[RADIATOR] Reply packet too long
Markus Ludwig Grandpre
markus.grandpre at uni-konstanz.de
Wed Sep 14 07:19:44 CDT 2011
Hello Heikki
> Try adding three SAML-AAA-Assertion attributes instead of one. Your
> attribute seems to be over 600 characters which is way more than the 8
> bit attribute length field can carry.
>
> The receiver may be able to concatenate the attributes back into one value.
Yes, the receiver is able to concatenate the attributes back into one
value. But dividing SAML content to three SAML-AAA-Assertions:
AddToReply SAML-AAA-Assertion = <saml:Assertion
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
IssueInstant="2011-03-19T08:30:00Z" ID="foo"
Version="2.0"><saml:Issuer>urn:mace:incommon:osu.edu</saml:Issuer><saml:AttributeStatement>
AddToReply SAML-AAA-Assertion = <saml:Attribute
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"><saml:AttributeValue>cantor.2 at osu.edu</saml:AttributeValue></saml:Attribute><saml:Attribute
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7">
AddToReply SAML-AAA-Assertion =
<saml:AttributeValue>moonshot</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>
foregoing attribute value is overwriten by next one:
Code: Access-Accept
Identifier: 14
Authentic: `~<i<168>y<18><253><240>\<227><189><162><173><23>I
Attributes:
User-Name = "daniel.scharon"
EAP-Message = <3><7><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
SAML-AAA-Assertion =
"<saml:AttributeValue>moonshot</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>"
MS-MPPE-Send-Key =
.<194><158>?<180><189><223>]<192><128><9><1><233><236>s<15>KT<134><168>.<232><174>-.m8<148><191><229>C<4>
MS-MPPE-Recv-Key =
<157><165><204><196><142>o<10>'<166><29>y3<191><196><147>><203><203><150>\;<137>g<253><233>L<219>R<235><194><179><191>
Maybe I got something wrong?
Markus
More information about the radiator
mailing list