References, Troubleshooting, Using the authz log to troubleshoot problems – Google Search Appliance Authentication/Authorization for Enterprise SPI Guide User Manual
Page 31: Using xmllint to validate soap messages

Google Search Appliance: Authentication/Authorization for Enterprise SPI Guide
31
References
•
GSA Admin Toolkit: Sample SPI for authentication and authorization [
•
SAML 2.0: [
•
Google Search Appliance Universal Login with SPI: The GSA’s security-manager providing
universal login forms/SPI. [“The SAML Authentication Service Provider Interface (SPI)” in Managing
Search for Controlled-Access Content]
•
XML Digital Signatures: Used for integrity protection of SAML Assertions. [
Troubleshooting
This section provides information for solving problems you might encounter with the SAML
Authentication and Authorization SPIs.
Using the AuthZ Log to Troubleshoot Problems
If you run into any issues, you can download the AuthN/AuthZ logs from the search appliance by using
the Serving > Access Control page in the Admin Console. For more information, click Help Center >
Serving > Access Control.
Using xmllint to Validate SOAP Messages
If you receive a 500 error from the search appliance during any part of the AuthN/AuthZ process, make
sure that the SOAP messages being sent to the search appliance are valid. To check if messages are
valid, use xmllint.