Tribune

Home » Liferay Portal » English » 6. Portal Framework

Vista Combinata Vista Piatta Vista ad Albero
Discussioni [ Precedente | Successivo ]
toggle
Alex Billett
SAML Plugin class cast Exception
17 gennaio 2013 10.07
Risposta

Alex Billett

Punteggio: New Member

Messaggi: 1

Data di Iscrizione: 16 gennaio 2013

Messaggi recenti

I am working on getting Liferay set up as an SP using PingIdentity as the idp and whenever i attempt a SAML login. I am at a total loss for why this is happening and have changed every setting i can think of but am still getting it. Any help would be appreciated. I will include the full stacktrace, the saml response, relevent portal-ext.properties, and my idp meta data below.

Stack trace :

  117:42:58,574 INFO  [stdout] (http--10.16.192.225-8080-1) 17:42:58,571 ERROR [http--10.16.192.225-8080-1][status_jsp:635] com.liferay.saml.SamlException: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
  217:42:58,575 INFO  [stdout] (http--10.16.192.225-8080-1) com.liferay.saml.SamlException: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
  317:42:58,576 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileImpl.processResponse(WebSsoProfileImpl.java:149)
  417:42:58,576 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileUtil.processResponse(WebSsoProfileUtil.java:43)
  517:42:58,576 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.hook.action.AssertionConsumerServiceAction.execute(AssertionConsumerServiceAction.java:40)
  617:42:58,577 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.struts.BaseStrutsAction.execute(BaseStrutsAction.java:37)
  717:42:58,577 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  817:42:58,578 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  917:42:58,578 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 1017:42:58,578 INFO  [stdout] (http--10.16.192.225-8080-1)     at java.lang.reflect.Method.invoke(Method.java:597)
 1117:42:58,579 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
 1217:42:58,579 INFO  [stdout] (http--10.16.192.225-8080-1)     at $Proxy313.execute(Unknown Source)
 1317:42:58,580 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.struts.ActionAdapter.execute(ActionAdapter.java:50)
 1417:42:58,580 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
 1517:42:58,580 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
 1617:42:58,581 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:176)
 1717:42:58,581 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
 1817:42:58,582 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
 1917:42:58,582 INFO  [stdout] (http--10.16.192.225-8080-1)     at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
 2017:42:58,582 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.MainServlet.callParentService(MainServlet.java:560)
 2117:42:58,583 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:537)
 2217:42:58,583 INFO  [stdout] (http--10.16.192.225-8080-1)     at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
 2317:42:58,583 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
 2417:42:58,584 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
 2517:42:58,584 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:72)
 2617:42:58,585 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 2717:42:58,585 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 2817:42:58,586 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 2917:42:58,586 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.strip.StripFilter.processFilter(StripFilter.java:335)
 3017:42:58,587 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 3117:42:58,587 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 3217:42:58,587 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 3317:42:58,588 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 3417:42:58,588 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 3517:42:58,589 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.gzip.GZipFilter.processFilter(GZipFilter.java:123)
 3617:42:58,589 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 3717:42:58,589 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 3817:42:58,590 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 3917:42:58,590 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 4017:42:58,591 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.secure.SecureFilter.processFilter(SecureFilter.java:294)
 4117:42:58,591 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 4217:42:58,592 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 4317:42:58,592 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 4417:42:58,593 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 4517:42:58,593 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.sso.ntlm.NtlmPostFilter.processFilter(NtlmPostFilter.java:83)
 4617:42:58,593 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 4717:42:58,594 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 4817:42:58,594 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 4917:42:58,595 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.hook.filter.SamlSpSsoFilter.processFilter(SamlSpSsoFilter.java:168)
 5017:42:58,595 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 5117:42:58,596 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.GeneratedMethodAccessor226.invoke(Unknown Source)
 5217:42:58,596 INFO  [stdout] (http--10.16.192.225-8080-1)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 5317:42:58,596 INFO  [stdout] (http--10.16.192.225-8080-1)     at java.lang.reflect.Method.invoke(Method.java:597)
 5417:42:58,597 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
 5517:42:58,597 INFO  [stdout] (http--10.16.192.225-8080-1)     at $Proxy312.doFilter(Unknown Source)
 5617:42:58,597 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 5717:42:58,598 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 5817:42:58,598 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 5917:42:58,599 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:80)
 6017:42:58,599 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 6117:42:58,600 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 6217:42:58,600 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 6317:42:58,601 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:163)
 6417:42:58,601 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:216)
 6517:42:58,601 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:57)
 6617:42:58,602 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 6717:42:58,602 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 6817:42:58,603 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:187)
 6917:42:58,603 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 7017:42:58,604 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7117:42:58,604 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7217:42:58,605 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7317:42:58,605 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 7417:42:58,606 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738)
 7517:42:58,606 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:206)
 7617:42:58,607 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:108)
 7717:42:58,607 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:167)
 7817:42:58,608 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 7917:42:58,608 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 8017:42:58,609 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:167)
 8117:42:58,609 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 8217:42:58,610 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:116)
 8317:42:58,610 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:187)
 8417:42:58,611 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:95)
 8517:42:58,611 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilter.doFilter(InvokerFilter.java:73)
 8617:42:58,612 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
 8717:42:58,612 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
 8817:42:58,612 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
 8917:42:58,613 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
 9017:42:58,613 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397)
 9117:42:58,614 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
 9217:42:58,614 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
 9317:42:58,615 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
 9417:42:58,615 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
 9517:42:58,615 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
 9617:42:58,616 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
 9717:42:58,616 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
 9817:42:58,617 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
 9917:42:58,617 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
10017:42:58,617 INFO  [stdout] (http--10.16.192.225-8080-1)     at java.lang.Thread.run(Thread.java:619)
10117:42:58,618 INFO  [stdout] (http--10.16.192.225-8080-1) Caused by: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
10217:42:58,618 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.xml.security.transforms.Transform.getTransformSpi(Unknown Source)
10317:42:58,619 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.xml.security.transforms.Transform.<init>(Unknown Source)
10417:42:58,619 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.apache.xml.security.transforms.Transforms.item(Unknown Source)
10517:42:58,620 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validateTransforms(SAMLSignatureProfileValidator.java:222)
10617:42:58,620 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validateSignatureImpl(SAMLSignatureProfileValidator.java:86)
10717:42:58,621 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:56)
10817:42:58,621 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:42)
10917:42:58,621 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.performPreValidation(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:164)
11017:42:58,622 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:105)
11117:42:58,623 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51)
11217:42:58,623 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132)
11317:42:58,624 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83)
11417:42:58,624 INFO  [stdout] (http--10.16.192.225-8080-1)     at org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70)
11517:42:58,625 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.BaseProfile.decodeSamlMessage(BaseProfile.java:73)
11617:42:58,625 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileImpl.doProcessResponse(WebSsoProfileImpl.java:385)
11717:42:58,625 INFO  [stdout] (http--10.16.192.225-8080-1)     at com.liferay.saml.profile.WebSsoProfileImpl.processResponse(WebSsoProfileImpl.java:139)
11817:42:58,626 INFO  [stdout] (http--10.16.192.225-8080-1)     ... 97 more


SAML:

 1<Response Destination="http://10.16.192.225:8080/c/portal/saml/acs" IssueInstant="2013-01-17T17:31:52.471Z" ID="HZdOvgdnlF4.DVn.4kWIZ7wpwKk" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
 2  <saml:Issuer>GNWIntranetDev</saml:Issuer>
 3  <ds:Signature>
 4    <ds:SignedInfo>
 5      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 6      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 7      <ds:Reference URI="#HZdOvgdnlF4.DVn.4kWIZ7wpwKk">
 8        <ds:Transforms>
 9          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
10          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
11        </ds:Transforms>
12        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
13        <ds:DigestValue>hLe/0VUE2QQ0u1n6z+3ICByWnko=</ds:DigestValue>
14      </ds:Reference>
15    </ds:SignedInfo>
16    <ds:SignatureValue>KIkQpGQLGnEERQE6v.....</ds:SignatureValue>
17  </ds:Signature>
18  <Status>
19    <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
20  </Status>
21  <saml:Assertion Version="2.0" IssueInstant="2013-01-17T17:31:52.475Z" ID="K.m1SisKJoHrf9G2DEbkZUA.dd1">
22    <saml:Issuer>myEntityID</saml:Issuer>
23    <saml:Subject>
24      <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">326001670</saml:NameID>
25      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
26        <saml:SubjectConfirmationData NotOnOrAfter="2013-01-17T17:36:52.475Z" Recipient="http://10.16.192.225:8080/c/portal/saml/acs"/>
27      </saml:SubjectConfirmation>
28    </saml:Subject>
29    <saml:Conditions NotOnOrAfter="2013-01-17T17:36:52.475Z" NotBefore="2013-01-17T17:26:52.475Z">
30      <saml:AudienceRestriction>
31        <saml:Audience>IntranetDev</saml:Audience>
32      </saml:AudienceRestriction>
33    </saml:Conditions>
34    <saml:AuthnStatement AuthnInstant="2013-01-17T17:31:52.474Z" SessionIndex="K.m1SisKJoHrf9G2DEbkZUA.dd1">
35      <saml:AuthnContext>
36        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
37      </saml:AuthnContext>
38    </saml:AuthnStatement>
39  </saml:Assertion>
40</Response>


portal-ext:
 1
 2saml.enabled=true
 3saml.role=sp
 4saml.entity.id=IntranetDev
 5saml.keystore.path=${liferay.home}/data/keystore.jks
 6saml.keystore.password=password
 7saml.keystore.type=jks
 8saml.keystore.credential.password[IntranetDev]=pasword
 9saml.sp.default.idp.entity.id=myEntityID
10saml.metadata.paths=${liferay.home}/data/idpmetadata.xml
11saml.sp.sign.authn.request=false
12saml.sp.assertion.signature.required=false


and the meta data:

 1<md:EntityDescriptor entityID="myEntityID" cacheDuration="PT1440M" ID="uygCDLBSmuN3.ap9Pbrujc1Tzay" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
 2<ds:SignedInfo>
 3<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 4<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 5<ds:Reference URI="#uygCDLBSmuN3.ap9Pbrujc1Tzay">
 6<ds:Transforms>
 7<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
 8<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 9</ds:Transforms>
10<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
11<ds:DigestValue>RejpAcLbBXJ0gvW+nlzH5zyYImY=</ds:DigestValue>
12</ds:Reference>
13</ds:SignedInfo>
14<ds:SignatureValue>
15W/1fbM8+7auKK9NesRPP/oofHuqHPqur.......
16</ds:SignatureValue>
17<ds:KeyInfo>
18<ds:X509Data>
19<ds:X509Certificate>
20MIIDZDCCAkygAwIB......
21</ds:X509Certificate>
22</ds:X509Data>
23<ds:KeyValue>
24<ds:RSAKeyValue>
25<ds:Modulus>
26oX8l1QJ8i8YNucbq2qtGhqFXHPi.....
27</ds:Modulus>
28<ds:Exponent>AQAB</ds:Exponent>
29</ds:RSAKeyValue>
30</ds:KeyValue>
31</ds:KeyInfo>
Mika Koivisto
RE: SAML Plugin class cast Exception
17 gennaio 2013 16.10
Risposta

Mika Koivisto

LIFERAY STAFF

Punteggio: Liferay Legend

Messaggi: 1498

Data di Iscrizione: 7 agosto 2006

Messaggi recenti

Seems like a classloading issue. Make sure you don't have a jar with that class higher up in your classloader hierarchy.
Jack Chung
RE: SAML Plugin class cast Exception
20 marzo 2013 21.49
Risposta

Jack Chung

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 30 novembre 2011

Messaggi recenti

just to add to this, a similar problem was seen in websphere 8. The resolution was to change the startup order for the saml-portlet from the default "1" to "2" in the IBM Web Console.
Mika Koivisto
RE: SAML Plugin class cast Exception
21 marzo 2013 11.00
Risposta

Mika Koivisto

LIFERAY STAFF

Punteggio: Liferay Legend

Messaggi: 1498

Data di Iscrizione: 7 agosto 2006

Messaggi recenti

Ah WebSphere loads parent first by default and that's wrong. You need to switch the classloading order to parent last for pretty much every single plugin.
Mitesh S Panchal
RE: SAML Plugin class cast Exception
31 maggio 2013 9.03
Risposta

Mitesh S Panchal

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 10 dicembre 2008

Messaggi recenti

Hi
I am facing similar exception with tomcat application server.
Strange thing is same things works fine in local machine tomcat but on DEV app server it is failing.
here is the Exception , any help or pointers appreciated....

 1Caused by: org.opensaml.saml2.metadata.provider.MetadataProviderException: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
 2        at com.liferay.saml.metadata.MetadataManagerImpl.getEntityDescriptor(MetadataManagerImpl.java:119)
 3        at com.liferay.saml.metadata.MetadataManagerUtil.getEntityDescriptor(MetadataManagerUtil.java:48)
 4        at com.liferay.saml.profile.BaseProfile.getSamlMessageContext(BaseProfile.java:137)
 5        at com.liferay.saml.profile.BaseProfile.getSamlMessageContext(BaseProfile.java:190)
 6        at com.liferay.saml.profile.WebSsoProfileImpl.decodeAuthnRequest(WebSsoProfileImpl.java:272)
 7        at com.liferay.saml.profile.WebSsoProfileImpl.doProcessAuthnRequest(WebSsoProfileImpl.java:309)
 8        at com.liferay.saml.profile.WebSsoProfileImpl.processAuthnRequest(WebSsoProfileImpl.java:119)
 9        ... 86 more
10Caused by: java.lang.ClassCastException: org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature cannot be cast to org.apache.xml.security.transforms.TransformSpi
11        at org.apache.xml.security.transforms.Transform.getTransformSpi(Unknown Source)
12        at org.apache.xml.security.transforms.Transform.<init>(Unknown Source)
13        at org.apache.xml.security.transforms.Transform.getInstance(Unknown Source)
14        at org.apache.xml.security.transforms.Transform.getInstance(Unknown Source)
15        at org.apache.xml.security.transforms.Transforms.addTransform(Unknown Source)
16        at org.opensaml.common.impl.SAMLObjectContentReference.createReference(SAMLObjectContentReference.java:140)
17        at org.opensaml.xml.signature.impl.SignatureMarshaller.createSignatureElement(SignatureMarshaller.java:115)
18        at org.opensaml.xml.signature.impl.SignatureMarshaller.marshall(SignatureMarshaller.java:70)
19        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallChildElements(AbstractXMLObjectMarshaller.java:316)
20        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallInto(AbstractXMLObjectMarshaller.java:223)
21        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:129)
22        at org.opensaml.common.impl.AbstractSAMLObjectMarshaller.marshall(AbstractSAMLObjectMarshaller.java:59)
23        at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:85)
24        at com.liferay.saml.util.OpenSamlUtil.signObject(OpenSamlUtil.java:494)
25        at com.liferay.saml.metadata.MetadataGeneratorUtil.buildIdpEntityDescriptor(MetadataGeneratorUtil.java:62)
26        at com.liferay.saml.metadata.MetadataManagerImpl.getEntityDescriptor(MetadataManagerImpl.java:105)
27        ... 92 more
Mitesh S Panchal
RE: SAML Plugin class cast Exception
3 giugno 2013 7.28
Risposta

Mitesh S Panchal

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 10 dicembre 2008

Messaggi recenti

Any Update any one ???

Thanks
Mitesh
Mika Koivisto
RE: SAML Plugin class cast Exception
3 giugno 2013 14.21
Risposta

Mika Koivisto

LIFERAY STAFF

Punteggio: Liferay Legend

Messaggi: 1498

Data di Iscrizione: 7 agosto 2006

Messaggi recenti

Check your classpath. You probably have xmlsec.jar in global classloader.
Mitesh S Panchal
RE: SAML Plugin class cast Exception
5 giugno 2013 7.56
Risposta

Mitesh S Panchal

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 10 dicembre 2008

Messaggi recenti

Thanks

If i deploy saml portlet after server start then SSO works fine.
That worked out for me as a workaround for now

Thanks again!!
Mitesh
Aldo De Vleeschauwer
RE: SAML Plugin class cast Exception
7 agosto 2013 9.17
Risposta

Aldo De Vleeschauwer

Punteggio: New Member

Messaggi: 20

Data di Iscrizione: 9 marzo 2011

Messaggi recenti

Same issue here. We're using JBoss 7.1.1.

I was playing with the "jboss-deployment-structure.xml" file, trying to exclude some modules that might push xmlsec.jar and doing so I was redeploying the saml-portlet plugin so the issue seemed solved.

Turns out it was, as Mitesh stated, the redeploy that solved it.

Unfortunately this is not a workaround for us.
Aldo De Vleeschauwer
RE: SAML Plugin class cast Exception
8 agosto 2013 9.14
Risposta

Aldo De Vleeschauwer

Punteggio: New Member

Messaggi: 20

Data di Iscrizione: 9 marzo 2011

Messaggi recenti

I have found a solution for JBoss 7.1.1.

The class causing the issue is loaded using "Thread.currentThread().getContextClassLoader()".

It turns out that during startup of the JBoss server, the "Thread.currentThread().getContextClassLoader()" does not contain the application classloader but rather a classloader from another JBoss module. So the "jboss-deployment-structure.xml" did not help here, as it only influences the application classloader.

At redeploy it does work as expected, the "Thread.currentThread().getContextClassLoader()" contains the application classloader.

To fix it, I replaced the contextClassLoader in "OpenSamlBootstrap.java", bootstrap():

 1
 2        ClassLoader contextClassLoader = Thread.currentThread()
 3                .getContextClassLoader();
 4
 5        try {
 6            Thread.currentThread().setContextClassLoader(
 7                    OpenSamlBootstrap.class.getClassLoader());
 8
 9            initializeXMLSecurity();
10
11            initializeXMLTooling(_xmlToolingConfigs);
12
13            initializeArtifactBuilderFactories();
14
15            initializeGlobalSecurityConfiguration();
16
17            initializeParserPool();
18
19            initializeESAPI();
20
21        } finally {
22            Thread.currentThread().setContextClassLoader(contextClassLoader);
23        }


Now it works as expected.
Mika Koivisto
RE: SAML Plugin class cast Exception
8 agosto 2013 11.38
Risposta

Mika Koivisto

LIFERAY STAFF

Punteggio: Liferay Legend

Messaggi: 1498

Data di Iscrizione: 7 agosto 2006

Messaggi recenti

Thanks Aldo for tracking down the issue. Can you create a ticket for this? I'll our QA reproduce the issue so that we can get the fix in.
Mika Koivisto
RE: SAML Plugin class cast Exception
8 agosto 2013 15.55
Risposta

Mika Koivisto

LIFERAY STAFF

Punteggio: Liferay Legend

Messaggi: 1498

Data di Iscrizione: 7 agosto 2006

Messaggi recenti

Looks like we already knew about that issue but it got closed as no longer reproducible because it wasn't something that could be consistently reproduced. I reopened it and will use the same workaround we already use for Velocity initialization this is basically the same thing Aldo came up with. The issue is LPS-31484