Error: "The XML is malformed" importing SAML2 metadata from 3rd party Service Provider
This document (7012757) is provided subject to the disclaimer at the end of this document.
NetIQ Access Manager 3.2 Identity Server
NetIQ Access Manager 3.2 Support Pack 2 applied
The XML is malformed. cvc-datatype-valid.1.2.1: 'https://m00.testsps.n0v3ll.com/samlv2/idp/metadata/0/1' is not a valid value for 'NCName'.
Looking at the metadata, the URL referenced below was part of the ID in the EntityDescriptor header shown below:
<?xml version="1.0" encoding="UTF-8"?><md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="https://m00.testsps.n0v3ll.com/samlv2/idp/metadata/0/1" cacheDuration="PT12H0M0.000S" entityID="https://m00.testsps.n0v3ll.com/samlv2/idp/metadata/1/1" validUntil="2013-07-02T04:49:52.809Z"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> : :
This is a NAM defect because technically the docs do not state what characters should or should not be used in the metadata ID field. from the metadata specs:
The specs do not stipulate what it has to be 2.3.2 Element <EntityDescriptor> The <EntityDescriptor> element specifies metadata for a single SAML entity. A single entity may act in many different roles in the support of multiple profiles. This specification directly supports the following concrete roles as well as the abstract <RoleDescriptor> element for extensibility (see subsequent sections for more details): • SSO Identity Provider • SSO Service Provider • Authentication Authority • Attribute Authority • Policy Decision Point • Affiliation Its EntityDescriptorType complex type consists of the following elements and attributes: entityID [Required] Specifies the unique identifier of the SAML entity whose metadata is described by the element's contents. ID [Optional] A document-unique identifier for the element, typically used as a reference point when signing.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7012757
- Creation Date:02-JUL-13
- Modified Date:02-JUL-13
- NetIQAccess Manager (NAM)
Did this document solve your problem? Provide Feedback