Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1766

upgrade issues due to removal of shibboleth.DefaultSessionTypeProtocolMap



    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.1.0
    • Component/s: Configuration, Installer
    • Labels:


      I'm testing upgrading my (ancient but upgraded to current) IdP installation to the latest 4.1.0-SNAPSHOT.

      This currently goes "splat" with the following error inside the Jetty log:

      org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'shibboleth.AvailableAuthenticationFlows': Cannot create inner bean 'authn/IPAddress' of type [net.shibboleth.idp.authn.AuthenticationFlowDescriptor] while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authn/IPAddress' defined in file [/opt/shibboleth-idp/conf/authn/general-authn.xml]: Cannot resolve reference to bean 'shibboleth.PrincipalServiceManager' while setting bean property 'principalServiceManager'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'shibboleth.PrincipalServiceManager' defined in class path resource [net/shibboleth/idp/conf/authn-system.xml]: Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'shibboleth.SessionTypeProtocolMap' defined in file [/opt/shibboleth-idp/conf/session-manager.xml]: Could not resolve parent bean definition 'shibboleth.DefaultSessionTypeProtocolMap'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'shibboleth.DefaultSessionTypeProtocolMap' available

      This seems to come from the following bean in my conf/session-manager.xml:

          <!-- Modify only to add extension types associated with non-built-in SSO protocols. -->
          <bean id="shibboleth.SessionTypeProtocolMap" parent="shibboleth.DefaultSessionTypeProtocolMap">
              <property name="sourceMap">
                  <map merge="true">

      I don't think I have ever edited that file; I know that I haven't done so since I upgraded to the v3 snapshots prior to the release of v3.

      The bean in question was added to the default conf/session-managed.xml on 2014-12-14 in commit 0be9bc12. It was removed from that file on 2018-09-12 in commit a8f5a35a, which I think is prior to 3.4.0. Obviously none of the upgrades have affected my original vintage copy of the file.

      It seems bad to have the upgrade fail in this way in 4.1 for people whose original install is from V2 or from an early version of V3 (prior to V3.4.0).

      If we can't modify files in conf/ as part of the V4.1 upgrade (and I assume that's a given) then we probably need to add a dummy shibboleth.DefaultSessionTypeProtocolMap into the system configuration and have it give some kind of deprecation so that people can clean up for some later release (I guess that would have to be V5.0?).

      Tangentially, I will note that although 4.0.1 shipped with a default copy of session-manager.xml, 4.1.0-SNAPSHOT does not include one.




            cantor.2@osu.edu Scott Cantor
            ian@iay.org.uk Ian Young
            1 Start watching this issue



                Time Tracking

                Original Estimate - Not Specified
                Not Specified
                Remaining Estimate - 0 minutes
                Time Spent - 45 minutes