XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.0, 1.1, 1.2
    • Fix Version/s: 1.2.1
    • Component/s: Encryption
    • Labels:
      None
    • Environment:

      Linux 2.6.18-53.el5PAE

    • Operating System:
      Linux
    • CPU Type:
      x86
    • C/C++ Compiler:
      GCC 4.x

      Description

      As I haven't access to the IdP link in order to authenticate and test the assertion, I try to replay the assertion from my own computer.

      Shibd.log says :

      2009-06-08 16:14:02 DEBUG OpenSAML.MessageDecoder.SAML2 [2]: message from (federation.gsk.com)
      2009-06-08 16:14:02 DEBUG OpenSAML.MessageDecoder.SAML2 [2]: searching metadata for message issuer...
      2009-06-08 16:14:02 DEBUG OpenSAML.SecurityPolicyRule.MessageFlow [2]: evaluating message flow policy (replay checking on, expiration 60)
      2009-06-08 16:14:02 DEBUG XMLTooling.StorageService [2]: inserted record (_059c1567733d5ca73a76f8e7724802550e07) in context (MessageFlow)
      2009-06-08 16:14:02 DEBUG Shibboleth.SSO.SAML2 [2]: processing message against SAML 2.0 SSO profile
      2009-06-08 16:14:02 DEBUG XMLTooling.KeyInfoResolver.Inline [2]: resolving ds:X509Certificate
      2009-06-08 16:14:02 DEBUG XMLTooling.KeyInfoResolver.Inline [2]: resolved 1 certificate(s)

      And the fake assertion emitter receive a ListenerException :

      shibsp::ListenerException at (https://OBFUSCATED/Shibboleth.sso/SAML2/POST)
      Failure receiving response to remoted message (default/SAML2/POST)

      Then if I try to ask shibboleth again, I receive :

      shibsp::ListenerException at (https://OBFUSCATED/Shibboleth.sso/SAML2/POST)
      Cannot connect to shibd process, a site adminstrator should be notified.

      On the SP side Shibboleth is down :

      [root@frfcqws941ix3r8 shibboleth]# ps -Al | grep shibd
      [root@frfcqws941ix3r8 shibboleth]# service shibd start
      Starting shibd: lock file found but no process running for pid 15460, continuing

      Please find the assertion as attachment.
      Please, let me know if you need more informations or data.

        Attachments

        1. assertion_b64.txt
          12 kB
          Sébastien PIAU
        2. assertion_bugtracking.xml
          10 kB
          Sébastien PIAU
        3. cert.pem
          1 kB
          Sébastien PIAU
        4. cts-idp-metadata.xml
          13 kB
          Sébastien PIAU
        5. key.pem
          2 kB
          Sébastien PIAU
        6. saml4_base64.xml
          14 kB
          Sébastien PIAU
        7. shibd_crash.txt
          2 kB
          Sébastien PIAU
        8. shibd.log
          43 kB
          Sébastien PIAU
        9. shibd.log
          40 kB
          Sébastien PIAU

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            spiau Sébastien PIAU
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: