<div dir="ltr">John: Can you create a JIRA issue?<div>Pedro: I assume you'll fix it?</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 16 January 2016 at 01:00, John Dennis <span dir="ltr"><<a href="mailto:jdennis@redhat.com" target="_blank">jdennis@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 01/15/2016 12:52 PM, Pedro Igor Silva wrote:<br>
> Hey John,<br>
><br>
> KC expects a POST using the "application/soap+xml" media type. Maybe we should also provide a text/xml for SOAP 1.1 clients.<br>
><br>
> Regards.<br>
> Pedro Igor<br>
<br>
</span>I asked Pedro to wait and not change anything in Keycloak until I<br>
checked the specs. Based on my reading of the specs the media type (i.e.<br>
HTTP Content-Type header) should be<br>
<br>
text/xml<br>
<br>
The media type 'application/soap+xml' is reserved for SOAP 1.2. RFC 3902<br>
"The "application/soap+xml" media type" states:<br>
<br>
The "application/soap+xml" media type explicitly identifies SOAP 1.2<br>
message envelopes that have been serialised with XML 1.0; message<br>
envelopes with a different SOAP namespace version or using another<br>
XML serialisation MUST NOT use it.<br>
<br>
The "SAML V2.0 Enhanced Client or Proxy Profile Version 2.0" (current as<br>
of August 2013) states that SAML messages are wrapped in SOAP 1.1.<br>
<br>
The "Simple Object Access Protocol (SOAP) 1.1" spec<br>
(<a href="https://www.w3.org/TR/2000/NOTE-SOAP-20000508/" rel="noreferrer" target="_blank">https://www.w3.org/TR/2000/NOTE-SOAP-20000508/</a>) in Section 6 "Using<br>
SOAP in HTTP" states:<br>
<br>
HTTP applications MUST use the media type "text/xml" according to<br>
RFC 2376 when including SOAP entity bodies in HTTP messages.<br>
<br>
Therefore since ECP requires SOAP 1.1 (not SOAP 1.2) and SOAP 1.1<br>
requires 'text/xml' and because RFC 3902 reserves 'application/soap+xml'<br>
for SOAP 1.2 the media type should be 'text/xml' not 'application/soap+xml'.<br>
<br>
I am partly to blame for the confusion, Pedro and I used an ECP test<br>
program I wrote and it erroneously used the incorrect<br>
'application/soap+xml' media type and I think Pedro adjusted Keycloak to<br>
match based on that.<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
> ----- Original Message -----<br>
> From: "John Dennis" <<a href="mailto:jdennis@redhat.com">jdennis@redhat.com</a>><br>
> To: <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> Sent: Friday, January 15, 2016 3:36:09 PM<br>
> Subject: [keycloak-dev] unsupported media type error<br>
><br>
> I'm trying to test Openstack ECP with Keycloak. When Openstack posts the<br>
> SAML AuthnRequest wrapped in SOAP to the<br>
> /auth/realms/master/protocol/saml endpoint keycloak responds with an<br>
> HTTP 415 unsupported media type error. The HTTP Content-Type in the post<br>
> is text/xml. What are you expecting?<br>
><br>
> This is with the 1.8.0.CR1 version of keycloak.<br>
><br>
> Thanks!<br>
><br>
<br>
<br>
--<br>
John<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</div></div></blockquote></div><br></div>