Public bug reported: It would be good to investigate what SAML metadata we allow. Recently, when we updated an IdP, the error for 'badly formatted SAML' was thrown even though the IdP metadata was valid.
The old metadata that worked. Displayed is only the pertinent part that needed to be retained to work: --- <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd" entityID="https://URLDISGUISDED"> <Extensions> --- The equivalent of the new metadata that wouldn't work: --- <EntityDescriptor entityID="https://URLDISGUISDED"> <Extensions> --- The new metadat doesn't contain any of the xmlns values and the xsi value. ** Affects: mahara Importance: High Status: Confirmed ** Tags: auth saml sso ** Tags added: saml sso -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1885957 Title: Mahara throws 'Badly formated SAML' error even though the metadata is valid Status in Mahara: Confirmed Bug description: It would be good to investigate what SAML metadata we allow. Recently, when we updated an IdP, the error for 'badly formatted SAML' was thrown even though the IdP metadata was valid. The old metadata that worked. Displayed is only the pertinent part that needed to be retained to work: --- <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd" entityID="https://URLDISGUISDED"> <Extensions> --- The equivalent of the new metadata that wouldn't work: --- <EntityDescriptor entityID="https://URLDISGUISDED"> <Extensions> --- The new metadat doesn't contain any of the xmlns values and the xsi value. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1885957/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp