null principal in attribute resolver

Paul Hethmon paul.hethmon at
Tue Nov 22 16:59:36 GMT 2011

You need to set your IdP logging level to debug and follow what happens in the logs for these cases.


Paul Hethmon
Chief Software Architect
Clareity Security, LLC
o) 865.824.1350
c) 865.250.3517
e) paul.hethmon at

From: Daniele Russo <ruda76 at<mailto:ruda76 at>>
Reply-To: Shibboleth Users <users at<mailto:users at>>
Date: Tue, 22 Nov 2011 17:56:28 +0100
To: Shibboleth Users <users at<mailto:users at>>
Subject: Re: null principal in attribute resolver

Anyone have this same problem?
No solutions?

2011/11/21 Daniele Russo <ruda76 at<mailto:ruda76 at>>
Hi all, I have a strange problem with shibboleth IDP 2.3.5.
IDP is configured with UsernamePassword login handler, I use tigish library to authenticate users on the DB.
All works, but occasionally IDP doesn't return attributes to SP and this strange problem only occurs in production enviroment.
In debugging I noticed that the principal is enhanced in the authentication phase, while in the attribute resolver phase is null.
This problem occurs with various operating systems and browsers.

Mozilla/5.0 (Windows; U; Windows NT 6.0; it; rv: Gecko/20110920 Firefox/3.6.23
Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1



-- To unsubscribe from this list send an email to users-unsubscribe at<mailto:users-unsubscribe at>
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list