Metadata validation failing for any sp in 3.1.4 fresh installation

[mzico]

• Situation: Any SP metadata validation is failing
  

• This is somehow related to this issue?

• How to reproduce:

  • Try to create trust relationship with attached metadata ( it's a Shibboleth SP vanilla metadata ). Please rename that file to 'abc.xml'
    localsp_gluu_org_shib_sp_metadata.xml.txt

  • You will see error like below in identity.logs:

  2018-10-22 13:16:20,996 ERROR [qtp804611486-197] 
  [apache.velocity.runtime.parser.node.ASTComparisonNode] (ASTComparisonNode.java:100) - Left 
  side ($trustParams.trustEntityIds.get($trustRelationship.inum).size()) of comparison operation has null 
  value at attribute-filter.xml.vm[line 8, column 93]
  

  • Gluu Server is validating the metadata [ Status: Validation Scheduled ]
  • Finally Gluu Server can't validate it with below error in identity.logs:

2018-10-22 13:29:45,181 WARN  [Thread-267] [org.opensaml.xml.parse.LoggingErrorHandler] (LoggingErrorHandler.java:56) - XML Parsing Error
org.xml.sax.SAXParseException: schema_reference.4: Failed to read schema document 'http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd', because 1) could not find the document; 2) the document could not be read; 3) the root element of the document is not <xsd:schema>.
	at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.warning(ErrorHandlerWrapper.java:99) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:392) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.reportSchemaErr(XSDHandler.java:4154) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.reportSchemaWarning(XSDHandler.java:4149) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.getSchemaDocument1(XSDHandler.java:2491) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.getSchemaDocument(XSDHandler.java:2193) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.resolveSchema(XSDHandler.java:2084) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.constructTrees(XSDHandler.java:1014) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.parseSchema(XSDHandler.java:625) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.loadSchema(XMLSchemaLoader.java:610) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.loadGrammar(XMLSchemaLoader.java:569) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.loadGrammar(XMLSchemaLoader.java:535) [?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.jaxp.validation.XMLSchemaFactory.newSchema(XMLSchemaFactory.java:254) [?:1.8.0_181]
	at org.opensaml.xml.schema.SchemaBuilder.buildSchema(SchemaBuilder.java:271) [xmltooling-1.4.6.jar:?]
	at org.opensaml.xml.schema.SchemaBuilder.buildSchema(SchemaBuilder.java:153) [xmltooling-1.4.6.jar:?]
	at org.opensaml.xml.schema.SchemaBuilder.buildSchema(SchemaBuilder.java:124) [xmltooling-1.4.6.jar:?]
	at org.opensaml.xml.schema.SchemaBuilder.buildSchema(SchemaBuilder.java:88) [xmltooling-1.4.6.jar:?]
	at org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.validateMetadata(Shibboleth3ConfService.java:1406) [classes/:?]
	at org.gluu.oxtrust.ldap.service.MetadataValidationTimer.validateMetadata(MetadataValidationTimer.java:184) [classes/:?]
	at org.gluu.oxtrust.ldap.service.MetadataValidationTimer.procesMetadataValidation(MetadataValidationTimer.java:113) [classes/:?]
	at org.gluu.oxtrust.ldap.service.MetadataValidationTimer.processMetadataValidationTimerEvent(MetadataValidationTimer.java:103) [classes/:?]
	at org.gluu.oxtrust.ldap.service.MetadataValidationTimer$Proxy$_$$_WeldSubclass.processMetadataValidationTimerEvent$$super(Unknown Source) [classes/:?]
	at sun.reflect.GeneratedMethodAccessor636.invoke(Unknown Source) ~[?:?]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
	at org.jboss.weld.interceptor.proxy.TerminalAroundInvokeInvocationContext.proceedInternal(TerminalAroundInvokeInvocationContext.java:51) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
	at org.jboss.weld.interceptor.proxy.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:78) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
	at org.xdi.service.cdi.async.AsynchronousInterceptor$1.get(AsynchronousInterceptor.java:36) [oxcore-service-3.1.4.Final.jar:?]
	at java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1590) [?:1.8.0_181]
	at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]
Caused by: java.net.UnknownHostException: shibboleth.net
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184) ~[?:1.8.0_181]
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:1.8.0_181]
	at java.net.Socket.connect(Socket.java:589) ~[?:1.8.0_181]
	at java.net.Socket.connect(Socket.java:538) ~[?:1.8.0_181]
	at sun.net.NetworkClient.doConnect(NetworkClient.java:180) ~[?:1.8.0_181]
	at sun.net.www.http.HttpClient.openServer(HttpClient.java:463) ~[?:1.8.0_181]
	at sun.net.www.http.HttpClient.openServer(HttpClient.java:558) ~[?:1.8.0_181]
	at sun.net.www.http.HttpClient.<init>(HttpClient.java:242) ~[?:1.8.0_181]
	at sun.net.www.http.HttpClient.New(HttpClient.java:339) ~[?:1.8.0_181]
	at sun.net.www.http.HttpClient.New(HttpClient.java:357) ~[?:1.8.0_181]
	at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1220) ~[?:1.8.0_181]
	at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1156) ~[?:1.8.0_181]
	at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1050) ~[?:1.8.0_181]
	at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:984) ~[?:1.8.0_181]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564) ~[?:1.8.0_181]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:647) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:148) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.opti.SchemaParsingConfig.parse(SchemaParsingConfig.java:583) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.opti.SchemaParsingConfig.parse(SchemaParsingConfig.java:686) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.opti.SchemaDOMParser.parse(SchemaDOMParser.java:530) ~[?:1.8.0_181]
	at com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler.getSchemaDocument(XSDHandler.java:2181) ~[?:1.8.0_181]

[yurem]

Is IDP after upgrade?

Are you sure that DNS setting are ok in this VM? In the stack trace there is error message:

Caused by: java.net.UnknownHostException: shibboleth.net

[mzico]

Ok, nice! So I added Google nameserver in resolv.conf and now my SP's validation is working!