Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14526

non SAML meta data schema comliant SP EntityDescriptor can be imported

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 13.0.0, 13.5.0, 13.5.1, 13.5.2, 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1, 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5, 6.5.0, 6.0.0.6, 6.5.0.1, 7.0.0
    • Fix Version/s: None
    • Component/s: Amster, console, SAML, ssoadm
    • Labels:
    • Environment:
      Oracle JDK jdk1.8.0_201
      Apache Tomcat/9.0.8
      AM 7.0.0 (c36edcc20aab37e8bc86e092e0552951ba0cc6a5)
    • Support Ticket IDs:

      Description

      Bug description

      SP Entity Descriptor file which is not compliant with SAML meta data schema can be imported.

      How to reproduce the issue

      1. Configure AM
      2. Import attached SP meta data file into AM (either via console, ssoadm, amster)
      Expected behaviour
      Error about non-compliant entity descriptor should be raised.
      
      Current behaviour
      Meta data is imported and leads to errors later on.
      

      Performing validation of the meta data file via IntelliJ leads to errors

      Error:(18, 68) cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'md:keysize'.
      Error:(23, 22) cvc-complex-type.2.4.a: Invalid content was found starting with element 'md:NameIDFormat'. One of '{"urn:oasis:names:tc:SAML:2.0:metadata":AssertionConsumerService, "urn:oasis:names:tc:SAML:2.0:metadata":AttributeConsumingService}' is expected.
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                bthalmayr Bernhard Thalmayr
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: