Hi, after updating my certificates, I'm getting the same error. Only thing that changed, is the private key length (new one has 4096). Could that be a problem?
Am Dienstag, 9. Oktober 2018 14:43:35 UTC+2 schrieb Oussama Benjemaa: > > Hi All , > > > I configured CAS Apereo 5.3.3 with a web application , and tried to login. > > In login , process , i get the saml2 response with the good attribute i > configured , but , i got an exception as following : > > 2018-10-09 08:25:29,503 DEBUG > [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] > > - <Signature signing reference digest methods: [[ > http://www.w3.org/2001/04/xmlenc#sha256, > http://www.w3.org/2001/04/xmldsig-more#sha384, > http://www.w3.org/2001/04/xmlenc#sha512, > http://www.w3.org/2000/09/xmldsig#sha1]]> > 2018-10-09 08:25:29,522 DEBUG > [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] > > - <Locating signature signing key file from [file > [/etc/cas/saml/idp-signing.key]]> > 2018-10-09 08:25:29,523 DEBUG > [org.apereo.cas.util.crypto.PrivateKeyFactoryBean] - <Attempting to read as > PEM [file [/etc/cas/saml/idp-signing.key]]> > 2018-10-09 08:25:29,839 DEBUG > [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] > > - <Signature signing credentials configured with [0] credentials> > 2018-10-09 08:25:29,855 DEBUG > [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] > > - <Resolving signature signing parameters for [SPSSODescriptor]> > 2018-10-09 08:25:29,858 WARN > [org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver] - > <Validation failure: Unable to resolve signing credential> > 2018-10-09 08:25:29,858 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: audit:unknown > WHAT: java.lang.NullPointerException > ACTION: SAML2_RESPONSE_FAILED > APPLICATION: CAS > WHEN: Tue Oct 09 08:25:29 EDT 2018 > CLIENT IP ADDRESS: 172.16.16.58 > SERVER IP ADDRESS: 172.16.16.63 > ============================================================= > > > > 2018-10-09 08:25:29,864 DEBUG > [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the > received exception due to a type mismatch> > java.lang.NullPointerException: null > at > org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.buildSignatureSigningParameters(SamlIdPObjectSigner.java:233) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at > org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.prepareSecurityParametersContext(SamlIdPObjectSigner.java:185) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at > org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.encode(SamlIdPObjectSigner.java:121) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_181] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_181] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > ~[?:1.8.0_181] > at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181] > at > org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) > > ~[spring-core-4.3.19.RELEASE.jar!/:4.3.19.RELEASE] > at > org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) > > ~[spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > > ~[spring-aop-4.3.19.RELEASE.jar!/:4.3.19.RELEASE] > at > org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671) > > ~[spring-aop-4.3.19.RELEASE.jar!/:4.3.19.RELEASE] > at > org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner$$EnhancerBySpringCGLIB$$41f95fb1.encode(<generated>) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at > org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:112) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at > org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:48) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at > org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder.build(BaseSamlProfileSamlResponseBuilder.java:87) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > at > org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder$$FastClassBySpringCGLIB$$f1322d9c.invoke(<generated>) > > ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] > > > is it an issue of missing key / certificate in keystore ? > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/91ce6fce-e446-496c-96a2-50006e1a77fa%40apereo.org.
