UTF8 in asserted attribute values

Andrew Morgan morgan at orst.edu
Wed Apr 2 13:53:38 EDT 2014

On Tue, 1 Apr 2014, Cantor, Scott wrote:

> On 4/1/14, 6:51 PM, "Andrew Morgan" <morgan at orst.edu> wrote:
>> Has anyone come across this before?  Is there any trick to releasing
>> UTF-8
>> encoded attributes?  Is this Google's problem?
> There are maybe some LDAP related settings involved, you'd have to search
> the list, but your best bet is to trace the XML in transit through the
> client, pull it and make sure it looks kosher (run it through xmllint,
> etc.) and then you can be sure if it's Google's bug.

I grabbed it with SAML Tracer.  Then I followed the steps here:


to setup xmllint.  I also added the saml-schema-protocol-2.0.xsd to the 
catalog.  Here is what I get:

   $ xmllint --noout --schema saml-schema-protocol-2.0.xsd saml-google.xml
   saml-google.xml validates

So it appears to be valid SAML XML.  I should hope it is because it was 
generated by Shibboleth!

I'll contact Google support about this issue next.

Thanks for your help.


More information about the users mailing list