Shib IdP 2.3.5 + ECP

Liam Hoekenga liamr at umich.edu
Mon Nov 21 21:13:58 GMT 2011 

It looks like the problem is having uApprove installed.
 From what I'm seeing, it's even a problem if it's installed and  
turned off via uApprove.properties.

To get ECP working at all, I had to remove all references to uApprove  
from idp/WEB-INF/web.xml.

Has anyone else seen this?  I've dropped a line to the folks at SWITCH  
asking for help.

Liam


Quoting Liam Hoekenga <liamr at umich.edu>:

> Should the handler.xml and relying-party.xml that ship with the 2.3.5
> distribution already be configured to support ECP?
>
> The docs in the wiki are based on the UW ECP extension that got
> absorbed into the IdP distribution..
>
>    https://wiki.shibboleth.net/confluence/display/SHIB2/IdP+ECP+Extension
>
> With the ecp namespace changing from "ecp" to "saml" in
> relying-party.xml, and from "ecp" to "ph" in handler.xml, it kind of
> looks like it should just work.
>
> I've got apache set up to handle the authentication, which it's
> doing.. but Shib is returning a SOAP error:
>
> <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
> <env:Body>
> <env:Fault>
> <faultcode>env:Client</faultcode>
> <faultstring>An error occurred processing the request.</faultstring>
> <detail/>
> </env:Fault>
> </env:Body>
> </env:Envelope>
>
> and the IdP log shows..
>
> 09:52:05.472 - DEBUG
> [edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager:86]
> - shibboleth.HandlerManager: Looking up profile handler for request
> path: /SAML2/SOAP/ECP
> 09:52:05.472 - DEBUG
> [edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager:97]
> - shibboleth.HandlerManager: Located profile handler of the following
> type for the request path:
> edu.internet2.middleware.shibboleth.idp.profile.saml2.SAML2ECPProfileHandler
> 09:52:05.474 - DEBUG
> [edu.internet2.middleware.shibboleth.idp.profile.saml2.SAML2ECPProfileHandler:271] - Decoding message with decoder  
> binding
> 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'
> 09:52:05.474 - DEBUG
> [org.opensaml.saml2.binding.decoding.HandlerChainAwareHTTPSOAP11Decoder:60] -
> Beginning to decode message from inbound transport of type:
> org.opensaml.ws.transport.http.HttpServletRequestAdapter
> 09:52:05.474 - DEBUG
> [org.opensaml.saml2.binding.decoding.HTTPSOAP11Decoder:122] -
> Unmarshalling SOAP message
> 09:52:05.474 - DEBUG
> [org.opensaml.ws.message.decoder.BaseMessageDecoder:183] - Parsing
> message stream into DOM document
> 09:52:05.637 - ERROR [org.opensaml.xml.parse.BasicParserPool:50] - XML
> Parsing Error
> org.xml.sax.SAXParseException: Premature end of file.
>
> any ideas?
>
> Liam
>
>
>
>
> --
> To unsubscribe from this list send an email to  
> users-unsubscribe at shibboleth.net
>
> !DSPAM:4ec6718721261375893879!
>
>
>
>

More information about the users mailing list