Invalid XML Exception
Paul Hethmon
paul.hethmon at clareitysecurity.com
Tue Apr 12 09:20:39 EDT 2016
On Apr 11, 2016, at 3:51 PM, Brent Putman <putmanb at georgetown.edu<mailto:putmanb at georgetown.edu>> wrote:
Given this is with a v2 system, there is no fix to be made there,
Right, EOL, so no fix. So you'll need to get the generating side to fix.
I did look to see whether the SAML 2 Bindings spec says anything about padding required or not. It doesn't directly, just invoked RFC 2045. The language there doesn't have a MUST, but it seems pretty clear on my read that it's required.
In my experience, some Base64 encoding libraries in some languages deliberately do not add any padding, leaving it up to the caller to do so. So that might be the case for whatever is generating this SAML binding request.
In this specific case, the SP in question rolled their own Base64 code and got it wrong. No idea why they didn’t just use a library. They’re using .NET and it certainly has one available.
I didn’t respond kindly to his thought to simply add a couple of spaces to their XML content as the way to “fix” the issue.
cheers,
Paul
-----
Paul Hethmon
Chief Software Architect
paul.hethmon at clareitysecurity.com<mailto:paul.hethmon at clareitysecurity.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160412/d8e8db53/attachment.html>
More information about the users
mailing list