8 Replies Latest reply on Dec 2, 2010 4:41 PM by Jean Luc

    PicketLink responds with 400 Bad Request to a samlp:LogoutRequest

    Jean Luc Apprentice

      Any idea about the possible causes? The scenario is an IDP-initiated logout request (send to the SOAP binding url). The IDP is OpenAM.

       

      Does PicketLink require a differently-formatted request?

       

      Thanks again,

      JL

       

       

      POST /myapp/SingleLogoutService.seam HTTP/1.1
      Content-Type: text/xml; charset=utf-8
      SOAPAction: ""
      Content-Length: 890
      Cache-Control: no-cache
      Pragma: no-cache
      User-Agent: Java/1.6.0_20
      Host: my.app.server:8280
      Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
      Connection: keep-alive

       

      <soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
          <soap-env:Body>
              <samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                                   ID="s26af984e253bf5a65a66643246dd61877d8afeeef"
                                   Version="2.0"
                                   IssueInstant="2010-12-01T21:35:07Z"
                                   Destination="http://my.app.server:8280/myapp/SingleLogoutService.seam"
                                   NotOnOrAfter="2010-12-01T21:45:07Z">
                  <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                      http://my.sso.server:8080/openam
                  </saml:Issuer>
                  <saml:NameID
                          xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                          NameQualifier="http://my.sso.server:8080/openam"
                          Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">
                      mbmo
                  </saml:NameID>
                  <samlp:SessionIndex xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
                      s25f360fbe4fba2820db784ab99397044879827701
                  </samlp:SessionIndex>
              </samlp:LogoutRequest>
          </soap-env:Body>
      </soap-env:Envelope>

       

       

       


      HTTP/1.1 400 Bad Request
      Server: Apache-Coyote/1.1
      X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
      Set-Cookie: JSESSIONID=62A6CD4A134994B0C7744927018738FE; Path=/myapp
      Content-Type: text/html;charset=utf-8
      Content-Length: 967
      Date: Wed, 01 Dec 2010 21:35:32 GMT
      Connection: close

       

      The request sent by the client was syntactically incorrect ()         

       

      (For brevity, I removed the HTML decoration from the response body)