REFEDS R&S SP reports intermittent failures
Baron Fujimoto
baron at hawaii.edu
Tue Apr 26 20:15:36 EDT 2016
On Sun, Apr 24, 2016 at 04:14:18PM +0000, Cantor, Scott wrote:
>On 4/23/16, 12:48 AM, "users on behalf of Baron Fujimoto" <users-bounces at shibboleth.net on behalf of baron at hawaii.edu> wrote:
>
>>I'm trying to troubleshoot reported intermittent failures by an REFEDS
>>R&S SP (CILogon) by users using our IdP (2.4.4). The SP reports the
>>failures are the result of not receiving any attributes for the user.
>
>That's a later version than I would expect to see this particular condition. Earlier versions will definitely issue empty assertions under various conditions involving cookie failure during some of the transition points. A patch was done to detect a missing session at the vulnerable spot and log it, while terminating the request. It isn't a security issue, really, the assertion is completely empty, but it's annoying, so I patched it.
>
>I don't know of any other intermittent behavior that would cause it.
Is there a bug report or other information available that describes the
conditions that may trigger the problem? Perhaps it would help confirm
or rule out the issue we're experiencing. Would it be logged at the INFO
level, and if so, how would we identify it?
Is the patch present in 2.4.5, or just the 3x versions? Does the patch
actually resolve the problem or does it just provide more information
via the logs as to what's happening?
At this point, I'd rather focus my efforts on upgrading to v3 unless
it's low hanging fruit and actually resolves the problem.
>-- Scott
-baron
--
Baron Fujimoto <baron at hawaii.edu> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
More information about the users
mailing list