Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1063

Error when removing the salt from the storedID DataConnector - can't generate random persistentID

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.1
    • Fix Version/s: 3.4.0
    • Component/s: Attribute Resolver
    • Labels:
    • Operating System:
      Linux
    • Java Version:
      Oracle Java 8
    • Servlet Container:
      Apache Tomcat 7

      Description

      In the storedIDConnector wiki page (2nd paragraph), it states that in the connector: "If no salt is provided, then a random value is generated". I am interested in moving our connector on this test platform from the salted version to this truly random one.

      But, when I remove the salt from the DataConnector properties (and the idp.persistentId.salt variable) I get an error on startup that it is required:

      2016-10-12 15:20:49,538 - ERROR [net.shibboleth.utilities.java.support.service.AbstractReloadableService:181] - Service 'shibboleth.AttributeResolverService': Initial load failed
      net.shibboleth.utilities.java.support.service.ServiceException: org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 208 in XML document from file [/opt/shibboleth-idp/conf/attribute-resolver-ldap.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 208; columnNumber: 19; cvc-complex-type.4: Attribute 'salt' must appear on element 'resolver:DataConnector'.
      at net.shibboleth.ext.spring.service.ReloadableSpringService.doReload(ReloadableSpringService.java:334)

      The working (salted) DataConnector in the attribute resolver looks like:

      <resolver:DataConnector id="myStoredId" xsi:type="dc:StoredId"
      generatedAttributeID="persistentID"
      sourceAttributeID="%

      {idp.persistentId.sourceAttribute}"
      salt="%{idp.persistentId.salt}"
      queryTimeout="0">
      <resolver:Dependency ref="%{idp.persistentId.sourceAttribute}

      "/>
      <dc:BeanManagedConnection>shibboleth.PostgreSQLDataSource</dc:BeanManagedConnection>
      </resolver:DataConnector>

      Is it possible to use the storedID DataConnector in the 'saltless' mode to generate random persistentIDs?

        Attachments

          Activity

            People

            Assignee:
            rdw@iay.org.uk Rod Widdowson
            Reporter:
            kffrbymxdefouktuf2ybof0gb/y=@https://idp.gla.ac.uk/shibboleth kffrbymxdefouktuf2ybof0gb/y=@https://idp.gla.ac.uk/shibboleth
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: