[RADIATOR] Reply packet too long
Markus Ludwig Grandpre
markus.grandpre at uni-konstanz.de
Wed Sep 14 07:43:35 CDT 2011
Heikki,
> Try this instead:
>
> AddToReply SAML-AAA-Assertion=part1,SAML-AAA-Assertion=part2, ...
>
> That is, use AddToReply only once but with multiple attributes.
This configuration as you have suggested:
AddToReply SAML-AAA-Assertion = <saml:Assertion
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
IssueInstant="2011-03-19T08:30:00Z" ID="foo"
Version="2.0"><saml:Issuer>urn:mace:incommon:osu.edu</saml:Issuer><saml:AttributeStatement>,
SAML-AAA-Assertion = <saml:Attribute
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"><saml:AttributeValue>cantor.2 at osu.edu</saml:AttributeValue></saml:Attribute><saml:Attribute
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7">, SAML-AAA-Assertion =
<saml:AttributeValue>moonshot</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>
did not work. Access-Accept is too long again:
sshd[29010]: debug1: Unspecified GSS failure. Minor code may provide
more information\ninvalid packet: WARNING: Malformed RADIUS packet from
host (null): attribute 222 data overflows the packet (udp.c:118)\n
Do you have any other idea?
Markus
More information about the radiator
mailing list