UTF8 in asserted attribute values
Andrew Morgan
morgan at orst.edu
Wed Apr 2 13:53:38 EDT 2014
On Tue, 1 Apr 2014, Cantor, Scott wrote:
> On 4/1/14, 6:51 PM, "Andrew Morgan" <morgan at orst.edu> wrote:
>
>> Has anyone come across this before? Is there any trick to releasing
>> UTF-8
>> encoded attributes? Is this Google's problem?
>
> There are maybe some LDAP related settings involved, you'd have to search
> the list, but your best bet is to trace the XML in transit through the
> client, pull it and make sure it looks kosher (run it through xmllint,
> etc.) and then you can be sure if it's Google's bug.
I grabbed it with SAML Tracer. Then I followed the steps here:
https://wiki.surfnet.nl/display/OpenConext/Validating+SAML2+metadata
to setup xmllint. I also added the saml-schema-protocol-2.0.xsd to the
catalog. Here is what I get:
$ xmllint --noout --schema saml-schema-protocol-2.0.xsd saml-google.xml
saml-google.xml validates
So it appears to be valid SAML XML. I should hope it is because it was
generated by Shibboleth!
I'll contact Google support about this issue next.
Thanks for your help.
Andy
More information about the users
mailing list