Closed adamcrown closed 11 years ago
Could you provide some simple example with test script? Or information about how to reproduce this problem? It will be good to have test for that for the future modifications.
Thanks a lot.
Well reproducing the problem is very straightforward as I'll show below. But I'll see if I can write a test to ensure that the XML sent from send_logout_notification_for_service_ticket
is valid.
xml = '<samlp:LogoutRequest ID="#{rand}" Version="2.0" IssueInstant="#{time.rfc2822}"><saml:NameID></saml:NameID><samlp:SessionIndex>#{st.ticket}</samlp:SessionIndex></samlp:LogoutRequest>'
Nokogiri::XML(xml).at_xpath('//samlp:SessionIndex')
Trying to access namespaced element without a defined namespace as above will throw:
Nokogiri::XML::XPath::SyntaxError: Undefined namespace prefix: //samlp:SessionIndex
While the code below with the namespaces defined will return the XML element as expected.
xml = '<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="#{rand}" Version="2.0" IssueInstant="#{time.rfc2822}"><saml:NameID></saml:NameID><samlp:SessionIndex>#{st.ticket}</samlp:SessionIndex></samlp:LogoutRequest>'
Nokogiri::XML(xml).at_xpath('//samlp:SessionIndex')
Thanks a lot.
The undefined saml and samlp namesaces in the LogoutRequest XML causes many XML parses to choke and prevents signle signout requests from being processed by some clients.
This issue was covered extensively in https://github.com/rubycas/rubycas-server/issues/50 but the simple fix was never actually implemented. I though a fresh pull request might hurry things up.