shibd 2.5.3 + windows 2k8r2 + Tivoli IdP odd crash in xsec 1.7

Jerry B. Altzman jbaltz at gmail.com
Tue Aug 18 11:18:48 EDT 2015 

Hi,

I've done some searching around and have not had luck finding anything
about this. We're running Apache 2.2 + Shibd 2.5.3, and it was running fine
in my test environment until I started trying to integrate with a Tivoli IdP

When we try to redirect to the Tivoli system to allow the user to
authenticate there (and get an assertion back from the IdP, we get:

Log Name:      Application
> Source:        Application Error
> Date:          8/17/2015 2:57:01 PM
> Event ID:      1000
> Task Category: (100)
> Level:         Error
> Keywords:      Classic
> User:          N/A
> Computer:      x
> Description:
> Faulting application name: shibd.exe, version: 2.5.3.0, time stamp:
> 0x5296b0dd
> Faulting module name: xsec_1_7.dll, version: 1.7.1.0, time stamp:
> 0x51a01390
> Exception code: 0xc0000005
> Fault offset: 0x000089a4
> Faulting process id: 0x6c8
> Faulting application start time: 0x01d0d91e688c645f
> Faulting application path: C:\program files\shibboleth-sp\sbin\shibd.exe
> Faulting module path: C:\Program Files (x86)\Shibboleth\SP\lib\xsec_1_7.dll
> Report Id: bdd4dc28-4511-11e5-b45d-005056853679
>

Relevant (sanitized) section shibd.log:

> 2015-08-17 14:57:01 DEBUG Shibboleth.Listener [1]: dispatching message
> (ts/Login::run::SAML2SI)
> 2015-08-17 14:57:01 DEBUG XMLTooling.StorageService [1]: inserted record
> (a15d98535b5d44171f13a9193ac9d57e7c6e9fe51cab67803edb772c2b4430fa) in
> context (RelayState) with expiration (1439838421)
> 2015-08-17 14:57:01 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1]:
> validating input
> 2015-08-17 14:57:01 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1]:
> marshalling, deflating, base64-encoding the message
> 2015-08-17 14:57:01 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1]:
> marshalled message:
> <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
> AssertionConsumerServiceURL="https://ts.host.com/Shibboleth.sso/SAML2/POST"
> Destination="https://otherhost/sps/SSFFed/saml20/login"
> ID="_91220ac8878fefa15675facca0a60856" IssueInstant="2015-08-17T18:57:01Z"
> ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
> Version="2.0"><saml:Issuer
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
> https://ts.host.com/shibboleth</saml:Issuer><samlp:NameIDPolicy
> AllowCreate="1"/></samlp:AuthnRequest>
> 2015-08-17 14:57:01 DEBUG OpenSAML.MessageEncoder.SAML2Redirect [1]:
> signing the message


...and then, crash.

Where else can I look for what might be causing this? Misconfiguration?
Bug?

Thanks!
-- 
jerry b. altzman    jbaltz at gmail.com   @lorvax
eppur si muove
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150818/8a4adede/attachment.html>

More information about the users mailing list