AAD and IDP Shibboleth 3.0 integration
Peter Schober
peter.schober at univie.ac.at
Thu Mar 12 13:41:11 EDT 2020
* Gustavo Duarte <gus.duarte at gmail.com> [2020-03-12 17:16]:
> And in my shib idp log the following error is showed.
>
> Profile Action ResolveAttributes: Error resolving attributes: Invalid
> Attribute resolver configuration
>
> What is happening, here ?
Well, your resolver config is invalid. :)
Short answer: Use the logs, Gustavo. If your process doesn't have
anything more specific up the log level for the resolver (only) to
DEBUG and reload the logging config, as per the documentation.
Other than that:
xmlwf (from the expat package) reports an error in your LDAP
DataCnnnector
<dc: FilterTemplate>
though the space between the XML namespace prefix and the XML element
name may be an artifact from your email only, of course.
Other than that: Is that for IDPv3 (as per the subject) or are you
already working with IDPv4 (or reading the v4 docs)?
You also seem to be mixing and matching between v2 (or old v3) syntax
-- e.g. sourceAttributeID on your "UserId" attribute def, Dependency
child element -- and v3 and v4 synax -- e.g. InputAttributeDefinition
child element.
In short: It's a copy/paste mess and no way to start a new deployment.
(Much of that is obviously from defaults, you still have example.org
in your "mail" definition, etc.)
-peter
More information about the users
mailing list