Add SAMLStringElementCheckingStage to check SAML string element constraints

Description

Many elements in SAML metadata are given the basic string type in the schema but are further constrained by section 1.3.1 of SAMLCore as follows:

Unless otherwise noted in this specification or particular profiles, all strings in SAML messages MUST consist of at least one non-whitespace character (whitespace is defined in the XML Recommendation [XML] Section 2.3).

This can be done pretty easily using the DOM traversal framework I've been developing in the ukf-mda project, so I will prototype this there. The obvious API is to allow a Collection<QName> to check.

Environment

None

Activity

Show:

Ian YoungMay 25, 2020 at 1:39 PM

Imported along with its tests, commit ab2b46038f59d4c8e0b61ad060396e81745fe7ca.

Ian YoungMay 21, 2020 at 2:00 PM

I think both of these have value. I'll keep this issue as the former option, though, with https://shibboleth.atlassian.net/browse/MDA-229#icft=MDA-229 and https://shibboleth.atlassian.net/browse/MDA-241#icft=MDA-241 taking the other role.

Ian YoungNovember 7, 2019 at 12:07 PM

Another option will be to implement this as a standard set of validators applied using the https://shibboleth.atlassian.net/browse/MDA-229#icft=MDA-229 StringElementValidationStage.

Ian YoungMarch 11, 2015 at 11:12 AM

I have a version of this as SAMLStringElementCheckingStage in the ukf-mda project.

Done

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Created June 6, 2014 at 9:40 AM
Updated May 16, 2024 at 12:22 PM
Resolved May 25, 2020 at 1:45 PM

Flag notifications