I came across a problem when trying to send many SAML assertions in
update reply block of post-auth section in a sites-enabled/default.
If it consists of too many SAML-AAA-Assertion += 'something' ,
freeradius is printing in neverending loop (at least it printed several
minutes before I ctrl-c it.):
WARNING: Failed encoding attribute SAML-AAA-Assertion
This is the complete update reply section:
http://pastebin.com/ZqUh5Tzj
Anybody knows what seems to be the problem?
Freeradius 3.0.0git+dfsg+moonshot3-2 (installed from moonshot
liveDVD-17-6-2013)
Marcel
On 10/24/2013 12:06 AM, Cantor, Scott wrote:
> On 10/23/13, 5:08 PM, "Marcel Poul" <[log in to unmask]> wrote:
>
>> Thank you Scott,
>> That is exactly what I need. Maybe someone could help me little bit with
>> how to define custom attribute (with KeyInfo element) and to configure
>> the Shibbileth SP to parse it on the service side?
>
> Well, normally you¹d create values like:
>
> <saml:AttributeValue xsi:type=³ds:KeyInfoType²>
> <ds:KeyInfo>
> ...
> </ds:KeyInfo>
> </saml:AttributeValue>
>
> For naming, see
> https://wiki.shibboleth.net/confluence/display/SHIB2/AttributeNaming
>
> Extracting the data involves applying the right AttributeDecoder in an
> extraction rule:
>
> <Attribute name=³..." id=³cert">
> <AttributeDecoder xsi:type=³KeyInfoAttributeDecoder"/>
> </Attribute>
>
>
> https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAttributeDecod
> er
>
> -- Scott
>
|