Attribute resolver Script issue on Java 1.8

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Attribute resolver Script issue on Java 1.8

kotesh201
Hi,

I am using Shibboleth IDP 2.3.5 version on Java 1.6 and following Attribute-resolver script is working fine so far.


        <resolver:AttributeDefinition id="samlUId"
                xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
                <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier"
                        xmlns="urn:mace:shibboleth:2.0:attribute:encoder" nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
                <resolver:AttributeEncoder xsi:type="SAML2StringNameID"
                        xmlns="urn:mace:shibboleth:2.0:attribute:encoder" nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
                <Script><![CDATA[ importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider); samlUId = new BasicAttribute("samlUId"); var samlAttr= new Packages.com.idp.server.SamlAttributes(); samlUId.getValues().add(samlAttr.getsamlUId(requestContext.getInboundSAMLMessageId())); ]]></Script>        </resolver:AttributeDefinition>


I have to use Java 1.8 for other functionality. After Java migrated from 1.6 to 1.8, IdP stopped generating the SAML Responses. Since 'importPackage' is not avaible in Java1.8. I tried to follow some of the documentation mentioned in the forum (https://wiki.shibboleth.net/confluence/display/SHIB2/IdPJava1.8)  but still not able to generate the successful SAML assertion.

I have converted above Script to make 1.8 compatible but I am still getting error --> "<saml2p:StatusMessage>Required NameID format not supported</saml2p:StatusMessage>'


        <resolver:AttributeDefinition id="samlUId"
                xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
                <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier"
                        xmlns="urn:mace:shibboleth:2.0:attribute:encoder" nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
                <resolver:AttributeEncoder xsi:type="SAML2StringNameID"
                        xmlns="urn:mace:shibboleth:2.0:attribute:encoder" nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
                <Script><![CDATA[ var samid = new JavaImporter(edu.internet2.middleware.shibboleth.common.attribute.provider); var BasicAttribute = Java.type("edu.internet2.middleware.shibboleth.common.attribute.provider.BasicAttribute"); var context = Java.type("edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext"); samlUId = new BasicAttribute("samlUId"); var samlAttr= new Packages.com.idp.server.SamlAttributes(); samlUId.getValues().add(samlAttr.getsamlUId(context.getInboundSAMLMessageId())); ]]></Script>        </resolver:AttributeDefinition>


I would appreciate if you can figure out any obvious error.

Thanks in advance,
-Kotesh