[cas-dev] CAS 3.1-M1 SAMLException

Scott Battaglia scott.battaglia at gmail.com
Mon Feb 5 23:33:44 EST 2007 

Marvin,

That, I believe, is a SAML 1.1 response (see the major/minor version).   The
namespaces are correct as far as I can tell.  You will get this response if
there is a SAML exception that was caught.  If you can give me a sample of
what you were trying to populate SAML response with, I can try it out.

In general though it would like we need to do better error
handling/catching/logging in that class so we can see why the validation
failed (even though it didn't really).

-Scott

On 2/5/07, Marvin Addison <serac at vt.edu> wrote:
>
> I have deployed the 3.1-M1 client and server in a test environment to
> test passing attributes in SAML between client and server.  I have
> configured the client to validate at the samlValidate URL by configuring
> the Saml10TicketValidator in the client web.xml.  I can authenticate
> successfully, but it throws an exception on the client:
>
> org.opensaml.SAMLException: Success
>
> I turned on logging for the org.jasig.cas.client package to see the SAML
> message, which added to the confusion:
>
> <?xml version="1.0" encoding="UTF-8"?><Response
> xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> InResponseTo="ST-11-3c7LaxsTAJPViKG7TGIiwDTPxmdyrhFgyC4-20"
> IssueInstant="2007-02-05T21:36:47.639Z" MajorVersion="1"
> MinorVersion="1" Recipient="http://localhost:8080/pidgen/"
> ResponseID="_0c6767075d2ba5bb782152c2747beec2"><Status><StatusCode
>
> Value="samlp:Responder"></StatusCode><StatusMessage>Success</StatusMessage></Status></Response>
>
> The response appears to indicate a successful ticket validation, but it
> appears to be SAML 1.0.  I was expecting SAML 1.1 containing an
> AuthenticationStatement element with information about the auth method.
>
> A few questions about this:
>
> - Is the response above what I'm supposed to be seeing for a successful
> SAML ticket validation?
> - If so, where is the information about auth method?
> - Suggestions to resolve the SAMLException I'm getting?
>
> Thanks,
> Marvin Addison
> --
> Applications Programming Analyst
> Collaborative Technologies Unit
> Virginia Tech
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20070205/d1af3849/attachment.html

More information about the cas-dev mailing list