Topic
  • 3 replies
  • Latest Post - ‏2013-05-08T06:03:47Z by HermannSW
HisNibs
HisNibs
87 Posts

Pinned topic Looped request changes message

‏2013-05-03T09:15:41Z |

Bear with me on this one:

Have a MPG which serves mutliple serviceURIs and endpoints.  One of the configured services points back to the Datapower device and to the same MPG (MPG set to accept SOAP request)

Svc1  --> DP(svc1) -->  DP(svc2) --> End point

In Svc1 I insert a SAML token from an external ADFS instance.  When this message is routed back into the DP the SAML validation fails with a digest value failure which would indicate the message has been 'tampered' with.  If I take the message (unformatted) from the output of Svc1 and replay it using a SOAP test tool directly to Svc2 it works fine.

So what is being changed within the message as DP calls itself?

Updated on 2013-05-03T13:31:58Z at 2013-05-03T13:31:58Z by HisNibs
  • HermannSW
    HermannSW
    6201 Posts
    ACCEPTED ANSWER

    Re: Looped request changes message

    ‏2013-05-08T06:03:47Z  
    • HisNibs
    • ‏2013-05-07T15:11:45Z

    It appears the SAML assertion has been modified with the addition of Carriage Return characters.  Any ideas as to why this would have happened and if I can change that behaviour?

    Hi Neil,

    good that you found the problem, but without more detail it is difficult to help.

    If attaching the hex output of a Follow TCP Stream from packet capture is not possible here, you may want to create a PMR.
     

    Hermann<myXsltBlog/> <myXsltTweets/> <myCE/>

  • HermannSW
    HermannSW
    6201 Posts

    Re: Looped request changes message

    ‏2013-05-03T16:20:38Z  

    If I understand you correctly, both services run on some device.

    If so, please take a packet capture on Interface Type "Loopback" and you will see in eg. Wireshark what is going on.


    Hermann<myXsltBlog/> <myXsltTweets/> <myCE/>

  • HisNibs
    HisNibs
    87 Posts

    Re: Looped request changes message

    ‏2013-05-07T15:11:45Z  
    • HermannSW
    • ‏2013-05-03T16:20:38Z

    If I understand you correctly, both services run on some device.

    If so, please take a packet capture on Interface Type "Loopback" and you will see in eg. Wireshark what is going on.


    Hermann<myXsltBlog/> <myXsltTweets/> <myCE/>

    It appears the SAML assertion has been modified with the addition of Carriage Return characters.  Any ideas as to why this would have happened and if I can change that behaviour?

  • HermannSW
    HermannSW
    6201 Posts

    Re: Looped request changes message

    ‏2013-05-08T06:03:47Z  
    • HisNibs
    • ‏2013-05-07T15:11:45Z

    It appears the SAML assertion has been modified with the addition of Carriage Return characters.  Any ideas as to why this would have happened and if I can change that behaviour?

    Hi Neil,

    good that you found the problem, but without more detail it is difficult to help.

    If attaching the hex output of a Follow TCP Stream from packet capture is not possible here, you may want to create a PMR.
     

    Hermann<myXsltBlog/> <myXsltTweets/> <myCE/>