The SP has an issue (https://shibboleth.atlassian.net/browse/SSPCPP-684#icft=SSPCPP-684) with metadata containing a CR character. These can only appear in XML documents as the result of a 
 sequence, and bad serialisation in the Xerces library means that the document can't be round tripped.
While this will be fixed in Xerces or the SP at some point, and eventually people will upgrade to a version where this doesn't apply, federations can make use of an MDA stage to detect metadata containing this value so that it can be flagged up or rejected.
I have code to implement this as part of the ukf-mda project that can be pulled in for this.
Environment
None
Activity
Ian Young
April 25, 2016 at 4:45 PM
Fixed on both branches. Don't close until both 0.9.1 and 0.10.0 have been released.
Ian Young
April 19, 2016 at 3:50 PM
(edited)
Added to the maint-0.9 branch for 0.9.1, commit 1c461bd9f365e336dfc4bce484709e7082236243.
Ian Young
April 19, 2016 at 2:50 PM
Added to the master branch for 0.10.0, commit 8e39f2dd0f25917b134fedd7c5afc1c6ef0bca9e.
The SP has an issue (https://shibboleth.atlassian.net/browse/SSPCPP-684#icft=SSPCPP-684) with metadata containing a CR character. These can only appear in XML documents as the result of a 
 sequence, and bad serialisation in the Xerces library means that the document can't be round tripped.
While this will be fixed in Xerces or the SP at some point, and eventually people will upgrade to a version where this doesn't apply, federations can make use of an MDA stage to detect metadata containing this value so that it can be flagged up or rejected.
I have code to implement this as part of the
ukf-mda
project that can be pulled in for this.