Skip to Content.
Sympa Menu

cat-users - Re: [[cat-users]] Problem cat Administrator Colombia

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [[cat-users]] Problem cat Administrator Colombia


Chronological Thread 
  • From: Gerencia de Tecnologías de la Información <c.ramirez AT renata.edu.co>
  • To: Stefan Winter <stefan.winter AT restena.lu>
  • Cc: Dubravko Voncina <dubravko.voncina AT srce.hr>, eduroam CAT Feedback <cat-users AT lists.geant.org>
  • Subject: Re: [[cat-users]] Problem cat Administrator Colombia
  • Date: Thu, 31 May 2018 08:17:52 -0500
  • Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (2048-bit key) header.d=renata-edu-co.20150623.gappssmtp.com

Dear Stefan 

Just now we have the same problem:


08:13:55.901 - DEBUG [org.opensaml.ws.message.decoder.BaseMessageDecoder:130] - Evaluating security policy of type 'edu.internet2.middleware.shibboleth.common.security.ShibbolethSecurityPolicy' for decoded message
08:13:55.902 - DEBUG [org.opensaml.util.storage.ReplayCache:92] - Attempting to acquire lock for replay cache check
08:13:55.902 - DEBUG [org.opensaml.util.storage.ReplayCache:94] - Lock acquired
08:13:55.903 - DEBUG [org.opensaml.util.storage.ReplayCache:115] - Replay of message ID _12ccaa1225e25db984752e6f967cd96b3bbebcbae5 detected in replay cache, will expire at 2018-05-31T13:18:28.653Z
08:13:55.904 - WARN [org.opensaml.common.binding.security.MessageReplayRule:99] - Replay detected of message '_12ccaa1225e25db984752e6f967cd96b3bbebcbae5' from issuer https://monitor.eduroam.org/sp/module.php/saml/sp/metadata.php/default-sp
08:13:55.905 - WARN [edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler:406] - Message did not meet security requirements
org.opensaml.ws.security.SecurityPolicyException: Rejecting replayed message ID '_12ccaa1225e25db984752e6f967cd96b3bbebcbae5' from issuer https://monitor.eduroam.org/sp/module.php/saml/sp/metadata.php/default-sp
        at org.opensaml.common.binding.security.MessageReplayRule.evaluate(MessageReplayRule.java:100) ~[opensaml-2.6.0.jar:na]
        at org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51) ~[openws-1.5.0.jar:na]
        at org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132) ~[openws-1.5.0.jar:na]
        at org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83) ~[openws-1.5.0.jar:na]
        at org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70) ~[opensaml-2.6.0.jar:na]
        at edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler.decodeRequest(SSOProfileHandler.java:386) [shibboleth-identityprovider-2.4.0.jar:na]
        at edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler.performAuthentication(SSOProfileHandler.java:211) [shibboleth-identityprovider-2.4.0.jar:na]
        at edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler.processRequest(SSOProfileHandler.java:189) [shibboleth-identityprovider-2.4.0.jar:na]
        at edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler.processRequest(SSOProfileHandler.java:90) [shibboleth-identityprovider-2.4.0.jar:na]
        at edu.internet2.middleware.shibboleth.common.profile.ProfileRequestDispatcherServlet.service(ProfileRequestDispatcherServlet.java:83) [shibboleth-common-1.4.0.jar:na]



Can you help us ???


Best regards


Carlos Ramírez Guzmán

Gerente de Tecnologías de la información | Chief Information Officer
Correo electrónico: c.ramirez AT renata.edu.co Móvil: (+57) 3155890044
Teléfono: (57+1) 5185353, ext. 1003
Carrera 18 # 79 – 47
Bogotá D.C. – Colombia

 

  


2018-05-28 1:31 GMT-05:00 Stefan Winter <stefan.winter AT restena.lu>:
Hello,

I believe what Dubravko meant is that you can simply continue to use CAT
now, with no changes needed. I.e. you just login with whatever account
you used before.

In any case, we do not store user names in the classic sense. We only
have information on which authentication source you used to sign up, and
a opaque identifier that allows us to recognise you when you come back.

Notably, the authentication is NOT strictly tied to the email address we
sent the invitation to. You may have received it on a certain email
address, but may then have chosen to use any authentication service you
want, with any local username at that authentication service.

Greetings,

Stefan Winter

Am 23.05.2018 um 17:07 schrieb Gerencia de Tecnologías de la Información:
> Dear Dubravko
>
> Many thanks for your help, can you remember me who is the administrative
> user for RENATA cat??? 
>
> Can we change the user for soporte AT renata.edu.co
> <mailto:soporte AT renata.edu.co> ???
>
> Thanks a lot
>
>
>
>
>
>
>
>
> Carlos *Ramírez Guzmán*
>
> *Gerente de Tecnologías de la información | Chief Information Officer
> *Correo electrónico: c.ramirez AT renata.edu.co
> <mailto:c.ramirez AT renata.edu.co> Móvil: (+57) 3155890044
> <tel:+57%20316%5275524>
> Teléfono: (57+1) 5185353, ext. 1003
> Carrera 18 # 79 – 47
> <https://maps.google.com/?q=Carrera+18+%23+79+%E2%80%93+47+*Bogot%C3%A1+D.C.+%E2%80%93+Colombia*&entry=gmail&source=g>
> *Bogotá D.C. – Colombia
> <https://maps.google.com/?q=Carrera+18+%23+79+%E2%80%93+47+*Bogot%C3%A1+D.C.+%E2%80%93+Colombia*&entry=gmail&source=g>*
>
> <http://www.renata.edu.co/>
>
>  
>
> <http://www.renata.edu.co/><https://www.facebook.com/RENATAColombia/> <https://twitter.com/@red_renata> <https://www.youtube.com/user/comunicacionesrenata/videos>
>
>
> 2018-05-23 9:26 GMT-05:00 Dubravko Voncina <dubravko.voncina AT srce.hr
> <mailto:dubravko.voncina AT srce.hr>>:
>
>     Hello Carlos,
>
>     Please try to authenticate again. I believe I've solved the problem.
>
>     Best regards,
>
>     Dubravko Voncina
>     Middleware and Data Services Department
>     University of Zagreb, University Computing Centre, www.srce.unizg.hr
>     <http://www.srce.unizg.hr>
>     dubravko.voncina AT srce.hr <mailto:dubravko.voncina AT srce.hr>, tel:
>     +385 98 219273, fax: +385 1 6165559
>
>
>
>
>>     On 21 May 2018, at 15:40, Gerencia de Tecnologías de la
>>     Información <c.ramirez AT renata.edu.co
>>     <mailto:c.ramirez AT renata.edu.co>> wrote:
>>
>>     Dear all,
>>
>>
>>     Just now we have  problem with authentication to the cat, the
>>     message is:
>>
>>     08:18:42.246 - WARN
>>     [edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler:406]
>>     - Message did not meet security requirements
>>     org.opensaml.ws.security.SecurityPolicyException: Validation of
>>     protocol message signature failed
>>
>>
>>     Best regards 
>>
>>
>>     Carlos *Ramírez Guzmán*
>>
>>     *Gerente de Tecnologías de la información | Chief Information Officer
>>     *Correo electrónico: c.ramirez AT renata.edu.co
>>     <mailto:c.ramirez AT renata.edu.co> Móvil: (+57) 3155890044
>>     <tel:+57%20316%5275524>
>>     Teléfono: (57+1) 5185353, ext. 1003
>>     Carrera 18 # 79 – 47
>>     <https://maps.google.com/?q=Carrera+18+%23+79+%E2%80%93+47+*Bogot%C3%A1+D.C.+%E2%80%93+Colombia*&entry=gmail&source=g>
>>     *Bogotá D.C. – Colombia
>>     <https://maps.google.com/?q=Carrera+18+%23+79+%E2%80%93+47+*Bogot%C3%A1+D.C.+%E2%80%93+Colombia*&entry=gmail&source=g>*
>>
>>     <http://www.renata.edu.co/>
>>
>>      
>>
>>     <http://www.renata.edu.co/><https://www.facebook.com/RENATAColombia/> <https://twitter.com/@red_renata> <https://www.youtube.com/user/comunicacionesrenata/videos>
>>
>>
>>     2018-04-20 8:58 GMT-05:00 Tomasz Wolniewicz <twoln AT umk.pl
>>     <mailto:twoln AT umk.pl>>:
>>
>>         Hi,
>>            this error was most likely due to the Colombian federation
>>         dropping out of eduGAIN metadata. This did happen several time
>>         due to the federation not renewing its metadata file in time.
>>
>>         Since CAT consumes information about identity providers via
>>         eduGAIN if a country federation drops out of eduGAIN, CAT
>>         looses information and cannot work with your identity
>>         provider. Everything gets restored when the federation renews
>>         its file (it is OK now).
>>
>>         Yours
>>         Tomasz
>>
>>
>>         W dniu 11.04.2018 o 23:47, Gerencia de Tecnologías de la
>>         Información pisze:
>>>         Dear all 
>>>
>>>         we have problems with the user administrator form cat
>>>         administrator Colombia, the reported user is
>>>         tecnico AT renata.edu.co <mailto:tecnico AT renata.edu.co>.
>>>
>>>         the error reported is:
>>>
>>>         <Captura de pantalla 2018-04-11 a la(s) 4.47.06 p. m..png>
>>>
>>>
>>>         best regards
>>>
>>>         ​
>>>
>>>
>>>         Carlos *Ramírez Guzmán*
>>>
>>>         *Gerente de Tecnologías de la información | Chief Information
>>>         Officer
>>>         *Correo electrónico: c.ramirez AT renata.edu.co
>>>         <mailto:c.ramirez AT renata.edu.co> Móvil: (+57) 3155890044
>>>         <tel:+57%20316%5275524>
>>>         Teléfono: (57+1) 5185353, ext. 1003
>>>         Carrera 18 # 79 – 47
>>>         <https://maps.google.com/?q=Carrera+18+%23+79+%E2%80%93+47+*Bogot%C3%A1+D.C.+%E2%80%93+Colombia*&entry=gmail&source=g>
>>>         *Bogotá D.C. – Colombia
>>>         <https://maps.google.com/?q=Carrera+18+%23+79+%E2%80%93+47+*Bogot%C3%A1+D.C.+%E2%80%93+Colombia*&entry=gmail&source=g>*
>>>
>>>         <http://www.renata.edu.co/>
>>>
>>>          
>>>
>>>         <http://www.renata.edu.co/><https://www.facebook.com/RENATAColombia/> <https://twitter.com/@red_renata> <https://www.youtube.com/user/comunicacionesrenata/videos>
>>>
>>>         To unsubscribe, send this message:
>>>         mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>>>         <mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users>
>>>         Or use the following link:
>>>         https://lists.geant.org/sympa/sigrequest/cat-users
>>>         <https://lists.geant.org/sympa/sigrequest/cat-users>
>>
>>         --
>>         Tomasz Wolniewicz   
>>                   twoln AT umk.pl <mailto:twoln AT umk.pl>        http://www.home.umk.pl/~twoln
>>
>>         Uczelniane Centrum Informatyczne   Information&Communication Technology Centre
>>         Uniwersytet Mikolaja Kopernika     Nicolaus Copernicus University,
>>         pl. Rapackiego 1, Torun               pl. Rapackiego 1, Torun, Poland
>>         tel: +48-56-611-2750     fax: +48-56-622-1850       tel kom.: +48-693-032-576
>>
>>
>>     To unsubscribe, send this message:
>>     mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>>     <mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users>
>>     Or use the following link:
>>     https://lists.geant.org/sympa/sigrequest/cat-users
>>     <https://lists.geant.org/sympa/sigrequest/cat-users>
>
>
> To unsubscribe, send this message:
> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
> Or use the following link:
> https://lists.geant.org/sympa/sigrequest/cat-users


--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66




Archive powered by MHonArc 2.6.19.

Top of Page