Product SiteDocumentation Site

Chapter 17. Compiler Output

Topic ID 42191

  • INFO: Security Level-Based Access Control
  • INFO: Topic Types: Concept Assigned Writer: pedroigor
  • INFO: Topic URL
  • WARNING: This topic has no XML data

Topic ID 30033

  • INFO: Salesforce setup
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_30033" version="5.0" xml:id="Salesforce_setup" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Salesforce setup</title>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Disable Single Sign on</emphasis> in SSO settings if you enabled it previously. As in this step, we don't want to login into Salesforce through SSO but we want Salesforce to provide SSO for us and act as Identity Provider.
    			</para>
    		</listitem>
    	</itemizedlist>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Identity provider setup</emphasis> - In link <emphasis role="strong">Setup</emphasis> -&gt; <emphasis role="strong">Security controls</emphasis> -&gt; <emphasis role="strong">Identity provider</emphasis> you need to setup Salesforce as IDP.
    			</para>
    		</listitem>
    	</itemizedlist>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Generate certificate</emphasis> - first generate certificate on first screen. This certificate will be used to sign SAMLResponse messages sent from Salesforce IDP.
    			</para>
    			<figure>
    				<mediaobject>
    					<imageobject>
    						<imagedata fileref="images/5880.png" />
    					</imageobject>
    				</mediaobject>
    			</figure>
    			<para>
    				After certificate will be generated in Salesforce, you can download it to your computer.
    			</para>
    		</listitem>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Configure generated certificate for Identity Provider</emphasis> - In Identity Provider setup, you need to select the certificate, which you just generated
    			</para>
    		</listitem>
    	</itemizedlist>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Add service provider</emphasis> - In section <emphasis role="strong">Setup</emphasis> -&gt; <emphasis role="strong">Security Controls</emphasis> -&gt; <emphasis role="strong">Identity Provider</emphasis> -&gt; <emphasis role="strong">Service providers</emphasis> you can add your Picketlink application as Service Provider. We will use application <emphasis role="strong">sales-post-sig</emphasis> from <link xlink:href="https://docs.jboss.org/author/display/PLINK/PicketLink+Quickstarts#PicketLinkQuickstarts-AbouttheQuickstarts">Picketlink quickstarts</link> . So in first screen of configuration of your Service provider, you need to add <emphasis role="strong">ACS URL</emphasis> and <emphasis role="strong">Entity ID</emphasis> like <emphasis role="italics"> <link xlink:href="http://localhost:8080/sales-post-sig/" /> </emphasis> <emphasis role="italics">. Subject type</emphasis> needs to be <emphasis role="italics">Federation ID</emphasis> and you also need to upload certificate corresponding to signing key of sales-post-sig application. You first need to export this certificate from your keystore file. See <link xlink:href="https://docs.jboss.org/author/display/PLINK/Picketlink+as+IDP%2C+Salesforce+as+SP">previous tutorial</link> for how to do it. In next screen, you can select profile for users, who will be able to login to this Service Provider. By checking first checkbox, you will automatically select all profiles. After confirm this screen, you will have your service provider created. Let's see how your final configuration can looks like after confirming:
    			</para>
    			<figure>
    				<mediaobject>
    					<imageobject>
    						<imagedata fileref="images/5881.png" />
    					</imageobject>
    				</mediaobject>
    			</figure>
    		</listitem>
    	</itemizedlist>
    	<sidebar>
    		<para> 
    			<emphasis role="strong">WARNING:</emphasis> As mentioned in previous tutorial, you should create your own keystore file for Picketlink and not use example keystore <emphasis role="italics">jbid_test_keystore.jks</emphasis> and certificates from it in production environment. In this tutorial, we will use it only for simplicity and demonstration purposes.
    		</para>
    	</sidebar>
    </section>

Topic ID 30037

  • INFO: Google Apps setup
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_30037" version="5.0" xml:id="Google_Apps_setup" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Google Apps setup</title>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Creating Google Apps domain</emphasis> - you need to create Google Apps domain on <link xlink:href="http://www.google.com/apps" /> . Follow the instructions on google page on how to do it.
    			</para>
    		</listitem>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Add some users</emphasis> - let's add some users, which will be available to login into your domain. So let's add user <emphasis role="italics">tomcat</emphasis> first. In Google &amp; Apps control panel, you need to click <emphasis role="strong">Organization &amp; Users</emphasis> -&gt; <emphasis role="strong">Create new user</emphasis> and add him email <emphasis role="strong">tomcat@yourdomain.com</emphasis> . This will ensure that nick of new user will be <emphasis role="italics">tomcat</emphasis> . See screenshot:
    			</para>
    			<figure>
    				<mediaobject>
    					<imageobject>
    						<imagedata fileref="images/5870.png" />
    					</imageobject>
    				</mediaobject>
    			</figure>
    		</listitem>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Configure SAML SSO</emphasis> - In menu <emphasis role="strong">Advanced tools</emphasis> -&gt; <emphasis role="strong">Set up single sign-on (SSO)</emphasis> you can setup SSO settings. For our testing purposes, you can set it like done on screenshot . Especially it's important to set Sign-in page to <emphasis role="italics"> <link xlink:href="http://localhost:8080/idp-sig/" /> </emphasis> <emphasis role="italics">. Sign-out page can be also set but Google Apps don't support SAML Single Logout profile, so this is only page where will be users redirected after logout. Let's click checkbox _Use a domain specific issuer</emphasis> to true.
    			</para>
    		</listitem>
    	</itemizedlist>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Certificate upload</emphasis> - you also need to upload certificate exported from your picketlink keystore in similar way, like done for Salesforce in <link xlink:href="https://docs.jboss.org/author/display/PLINK/Picketlink+as+IDP%2C+Salesforce+as+SP">previous tutorials</link> . So let's upload <emphasis role="italics">test-certificate.crt</emphasis> into Google Apps.
    			</para>
    		</listitem>
    	</itemizedlist>
    	<sidebar>
    		<para>
    			WARNING: Once again, you shouldn't use picketlink test keystore file jbid_test_keystore.jks in production environment. We use it here only for simplicity and for demonstration purposes.
    		</para>
    	</sidebar>
    	<para>
    		<figure>
    			<mediaobject>
    				<imageobject>
    					<imagedata fileref="images/5869.png" />
    				</imageobject>
    			</mediaobject>
    		</figure>
    	</para>
    </section>

Topic ID 30026

  • INFO: Salesforce setup
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_30026" version="5.0" xml:id="Salesforce_setup1" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Salesforce setup</title>
    	<para>
    		First you need to perform some actions on Salesforce side. Brief description is here. For more details, you can see Salesforce documentation.
    	</para>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Register Salesforce account</emphasis> - You will need to register in Salesforce with free developer account. You can do it <link xlink:href="http://developer.force.com/">here</link> .
    			</para>
    		</listitem>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Register your salesforce domain</emphasis> - Salesforce supports SP-initiated SAML login workflow or IDP-initiated SAML login workflow. For picketlink integration, we will use SP-initiated login workflow, where user needs to access Salesforce and Salesforce will send SAMLRequest to Picketlink IDP. For achieving this, you need to create Salesforce domain. When registered and logged in <link xlink:href="http://www.salesforce.com">www.salesforce.com</link> , you will need to click on Your name in right top corner -&gt; Link <emphasis role="strong">Setup</emphasis> -&gt; Link <emphasis role="strong">Company Profile</emphasis> -&gt; Link <emphasis role="strong">My Domain</emphasis> . Here you can create your Salesforce domain and make it available for testing.
    			</para>
    		</listitem>
    		<listitem>
    			<para> 
    				<emphasis role="strong">SAML SSO configuration</emphasis> - Now you need again to click on Your name in right top corner -&gt; Link <emphasis role="strong">Setup</emphasis> -&gt; Link <emphasis role="strong">Security controls</emphasis> -&gt; Link <emphasis role="strong">Single Sign-On Settings</emphasis> Then configure it as follows:
    			</para>
    			<itemizedlist>
    				<listitem>
    					<para> 
    						<emphasis role="strong">SAML Enabled</emphasis> checkbox needs to be checked
    					</para>
    				</listitem>
    				<listitem>
    					<para> 
    						<emphasis role="strong">SAML Version</emphasis> needs to be 2.0
    					</para>
    				</listitem>
    				<listitem>
    					<para> 
    						<emphasis role="strong">Issuer</emphasis> needs to be <emphasis role="italics"> <link xlink:href="http://localhost:8080/idp-sig/_">http://localhost:8080/idp-sig/</link> </emphasis> <emphasis role="italics">-</emphasis> This identifies issuer, which will be used as IDP for salesforce. NOTE: Be sure that URL really ends with "/" character.
    					</para>
    				</listitem>
    				<listitem>
    					<para> 
    						<emphasis role="strong">Identity Provider Login URL</emphasis> also needs to be <link xlink:href="http://localhost:8080/idp-sig/_">http://localhost:8080/idp-sig/</link> - This identifies URL where Salesforce SP will send it's SAMLRequest for login.
    					</para>
    				</listitem>
    				<listitem>
    					<para> 
    						<emphasis role="strong">Identity Provider Logout URL</emphasis> points to URL where Salesforce redirects user after logout. You may also use your IDP address or something different according to your needs.
    					</para>
    				</listitem>
    				<listitem>
    					<para> 
    						<emphasis role="strong">Subject mapping</emphasis> - You need to configure how to map Subject from SAMLResponse, which will be send by Picketlink IDP, to Salesforce user account. In the example, we will use that SAMLResponse will contain information about Subject in "NameIdentifier" element of SAMLResponse and ID of subject will be mapped to Salesforce Federation ID of particular user. So in: <emphasis role="strong">SAML User ID Type</emphasis> , you need to check option <emphasis role="italics">Assertion contains the Federation ID from the User object</emphasis> and for <emphasis role="strong">SAML User ID Location</emphasis> , you need to check <emphasis role="italics">User ID is in the NameIdentifier element of the Subject statement</emphasis> .
    					</para>
    				</listitem>
    				<listitem>
    					<para> 
    						<emphasis role="strong">Entity ID</emphasis> - Here we will use <link xlink:href="https://saml.salesforce.com_">https://saml.salesforce.com</link> . Whole configuration can look as follows:
    					</para>
    					<figure>
    						<mediaobject>
    							<imageobject>
    								<imagedata fileref="images/5882.png" />
    							</imageobject>
    						</mediaobject>
    					</figure>
    				</listitem>
    			</itemizedlist>
    		</listitem>
    	</itemizedlist>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Certificate</emphasis> - Last very important thing is upload of your certificate to Salesforce, because Salesforce needs to verify signature on SAMLResponse sent from your Picketlink Identity Provider. So first you need to export certificate from your keystore file and then import this certificate into Salesforce. So in <emphasis role="strong">idp-sig.war/WEB-INF/classes</emphasis> you can run command like:
    			</para>
    		</listitem>
    	</itemizedlist>
    	<informalexample>
    		<programlisting>
    keytool -export -keystore jbid_test_keystore.jks -alias servercert -file test-certificate.crt
    </programlisting>
    	</informalexample>
    	<para>
    		after typing keystore password <emphasis role="italics">store123</emphasis> you should see exported certificate in file <emphasis role="italics">test-certificate.crt .</emphasis>
    	</para>
    	<sidebar>
    		<para> 
    			<emphasis role="strong">WARNING:</emphasis> For production environment in salesforce, you should generate your own keystore file and use certificate from your own file instead of the default picketlink <emphasis role="italics">jbid_test_keystore.jks</emphasis>
    		</para>
    	</sidebar>
    	<para>
    		Then you can import this certificate <emphasis role="italics">test-certificate.crt</emphasis> into SalesForce via menu with SSO configuration.
    	</para>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Adding users</emphasis> - Last action you need to do in Salesforce is to add some users. You can do it in: Link <emphasis role="strong">Setup</emphasis> -&gt; Link <emphasis role="strong">Manage Users</emphasis> -&gt; Link <emphasis role="strong">Users</emphasis> . Now you can create user and fill some values as you want. Please note that username must be in form of email address. Note that <emphasis role="italics">Federation ID</emphasis> is the value, which is used for mapping the user with the NameIdentifier subject from SAML assertion, which will be sent from Picketlink IDP. So let's use Federation ID with value <emphasis role="italics">tomcat</emphasis> for our first user.
    			</para>
    		</listitem>
    	</itemizedlist>
    	<para>
    		<figure>
    			<mediaobject>
    				<imageobject>
    					<imagedata fileref="images/5884.png" />
    				</imageobject>
    			</mediaobject>
    		</figure>
    	</para>
    </section>

Topic ID 30029

  • INFO: Single logout
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_30029" version="5.0" xml:id="Single_logout" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Single logout</title>
    	<para>
    		Now you have basic setup done but in order to support single logout, you need to do some additional actions. Especially Salesforce is not using same URL for login and single logout, which means that we need to configure SP metadata on Picketlink side to provide mapping between SP and their URL for logout. Needed actions are:
    	</para>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Download SAML metadata</emphasis> from Salesforce SSO settings. Save downloaded XML file as <emphasis role="strong">idp-sig.war/WEB-INF/sp-metadata.xml</emphasis>
    			</para>
    		</listitem>
    	</itemizedlist>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Add SingleLogoutService element</emphasis> - unfortunately another element needs to be manually added into metadata as Salesforce doesn't use single logout configuration in their metadata. So let's add following element into metadata file after <emphasis role="italics">md:AssertionConsumerService</emphasis> element:
    			</para>
    		</listitem>
    	</itemizedlist>
    	<informalexample>
    		<programlisting>
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Location="https://login.salesforce.com/saml/logout-request.jsp?saml=MgoTx78aEPkEM4eGV5ZzptlliwIVkRkOWYKlqXQq2StV_sLo0EiRqKYtIc" index="0" isDefault="true"/&gt;
    </programlisting>
    	</informalexample>
    	<para>
    		Note that value of Location attribute will be different for your domain. You can see which value to use in Salesforce SSO settings page from element <emphasis role="italics">Salesforce.com Single Logout URL</emphasis> :
    	</para>
    	<para>
    		<figure>
    			<mediaobject>
    				<imageobject>
    					<imagedata fileref="images/5883.png" />
    				</imageobject>
    			</mediaobject>
    		</figure>
    	</para>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Add md:EntitiesDescriptor element</emphasis> - Finally you need to add enclosing element <emphasis role="italics">md:EntitiesDescriptor</emphasis> and encapsulate whole current content into it. This is needed as we may want to use more EntityDescriptor elements in this single metadata file (like another element for Google Apps etc):
    			</para>
    		</listitem>
    	</itemizedlist>
    	<informalexample>
    		<programlisting>
    &lt;?xml version="1.0" encoding="UTF-8"?&gt;
    &lt;md:EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"&gt;
    &nbsp; &lt;md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://saml.salesforce.com" ....
    &nbsp; ...
    &nbsp; &lt;/md:EntityDescriptor&gt;
    &lt;/md:EntitiesDescriptor&gt;
    </programlisting>
    	</informalexample>
    	<itemizedlist>
    		<listitem>
    			<para> 
    				<emphasis role="strong">Configure metadata location</emphasis> - Let's add new MetaDataProvider into file <emphasis role="strong">idp-sig.war/WEB-INF/picketlink.xml</emphasis> after section with KeyProvider:
    			</para>
    		</listitem>
    	</itemizedlist>
    	<informalexample>
    		<programlisting>
    ...
             &lt;/KeyProvider&gt;
    
             &lt;MetaDataProvider ClassName="org.picketlink.identity.federation.core.saml.md.providers.FileBasedEntitiesMetadataProvider"&gt;
               &lt;Option Key="FileName" Value="/WEB-INF/sp-metadata.xml"/&gt;
             &lt;/MetaDataProvider&gt;
          &lt;/PicketLinkIDP&gt;
    .....
    </programlisting>
    	</informalexample>
    </section>

Topic ID 29879

  • INFO: Example:
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "section" incomplete; expected element "address", "anchor", "annotation", "bibliolist", "blockquote", "bridgehead", "calloutlist", "caution", "classsynopsis", "cmdsynopsis", "constraintdef", "constructorsynopsis", "destructorsynopsis", "epigraph", "equation", "example", "fieldsynopsis", "figure", "formalpara", "funcsynopsis", "glosslist", "important", "indexterm", "info", "informalequation", "informalexample", "informalfigure", "informaltable", "itemizedlist", "literallayout", "mediaobject", "methodsynopsis", "msgset", "note", "orderedlist", "para", "procedure", "productionset", "programlisting", "programlistingco", "qandaset", "refentry", "remark", "revhistory", "screen", "screenco", "screenshot", "section", "segmentedlist", "sidebar", "simpara", "simplelist", "simplesect", "subtitle", "synopsis", "table", "task", "tip", "titleabbrev", "variablelist" or "warning". The processed XML is
    <section remap="TID_29879" version="5.0" xml:id="Example10" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Example:</title>
    </section>

Topic ID 29851

  • INFO: Introduction
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_29851" version="5.0" xml:id="Introduction" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Introduction</title>
    	<para>
    		The PicketLink Identity Provider Authenticator is a component responsible for the authentication of users and for issue and validate SAML assertions.
    	</para>
    	<para>
    		Basically, there two different different authenticator implementations type:
    	</para>
    	<itemizedlist>
    		<listitem>
    			<para>
    				Identity Provider Authenticators
    			</para>
    		</listitem>
    		<listitem>
    			<para>
    				Service Provider Authenticators
    			</para>
    		</listitem>
    	</itemizedlist>
    	<para>
    		<figure>
    			<mediaobject>
    				<imageobject>
    					<imagedata fileref="images/5885.png" />
    				</imageobject>
    			</mediaobject>
    		</figure>
    	</para>
    </section>

Topic ID 29920

  • INFO: Example:
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "section" incomplete; expected element "address", "anchor", "annotation", "bibliolist", "blockquote", "bridgehead", "calloutlist", "caution", "classsynopsis", "cmdsynopsis", "constraintdef", "constructorsynopsis", "destructorsynopsis", "epigraph", "equation", "example", "fieldsynopsis", "figure", "formalpara", "funcsynopsis", "glosslist", "important", "indexterm", "info", "informalequation", "informalexample", "informalfigure", "informaltable", "itemizedlist", "literallayout", "mediaobject", "methodsynopsis", "msgset", "note", "orderedlist", "para", "procedure", "productionset", "programlisting", "programlistingco", "qandaset", "refentry", "remark", "revhistory", "screen", "screenco", "screenshot", "section", "segmentedlist", "sidebar", "simpara", "simplelist", "simplesect", "subtitle", "synopsis", "table", "task", "tip", "titleabbrev", "variablelist" or "warning". The processed XML is
    <section remap="TID_29920" version="5.0" xml:id="Example11" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Example:</title>
    </section>

Topic ID 29894

  • INFO: Example:
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "section" incomplete; expected element "address", "anchor", "annotation", "bibliolist", "blockquote", "bridgehead", "calloutlist", "caution", "classsynopsis", "cmdsynopsis", "constraintdef", "constructorsynopsis", "destructorsynopsis", "epigraph", "equation", "example", "fieldsynopsis", "figure", "formalpara", "funcsynopsis", "glosslist", "important", "indexterm", "info", "informalequation", "informalexample", "informalfigure", "informaltable", "itemizedlist", "literallayout", "mediaobject", "methodsynopsis", "msgset", "note", "orderedlist", "para", "procedure", "productionset", "programlisting", "programlistingco", "qandaset", "refentry", "remark", "revhistory", "screen", "screenco", "screenshot", "section", "segmentedlist", "sidebar", "simpara", "simplelist", "simplesect", "subtitle", "synopsis", "table", "task", "tip", "titleabbrev", "variablelist" or "warning". The processed XML is
    <section remap="TID_29894" version="5.0" xml:id="Example16" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Example:</title>
    </section>

Topic ID 29913

  • INFO: Example:
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "section" incomplete; expected element "address", "anchor", "annotation", "bibliolist", "blockquote", "bridgehead", "calloutlist", "caution", "classsynopsis", "cmdsynopsis", "constraintdef", "constructorsynopsis", "destructorsynopsis", "epigraph", "equation", "example", "fieldsynopsis", "figure", "formalpara", "funcsynopsis", "glosslist", "important", "indexterm", "info", "informalequation", "informalexample", "informalfigure", "informaltable", "itemizedlist", "literallayout", "mediaobject", "methodsynopsis", "msgset", "note", "orderedlist", "para", "procedure", "productionset", "programlisting", "programlistingco", "qandaset", "refentry", "remark", "revhistory", "screen", "screenco", "screenshot", "section", "segmentedlist", "sidebar", "simpara", "simplelist", "simplesect", "subtitle", "synopsis", "table", "task", "tip", "titleabbrev", "variablelist" or "warning". The processed XML is
    <section remap="TID_29913" version="5.0" xml:id="Example2" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Example:</title>
    </section>

Topic ID 29813

  • INFO: Introduction
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_29813" version="5.0" xml:id="Introduction4" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Introduction</title>
    	<para>
    		PicketLink Service Providers Authenticators are important components responsible for the authentication of users using the SAML Assertion previously issued by an Identity Provider.
    	</para>
    	<para>
    		They are responsible for intercepting each request made to an application, checking if a SAML assertion is present in the request, validating its signature and executing SAML specific validations and creating a security context for the user in the requested application.
    	</para>
    	<para>
    		<figure>
    			<mediaobject>
    				<imageobject>
    					<imagedata fileref="images/5885.png" />
    				</imageobject>
    			</mediaobject>
    		</figure>
    	</para>
    </section>

Topic ID 29775

  • INFO: Introduction
  • INFO: Topic URL
  • ERROR: This topic has invalid DocBook XML. The error is element "mediaobject" not allowed yet; expected element "info", "title" or "titleabbrev". The processed XML is
    <section remap="TID_29775" version="5.0" xml:id="Introduction8" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
    	<title>Introduction</title>
    	<para>
    		The PicketLink Identity Provider Authenticator is a component responsible for the authentication of users and for issue and validate SAML assertions.
    	</para>
    	<para>
    		<figure>
    			<mediaobject>
    				<imageobject>
    					<imagedata fileref="images/5885.png" />
    				</imageobject>
    			</mediaobject>
    		</figure>
    	</para>
    </section>

Topic ID 29982

  • INFO: Process Overview
  • INFO: Topic URL
  • ERROR: No image filename specified. Must be in the format [ImageFileID].extension e.g. 123.png, or images/321.jpg

Compiler Glossary

"... is possibly an invalid custom Injection Point."
  • The XML comment mentioned has been identified as a possible custom Injection Point, that is incorrectly referenced.
  • To fix this error please ensure that the type is valid, a colon is used to separate the IDs from the type and only topic IDs are used in the ID list.
"This topic contains an invalid element that can't be converted into a DOM Element."
  • The topic XML contains invalid elements that cannot be successfully converted in DOM elements.
  • To fix this error please remove or correct any invalid XML elements or entities.
"This topic doesn't have well-formed xml."
  • The topic XML is not well-formed XML and maybe missing opening or closing element statements.
  • To fix this error please ensure that all XML elements having an opening and closing statement and all XML reserved characters are represented as XML entities.
"This topic has invalid DocBook XML."
  • The topic XML is not valid against the DocBook specification.
  • To fix this error please ensure that all XML elements are valid DocBook elements . Also check to ensure all XML sub elements are valid for the root XML element.
"This topic has invalid Injection Points."
  • The topic XML contains Injection Points that cannot be resolved into links.
  • To fix this error please ensure that all the topics referred to by Injection Points are included in the build and/or have adequate relationships.
"This topic has no XML data"
  • The topic doesn't have any XML Content to display.
  • To fix this warning, open the topic URL and add some content.