Working 3.1.1 IDP upgrade to 3.2.0 now broken
Peter Schober
peter.schober at univie.ac.at
Tue Dec 15 04:25:12 EST 2015
* Jeffrey Eaton <jeaton at cmu.edu> [2015-12-14 20:00]:
> That error looks to me like it's complaining about the AttributeDefinition, not the DataConnector. Mine looks like:
>
> <resolver:AttributeDefinition xsi:type="ad:Simple" id="OPEID" sourceAttributeID="OPEID">
> <resolver:Dependency ref="static-nsc" />
> <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="OPEID" namespace="http://www.pesc.org/standards/attrs"/>
> <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="OPEID" friendlyName="OPEID" />
> </resolver:AttributeDefinition>
Unrelated to the sourceAttributeID issue, but note that "OPEID" is not
a valid URI and the default nameFormat is URI (check the resulting
XML). So you'll probably want to add a
nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
XML-attribute to the SAML2String.
(Unless the relying party insists on IDPs asserting the wrong name
format, of course.)
The examples a web search returns, e.g.
https://spaces.internet2.edu/display/InCCollaborate/USC-NSC+Setup
also suffer from that issue.
-peter
More information about the users
mailing list