material on metadata correctness.

-- Scott

--
To unsubscribe from this list send an email to users-unsubscribe-***@public.gmane.org