Environment
- Access Manager 4.4.4
- Access Manager 4.5.0
- Access Manager 4.5.1
- Access Manager 4.5.2
Situation
Trying to import the Oracle Cloud SAML2 metadata returns:
Error:The XML is malformed. cvc-elt.4.2: Cannot resolve 'query:AttributeQueryDescriptorType' to a type definition for element 'md:RoleDescriptor'.
Resolution
- This issue has been addressed to engineering and a fix will be shipped with NAM 4.5.3
- As a workaround it has been tested that there seems to be no functional loss by removing the complete <md:RoleDescriptor> element from the metadata document before importing it
Cause
Access Manager has not been extended to handle the "<md:RoleDescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" xsi:type="query:AttributeQueryDescriptorType">" element which is part of the Metadata Extension for SAML V2.0 and V1.x Query Requesters specifications which have no been implemented by Access Manager