Did you find a solution to your problem because I have the same and I don't know why it does that? I have the same configuration on another servers and it works well.
Le mercredi 12 juin 2019 07:05:42 UTC-4, Robert a écrit : > > Hi, after updating my certificates, I'm getting the same error. Only thing > that changed, is the private key length (new one has 4096). Could that be a > problem? > > Am Dienstag, 9. Oktober 2018 14:43:35 UTC+2 schrieb Oussama Benjemaa: >> >> Hi All , >> >> >> I configured CAS Apereo 5.3.3 with a web application , and tried to login. >> >> In login , process , i get the saml2 response with the good attribute i >> configured , but , i got an exception as following : >> >> 2018-10-09 08:25:29,503 DEBUG >> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] >> >> - <Signature signing reference digest methods: [[ >> http://www.w3.org/2001/04/xmlenc#sha256, >> http://www.w3.org/2001/04/xmldsig-more#sha384, >> http://www.w3.org/2001/04/xmlenc#sha512, >> http://www.w3.org/2000/09/xmldsig#sha1]]> >> 2018-10-09 08:25:29,522 DEBUG >> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] >> >> - <Locating signature signing key file from [file >> [/etc/cas/saml/idp-signing.key]]> >> 2018-10-09 08:25:29,523 DEBUG >> [org.apereo.cas.util.crypto.PrivateKeyFactoryBean] - <Attempting to read as >> PEM [file [/etc/cas/saml/idp-signing.key]]> >> 2018-10-09 08:25:29,839 DEBUG >> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] >> >> - <Signature signing credentials configured with [0] credentials> >> 2018-10-09 08:25:29,855 DEBUG >> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] >> >> - <Resolving signature signing parameters for [SPSSODescriptor]> >> 2018-10-09 08:25:29,858 WARN >> [org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver] - >> <Validation failure: Unable to resolve signing credential> >> 2018-10-09 08:25:29,858 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit >> trail record BEGIN >> ============================================================= >> WHO: audit:unknown >> WHAT: java.lang.NullPointerException >> ACTION: SAML2_RESPONSE_FAILED >> APPLICATION: CAS >> WHEN: Tue Oct 09 08:25:29 EDT 2018 >> CLIENT IP ADDRESS: 172.16.16.58 >> SERVER IP ADDRESS: 172.16.16.63 >> ============================================================= >> >> > >> 2018-10-09 08:25:29,864 DEBUG >> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the >> received exception due to a type mismatch> >> java.lang.NullPointerException: null >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.buildSignatureSigningParameters(SamlIdPObjectSigner.java:233) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.prepareSecurityParametersContext(SamlIdPObjectSigner.java:185) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.encode(SamlIdPObjectSigner.java:121) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_181] >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_181] >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_181] >> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181] >> at >> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) >> >> ~[spring-core-4.3.19.RELEASE.jar!/:4.3.19.RELEASE] >> at >> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) >> >> ~[spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE] >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> >> ~[spring-aop-4.3.19.RELEASE.jar!/:4.3.19.RELEASE] >> at >> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671) >> >> ~[spring-aop-4.3.19.RELEASE.jar!/:4.3.19.RELEASE] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner$$EnhancerBySpringCGLIB$$41f95fb1.encode(<generated>) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:112) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:48) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder.build(BaseSamlProfileSamlResponseBuilder.java:87) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> at >> org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder$$FastClassBySpringCGLIB$$f1322d9c.invoke(<generated>) >> >> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3] >> >> >> is it an issue of missing key / certificate in keystore ? >> > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/9963e91d-3381-4282-9eac-d6e370acab8f%40apereo.org.
