Mike,
That smells like a bug to me. SAML allows for any valid URI, which that
clearly is, and I've seen much worse registered and used successfully with
SAMLtest.
docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
So, I think your theory is correct.
Take care,
Nate
On Thu, Oct 6, 2022 at 1:03 PM Mike Osterman <oster...@whitman.edu> wrote:
> Hi all,
>
> We are running into an issue with a new SP, and despite turning on DEBUG
> for both org.apereo.cas.services.AbstractServicesManager and
> org.apereo.cas.support.saml.web.idp we can't find any hints for why this
> is showing up in the logs:
>
> 2022-10-06 09:57:15,798 WARN
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
> - <[*REDACTED*/metadata?Z3JvdXBJZD0yNTMxNQ==] is not found in the
> registry or service access is denied. Ensure service is registered in
> service registry>
>
> We've double and triple checked that the service is loading without error
> and that the service ID in the JSON file (snippet below) matches the
>
> {
> "@class": "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "serviceId": "*REDACTED*/metadata?Z3JvdXBJZD0yNTMxNQ==",
>
> My current crackpot theory is that entityID/ServiceID having either a "?"
> or a "=" in it is what's causing it not to be matching in the registry when
> resolving the SAML request.
>
> Does anyone:
>
> - Have experience with this issue?
> - Have other class paths to recommend to get debug info?
> - Have any other troubleshooting steps to try?
>
> Thank you!
> Mike
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEdMQHV11bvtO3v9eoE%2BhBWA3p9PkMxkFb-A9mmBD32z-V%3DY-Q%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEdMQHV11bvtO3v9eoE%2BhBWA3p9PkMxkFb-A9mmBD32z-V%3DY-Q%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BeXai676bafp19rbbfgL0uuQ%2B2rwiPjjyy3jpi2jY0oF9c-sw%40mail.gmail.com.
