Kombinierte Ansicht Flache Ansicht Baumansicht
Threads [ Zurück | Nächste ]
toggle
Alex Billett
SAML Plugin class cast Exception
17. Januar 2013 10:07
Antwort

Alex Billett

Rang: New Member

Nachrichten: 1

Eintrittsdatum: 16. Januar 2013

Neue Beiträge

I am working on getting Liferay set up as an SP using PingIdentity as the idp and whenever i attempt a SAML login. I am at a total loss for why this is happening and have changed every setting i can think of but am still getting it. Any help would be appreciated. I will include the full stacktrace, the saml response, relevent portal-ext.properties, and my idp meta data below.

Stack trace :

  117:42:58,574 INFO  [stdout] (http--10.16.192.225-8080-1) 17:42:58,571 ERROR [http--10.16.192.225-8080-1][status_jsp:635] com.liferay.saml.SamlException: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
  217:42:58,575 INFO  [stdout] (http--10.16.192.225-8080-1) com.liferay.saml.SamlException: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
  317:42:58,576 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileImpl.processResponse(WebSsoProfileImpl.java:149)
  417:42:58,576 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileUtil.processResponse(WebSsoProfileUtil.java:43)
  517:42:58,576 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.hook.action.AssertionConsumerServiceAction.execute(AssertionConsumerServiceAction.java:40)
  617:42:58,577 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.struts.BaseStrutsAction.execute(BaseStrutsAction.java:37)
  717:42:58,577 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  817:42:58,578 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  917:42:58,578 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 1017:42:58,578 INFO  [stdout] (http--10.16.192.225-8080-1)     at java.lang.reflect.Method.invoke(Method.java:597)
 1117:42:58,579 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
 1217:42:58,579 INFO  [stdout] (http--10.16.192.225-8080-1)     at $Proxy313.execute(Unknown Source)
 1317:42:58,580 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.struts.ActionAdapter.execute(ActionAdapter.java:50)
 1417:42:58,580 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
 1517:42:58,580 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
 1617:42:58,581 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:176)
 1717:42:58,581 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
 1817:42:58,582 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
 1917:42:58,582 INFO  [stdout] (http--10.16.192.225-8080-1)     at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
 2017:42:58,582 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.MainServlet.callParentService(MainServlet.java:560)
 2117:42:58,583 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:537)
 2217:42:58,583 INFO  [stdout] (http--10.16.192.225-8080-1)     at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
 2317:42:58,583 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
 2417:42:58,584 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
 2517:42:58,584 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:72)
 2617:42:58,585 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 2717:42:58,585 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 2817:42:58,586 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 2917:42:58,586 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.strip.StripFilter.processFilter(StripFilter.java:335)
 3017:42:58,587 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 3117:42:58,587 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 3217:42:58,587 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 3317:42:58,588 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 3417:42:58,588 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 3517:42:58,589 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.gzip.GZipFilter.processFilter(GZipFilter.java:123)
 3617:42:58,589 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 3717:42:58,589 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 3817:42:58,590 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 3917:42:58,590 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 4017:42:58,591 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.secure.SecureFilter.processFilter(SecureFilter.java:294)
 4117:42:58,591 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 4217:42:58,592 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 4317:42:58,592 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 4417:42:58,593 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 4517:42:58,593 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.sso.ntlm.NtlmPostFilter.processFilter(NtlmPostFilter.java:83)
 4617:42:58,593 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 4717:42:58,594 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 4817:42:58,594 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 4917:42:58,595 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.hook.filter.SamlSpSsoFilter.processFilter(SamlSpSsoFilter.java:168)
 5017:42:58,595 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 5117:42:58,596 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.GeneratedMethodAccessor226.invoke(Unknown Source)
 5217:42:58,596 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 5317:42:58,596 INFO  [stdout] (http--10.16.192.225-8080-1)     at java.lang.reflect.Method.invoke(Method.java:597)
 5417:42:58,597 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
 5517:42:58,597 INFO  [stdout] (http--10.16.192.225-8080-1)     at $Proxy312.doFilter(Unknown Source)
 5617:42:58,597 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 5717:42:58,598 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 5817:42:58,598 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 5917:42:58,599 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:80)
 6017:42:58,599 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 6117:42:58,600 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 6217:42:58,600 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 6317:42:58,601 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 6417:42:58,601 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:216)
 6517:42:58,601 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 6617:42:58,602 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 6717:42:58,602 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 6817:42:58,603 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:187)
 6917:42:58,603 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 7017:42:58,604 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7117:42:58,604 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7217:42:58,605 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7317:42:58,605 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7417:42:58,606 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738)
 7517:42:58,606 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 7617:42:58,607 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 7717:42:58,607 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:167)
 7817:42:58,608 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 7917:42:58,608 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 8017:42:58,609 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:167)
 8117:42:58,609 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 8217:42:58,610 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 8317:42:58,610 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:187)
 8417:42:58,611 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 8517:42:58,611 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilter.doFilter(InvokerFilter.java:73)
 8617:42:58,612 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
 8717:42:58,612 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
 8817:42:58,612 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
 8917:42:58,613 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
 9017:42:58,613 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397)
 9117:42:58,614 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
 9217:42:58,614 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
 9317:42:58,615 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
 9417:42:58,615 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
 9517:42:58,615 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
 9617:42:58,616 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
 9717:42:58,616 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
 9817:42:58,617 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
 9917:42:58,617 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
10017:42:58,617 INFO  [stdout] (http--10.16.192.225-8080-1)     at java.lang.Thread.run(Thread.java:619)
10117:42:58,618 INFO  [stdout] (http--10.16.192.225-8080-1) Caused by: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
10217:42:58,618 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.xml.security.transforms.Transform.getTransformSpi(Unknown Source)
10317:42:58,619 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.xml.security.transforms.Transform.<init>(Unknown Source)
10417:42:58,619 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.xml.security.transforms.Transforms.item(Unknown Source)
10517:42:58,620 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validateTransforms(SAMLSignatureProfileValidator.java:222)
10617:42:58,620 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validateSignatureImpl(SAMLSignatureProfileValidator.java:86)
10717:42:58,621 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:56)
10817:42:58,621 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:42)
10917:42:58,621 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.performPreValidation(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:164)
11017:42:58,622 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:105)
11117:42:58,623 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51)
11217:42:58,623 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132)
11317:42:58,624 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83)
11417:42:58,624 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70)
11517:42:58,625 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.BaseProfile.decodeSamlMessage(BaseProfile.java:73)
11617:42:58,625 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileImpl.doProcessResponse(WebSsoProfileImpl.java:385)
11717:42:58,625 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileImpl.processResponse(WebSsoProfileImpl.java:139)
11817:42:58,626 INFO  [stdout] (http--10.16.192.225-8080-1)     ... 97 more


SAML:

 1<Response Destination="http://10.16.192.225:8080/c/portal/saml/acs" IssueInstant="2013-01-17T17:31:52.471Z" ID="HZdOvgdnlF4.DVn.4kWIZ7wpwKk" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
 2  <saml:Issuer>GNWIntranetDev</saml:Issuer>
 3  <ds:Signature>
 4    <ds:SignedInfo>
 5      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 6      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 7      <ds:Reference URI="#HZdOvgdnlF4.DVn.4kWIZ7wpwKk">
 8        <ds:Transforms>
 9          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
10          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
11        </ds:Transforms>
12        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
13        <ds:DigestValue>hLe/0VUE2QQ0u1n6z+3ICByWnko=</ds:DigestValue>
14      </ds:Reference>
15    </ds:SignedInfo>
16    <ds:SignatureValue>KIkQpGQLGnEERQE6v.....</ds:SignatureValue>
17  </ds:Signature>
18  <Status>
19    <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
20  </Status>
21  <saml:Assertion Version="2.0" IssueInstant="2013-01-17T17:31:52.475Z" ID="K.m1SisKJoHrf9G2DEbkZUA.dd1">
22    <saml:Issuer>myEntityID</saml:Issuer>
23    <saml:Subject>
24      <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">326001670</saml:NameID>
25      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
26        <saml:SubjectConfirmationData NotOnOrAfter="2013-01-17T17:36:52.475Z" Recipient="http://10.16.192.225:8080/c/portal/saml/acs"/>
27      </saml:SubjectConfirmation>
28    </saml:Subject>
29    <saml:Conditions NotOnOrAfter="2013-01-17T17:36:52.475Z" NotBefore="2013-01-17T17:26:52.475Z">
30      <saml:AudienceRestriction>
31        <saml:Audience>IntranetDev</saml:Audience>
32      </saml:AudienceRestriction>
33    </saml:Conditions>
34    <saml:AuthnStatement AuthnInstant="2013-01-17T17:31:52.474Z" SessionIndex="K.m1SisKJoHrf9G2DEbkZUA.dd1">
35      <saml:AuthnContext>
36        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
37      </saml:AuthnContext>
38    </saml:AuthnStatement>
39  </saml:Assertion>
40</Response>


portal-ext:
 1
 2saml.enabled=true
 3saml.role=sp
 4saml.entity.id=IntranetDev
 5saml.keystore.path=${liferay.home}/data/keystore.jks
 6saml.keystore.password=password
 7saml.keystore.type=jks
 8saml.keystore.credential.password[IntranetDev]=pasword
 9saml.sp.default.idp.entity.id=myEntityID
10saml.metadata.paths=${liferay.home}/data/idpmetadata.xml
11saml.sp.sign.authn.request=false
12saml.sp.assertion.signature.required=false


and the meta data:

 1<md:EntityDescriptor entityID="myEntityID" cacheDuration="PT1440M" ID="uygCDLBSmuN3.ap9Pbrujc1Tzay" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
 2<ds:SignedInfo>
 3<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 4<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 5<ds:Reference URI="#uygCDLBSmuN3.ap9Pbrujc1Tzay">
 6<ds:Transforms>
 7<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
 8<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 9</ds:Transforms>
10<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
11<ds:DigestValue>RejpAcLbBXJ0gvW+nlzH5zyYImY=</ds:DigestValue>
12</ds:Reference>
13</ds:SignedInfo>
14<ds:SignatureValue>
15W/1fbM8+7auKK9NesRPP/oofHuqHPqur.......
16</ds:SignatureValue>
17<ds:KeyInfo>
18<ds:X509Data>
19<ds:X509Certificate>
20MIIDZDCCAkygAwIB......
21</ds:X509Certificate>
22</ds:X509Data>
23<ds:KeyValue>
24<ds:RSAKeyValue>
25<ds:Modulus>
26oX8l1QJ8i8YNucbq2qtGhqFXHPi.....
27</ds:Modulus>
28<ds:Exponent>AQAB</ds:Exponent>
29</ds:RSAKeyValue>
30</ds:KeyValue>
31</ds:KeyInfo>
Mika Koivisto
RE: SAML Plugin class cast Exception
17. Januar 2013 16:10
Antwort

Mika Koivisto

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1503

Eintrittsdatum: 7. August 2006

Neue Beiträge

Seems like a classloading issue. Make sure you don't have a jar with that class higher up in your classloader hierarchy.
Jack Chung
RE: SAML Plugin class cast Exception
20. März 2013 21:49
Antwort

Jack Chung

Rang: New Member

Nachrichten: 19

Eintrittsdatum: 30. November 2011

Neue Beiträge

just to add to this, a similar problem was seen in websphere 8. The resolution was to change the startup order for the saml-portlet from the default "1" to "2" in the IBM Web Console.
Mika Koivisto
RE: SAML Plugin class cast Exception
21. März 2013 11:00
Antwort

Mika Koivisto

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1503

Eintrittsdatum: 7. August 2006

Neue Beiträge

Ah WebSphere loads parent first by default and that's wrong. You need to switch the classloading order to parent last for pretty much every single plugin.
Mitesh S Panchal
RE: SAML Plugin class cast Exception
31. Mai 2013 09:03
Antwort

Mitesh S Panchal

Rang: New Member

Nachrichten: 20

Eintrittsdatum: 10. Dezember 2008

Neue Beiträge

Hi
I am facing similar exception with tomcat application server.
Strange thing is same things works fine in local machine tomcat but on DEV app server it is failing.
here is the Exception , any help or pointers appreciated....

 1Caused by: org.opensaml.saml2.metadata.provider.MetadataProviderException: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
 2        at com.liferay.saml.metadata.MetadataManagerImpl.getEntityDescriptor(MetadataManagerImpl.java:119)
 3        at com.liferay.saml.metadata.MetadataManagerUtil.getEntityDescriptor(MetadataManagerUtil.java:48)
 4        at com.liferay.saml.profile.BaseProfile.getSamlMessageContext(BaseProfile.java:137)
 5        at com.liferay.saml.profile.BaseProfile.getSamlMessageContext(BaseProfile.java:190)
 6        at com.liferay.saml.profile.WebSsoProfileImpl.decodeAuthnRequest(WebSsoProfileImpl.java:272)
 7        at com.liferay.saml.profile.WebSsoProfileImpl.doProcessAuthnRequest(WebSsoProfileImpl.java:309)
 8        at com.liferay.saml.profile.WebSsoProfileImpl.processAuthnRequest(WebSsoProfileImpl.java:119)
 9        ... 86 more
10Caused by: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
11        at org.apache.xml.security.transforms.Transform.getTransformSpi(Unknown Source)
12        at org.apache.xml.security.transforms.Transform.<init>(Unknown Source)
13        at org.apache.xml.security.transforms.Transform.getInstance(Unknown Source)
14        at org.apache.xml.security.transforms.Transform.getInstance(Unknown Source)
15        at org.apache.xml.security.transforms.Transforms.addTransform(Unknown Source)
16        at org.opensaml.common.impl.SAMLObjectContentReference.createReference(SAMLObjectContentReference.java:140)
17        at org.opensaml.xml.signature.impl.SignatureMarshaller.createSignatureElement(SignatureMarshaller.java:115)
18        at org.opensaml.xml.signature.impl.SignatureMarshaller.marshall(SignatureMarshaller.java:70)
19        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallChildElements(AbstractXMLObjectMarshaller.java:316)
20        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallInto(AbstractXMLObjectMarshaller.java:223)
21        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:129)
22        at org.opensaml.common.impl.AbstractSAMLObjectMarshaller.marshall(AbstractSAMLObjectMarshaller.java:59)
23        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:85)
24        at com.liferay.saml.util.OpenSamlUtil.signObject(OpenSamlUtil.java:494)
25        at com.liferay.saml.metadata.MetadataGeneratorUtil.buildIdpEntityDescriptor(MetadataGeneratorUtil.java:62)
26        at com.liferay.saml.metadata.MetadataManagerImpl.getEntityDescriptor(MetadataManagerImpl.java:105)
27        ... 92 more
Mitesh S Panchal
RE: SAML Plugin class cast Exception
3. Juni 2013 07:28
Antwort

Mitesh S Panchal

Rang: New Member

Nachrichten: 20

Eintrittsdatum: 10. Dezember 2008

Neue Beiträge

Any Update any one ???

Thanks
Mitesh
Mika Koivisto
RE: SAML Plugin class cast Exception
3. Juni 2013 14:21
Antwort

Mika Koivisto

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1503

Eintrittsdatum: 7. August 2006

Neue Beiträge

Check your classpath. You probably have xmlsec.jar in global classloader.
Mitesh S Panchal
RE: SAML Plugin class cast Exception
5. Juni 2013 07:56
Antwort

Mitesh S Panchal

Rang: New Member

Nachrichten: 20

Eintrittsdatum: 10. Dezember 2008

Neue Beiträge

Thanks

If i deploy saml portlet after server start then SSO works fine.
That worked out for me as a workaround for now

Thanks again!!
Mitesh
Aldo De Vleeschauwer
RE: SAML Plugin class cast Exception
7. August 2013 09:17
Antwort

Aldo De Vleeschauwer

Rang: New Member

Nachrichten: 20

Eintrittsdatum: 9. März 2011

Neue Beiträge

Same issue here. We're using JBoss 7.1.1.

I was playing with the "jboss-deployment-structure.xml" file, trying to exclude some modules that might push xmlsec.jar and doing so I was redeploying the saml-portlet plugin so the issue seemed solved.

Turns out it was, as Mitesh stated, the redeploy that solved it.

Unfortunately this is not a workaround for us.
Aldo De Vleeschauwer
RE: SAML Plugin class cast Exception
8. August 2013 09:14
Antwort

Aldo De Vleeschauwer

Rang: New Member

Nachrichten: 20

Eintrittsdatum: 9. März 2011

Neue Beiträge

I have found a solution for JBoss 7.1.1.

The class causing the issue is loaded using "Thread.currentThread().getContextClassLoader()".

It turns out that during startup of the JBoss server, the "Thread.currentThread().getContextClassLoader()" does not contain the application classloader but rather a classloader from another JBoss module. So the "jboss-deployment-structure.xml" did not help here, as it only influences the application classloader.

At redeploy it does work as expected, the "Thread.currentThread().getContextClassLoader()" contains the application classloader.

To fix it, I replaced the contextClassLoader in "OpenSamlBootstrap.java", bootstrap():

 1
 2        ClassLoader contextClassLoader = Thread.currentThread()
 3                .getContextClassLoader();
 4
 5        try {
 6            Thread.currentThread().setContextClassLoader(
 7                    OpenSamlBootstrap.class.getClassLoader());
 8
 9            initializeXMLSecurity();
10
11            initializeXMLTooling(_xmlToolingConfigs);
12
13            initializeArtifactBuilderFactories();
14
15            initializeGlobalSecurityConfiguration();
16
17            initializeParserPool();
18
19            initializeESAPI();
20
21        } finally {
22            Thread.currentThread().setContextClassLoader(contextClassLoader);
23        }


Now it works as expected.
Mika Koivisto
RE: SAML Plugin class cast Exception
8. August 2013 11:38
Antwort

Mika Koivisto

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1503

Eintrittsdatum: 7. August 2006

Neue Beiträge

Thanks Aldo for tracking down the issue. Can you create a ticket for this? I'll our QA reproduce the issue so that we can get the fix in.
Mika Koivisto
RE: SAML Plugin class cast Exception
8. August 2013 15:55
Antwort

Mika Koivisto

LIFERAY STAFF

Rang: Liferay Legend

Nachrichten: 1503

Eintrittsdatum: 7. August 2006

Neue Beiträge

Looks like we already knew about that issue but it got closed as no longer reproducible because it wasn't something that could be consistently reproduced. I reopened it and will use the same workaround we already use for Velocity initialization this is basically the same thing Aldo came up with. The issue is LPS-31484