Closed adamcrown closed 11 years ago
mitfik
commented
11 years ago Could you provide some simple example with test script? Or information about how to reproduce this problem? It will be good to have test for that for the future modifications.
Thanks a lot.
adamcrown
commented
11 years ago Well reproducing the problem is very straightforward as I'll show below. But I'll see if I can write a test to ensure that the XML sent from send_logout_notification_for_service_ticket is valid.
xml = '<samlp:LogoutRequest ID="#{rand}" Version="2.0" IssueInstant="#{time.rfc2822}"><saml:NameID></saml:NameID><samlp:SessionIndex>#{st.ticket}</samlp:SessionIndex></samlp:LogoutRequest>'
Nokogiri::XML(xml).at_xpath('//samlp:SessionIndex')Trying to access namespaced element without a defined namespace as above will throw:
Nokogiri::XML::XPath::SyntaxError: Undefined namespace prefix: //samlp:SessionIndexWhile the code below with the namespaces defined will return the XML element as expected.
xml = '<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="#{rand}" Version="2.0" IssueInstant="#{time.rfc2822}"><saml:NameID></saml:NameID><samlp:SessionIndex>#{st.ticket}</samlp:SessionIndex></samlp:LogoutRequest>'
Nokogiri::XML(xml).at_xpath('//samlp:SessionIndex')Thanks a lot.
The undefined saml and samlp namesaces in the LogoutRequest XML causes many XML parses to choke and prevents signle signout requests from being processed by some clients.
This issue was covered extensively in https://github.com/rubycas/rubycas-server/issues/50 but the simple fix was never actually implemented. I though a fresh pull request might hurry things up.