Error during SAML SP metada import ( '#default' is not a valid value for 'NMTOKEN')

  • 7023498
  • 06-Nov-2018
  • 06-Nov-2018


Access Manager 4.4
Access Manager 4.3


Access Manger customer was trying to import a Service Provider metadata. Metadata import failed with below error:

Admin Console catalina.out shows below exception:
msingh12:~ # tailf /opt/novell/nam/adminconsole/logs/catalina.out
com.novell.nidp.NIDPException: cvc-datatype-valid.1.2.1: '#default' is not a valid value for 'NMTOKEN'.
        at com.novell.nidp.common.util.URLUtil.getDocumentFromInputStream(y:99)
        at com.novell.nidp.admin.model.NidsSaml2TrustedProvider.createDescriptor(
        at com.novell.nidp.admin.model.NidsSaml2TrustedProvider.importMetadata(
        at com.novell.nidp.admin.model.NidsSaml2TrustedProvider.create(
        at com.novell.nidp.admin.model.NidsSaml2TrustedSP.create(
        at com.novell.admin.nids.saml2.Saml2_Wizard_TrustedProvider.createProviderObjects(Unknown Source)


<Signature> </Signature> part of metadata was having an element     <InclusiveNamespaces PrefixList="#default md saml ds xs xsi" xmlns="" />.
Changing the element to <InclusiveNamespaces PrefixList="md saml ds xs xsi" xmlns="" /> (removing the #default) fixes the issue.
SP metadata is uploaded successfully after using the above workaround.

A bug is raised for this issue.