bizarre ssl behaviour

Thu, May 26, 2005

I’m building in some form of AA authentication on the Guanxi IdP and I’ve started to get Shibboleth SP errors:

session_is_valid preFetch populate getNewResponse send: caught SAML exception during SAML attribute query: SAMLSOAPBinding::send() failed while contacting SAML responder: SSL read error: 1

I’ve traced it to this line in the IdP:

X509Certificate[] x509Certs = (X509Certificate[])request.getAttribute(“org.apache.coyote.request.X509Certificate”);

The Servlet spec says you should be able to get at the client certs using:

request.getAttribute(“javax.servlet.request.X509Certificate”)

but this just returns null. It doesn’t cause the SP to barf though. Accessing “org.apache.coyote.request.X509Certificate” does.

comments powered by Disqus