Caused by: DOMException: Error parsing XML string.

[ap03...@gmail.com]

Hi，everybody!Now,I meet a new problem !

With my test project ,I had passed the verification by AD.But I got the error:  Caused by: DOMException: Error parsing XML string.

Here is the logs;

I realdly don't know why this happened.It seems that the simplesamlphp make the error when creating a saml response for the request.

Can you help me?Thx.

Jun 08 10:10:25 simplesamlphp INFO [785bb214aa] Sending SAML 2.0 Response to 'http://saml-websp.yxcloud.com/'

Jun 08 10:10:25 simplesamlphp DEBUG [785bb214aa] Sending message:

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] SimpleSAML_Error_Error: UNHANDLEDEXCEPTION

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] Backtrace:

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 0 D:\Apache24\simplesamlphp\www\module.php:170 (N/A)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] Caused by: DOMException: Error parsing XML string.

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] Backtrace:

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 15 D:\Apache24\simplesamlphp\lib\SimpleSAML\Utils\XML.php:234 (SimpleSAML\Utils\XML::formatXMLString)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 14 D:\Apache24\simplesamlphp\lib\SimpleSAML\Utils\XML.php:115 (SimpleSAML\Utils\XML::debugSAMLMessage)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 13 D:\Apache24\simplesamlphp\lib\SimpleSAML\Utilities.php:683 (SimpleSAML_Utilities::debugMessage)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 12 D:\Apache24\simplesamlphp\vendor\simplesamlphp\saml2\src\SAML2\Compat\Ssp\Container.php:39 (SAML2_Compat_Ssp_Container::debugMessage)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 11 D:\Apache24\simplesamlphp\vendor\simplesamlphp\saml2\src\SAML2\HTTPPost.php:29 (SAML2_HTTPPost::send)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 10 D:\Apache24\simplesamlphp\modules\saml\lib\IdP\SAML2.php:78 (sspmod_saml_IdP_SAML2::sendResponse)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 9 [builtin] (call_user_func)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 8 D:\Apache24\simplesamlphp\lib\SimpleSAML\IdP.php:287 (SimpleSAML_IdP::postAuthProc)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 7 D:\Apache24\simplesamlphp\lib\SimpleSAML\IdP.php:333 (SimpleSAML_IdP::postAuth)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 6 [builtin] (call_user_func)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 5 D:\Apache24\simplesamlphp\lib\SimpleSAML\Auth\Source.php:229 (SimpleSAML_Auth_Source::loginCompleted)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 4 [builtin] (call_user_func)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 3 D:\Apache24\simplesamlphp\lib\SimpleSAML\Auth\Source.php:145 (SimpleSAML_Auth_Source::completeAuth)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 2 D:\Apache24\simplesamlphp\modules\core\lib\Auth\UserPassBase.php:266 (sspmod_core_Auth_UserPassBase::handleLogin)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 1 D:\Apache24\simplesamlphp\modules\core\www\loginuserpass.php:67 (require)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] 0 D:\Apache24\simplesamlphp\www\module.php:127 (N/A)

Jun 08 10:10:25 simplesamlphp ERROR [785bb214aa] Error report with id e441880f generated.

Jun 08 10:10:25 simplesamlphp DEBUG [785bb214aa] Session: Valid session found with 'ldap-yxcloud-com'.

Jun 08 10:10:25 simplesamlphp DEBUG [785bb214aa] Template: Reading [D:\Apache24\simplesamlphp/dictionaries/errors]

Jun 08 10:10:25 simplesamlphp DEBUG [785bb214aa] Loading state: '_71d16bacba7113f46c00456716373b40c38b66a756:http://localhost:8088/simplesaml/saml2/idp/SSOService.php?spentityid=http%3A%2F%2Fsaml-websp.yxcloud.com%2F&cookieTime=1465351747&RelayState=754bd2e6-8d19-434b-b6ea-97e262bafb6d'

[ap03...@gmail.com]

I found why it happened!!!

That's because I use AD to verifiy user,and I didn't specified attributes I need,so it give me all attributes which contains control characters.Then it formated the xml to string failed.

在 2016年6月8日星期三 UTC+8下午2:25:36，ap03...@gmail.com写道：

[Peter Schober]

* ap03...@gmail.com <ap03...@gmail.com> [2016-06-08 11:23]:

> I found why it happened!!!
> That's because I use AD to verifiy user,and I didn't specified attributes I
> need,so it give me all attributes which contains control characters.Then it
> formated the xml to string failed.

Bad MS-Active Directory!
Glad you could solve it.

Well-behaved network clients should only ask for what they need.
Well-configured network servers should only release what each client
is allowed to recieve.

Not sure there's a "Someone's Law" version of that.

Cheers,
-peter

[face.al...@gmail.com]

Hi，everybody!

Could you post how you got the solution?

Because I have the same problem and I don't know which way to go.

I think it might be the definition of attributes. But I do not know how to set the release of these.

[张菜]

I don't remember very well.This is some config of mine.

in authsources.php file,set local LDAP with some attributes.

/*

* Which attributes should be retrieved from the LDAP server.

* This can be an array of attribute names, or NULL, in which case

* all attributes are fetched.

*/

'attributes' => array('cn', 'distinguishedName','name','sAMAccountName','mail'),

/*

* The pattern which should be used to create the user's DN given the username.

* %username% in this pattern will be replaced with the user's username.

*

* This option is not used if the search.enable option is set to TRUE.

*/

'dnpattern' => 'uid=%username%,dc=yxcloud,dc=com',

/*

* The attribute(s) the username should match against.

*

* This is an array with one or more attribute names. Any of the attributes in

* the array may match the value the username.

*/

'search.attributes' => array('uid', 'mail','sAMAccountName'),

it is not all config,you should set your config relay your env

I hope you will solve it,goog luck!

--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
 
https://simplesamlphp.org/support
 
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
 
Make sure to read the documentation:
 
https://simplesamlphp.org/docs/stable/
 
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
 
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/X-0FOT-LwHI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlphp+unsubscribe@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[anthon...@mobiliya.com]

As some one said make sure you set  'attributes' in authsources.php for the ldap module to an array containing the attributes. like so

 'attributes' => array('cn','sn','givenName','mail','objectGUID','sAMAccountName'),

if you get everything back it may cause parsing issues. hope this helps

Anthony