Hi,
This is the error now.
[2013-07-16 10:26:50,880] WARN
{org.apache.xml.security.signature.XMLSignature} - Signature verification
failed.
org.opensaml.xml.validation.ValidationException: Signature did not validate
against the credential's key
at
org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:78)
at
org.wso2.carbon.hostobjects.sso.internal.util.Util.validateSignature(Util.java:255)
at
org.wso2.carbon.hostobjects.sso.SAMLSSORelyingPartyObject.jsFunction_validateSignature(SAMLSSORelyingPartyObject.java:120)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
at
org.jaggeryjs.rhino.appmgt.jagg.c3._c_anonymous_1(/appmgt/jagg/jaggery_acs.jag:33)
at org.jaggeryjs.rhino.appmgt.jagg.c3.call(/appmgt/jagg/jaggery_acs.jag)
at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
at
org.jaggeryjs.rhino.appmgt.jagg.c3._c_script_0(/appmgt/jagg/jaggery_acs.jag:5)
at org.jaggeryjs.rhino.appmgt.jagg.c3.call(/appmgt/jagg/jaggery_acs.jag)
at
org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
at
org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
at org.jaggeryjs.rhino.appmgt.jagg.c3.call(/appmgt/jagg/jaggery_acs.jag)
at org.jaggeryjs.rhino.appmgt.jagg.c3.exec(/appmgt/jagg/jaggery_acs.jag)
at
org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:577)
at
org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:280)
at
org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:377)
at
org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:379)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339)
at
org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:177)
at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:161)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
[2013-07-16 10:26:50,881] ERROR {JAGGERY.jagg.jaggery_acs:jag} - SAML
response signature is verification failed.
^C[2013-07-16 10:36:11,316] INFO
{org.wso2.carbon.core.init.CarbonServerManager} - Shutdown hook tri
thanks,
dimuthu
On Sat, Jul 13, 2013 at 10:11 AM, Dimuthu Leelarathne <[email protected]>wrote:
>
>
>
> On Sat, Jul 13, 2013 at 12:29 AM, Manjula Rathnayake <[email protected]>wrote:
>
>> Hi Dimuthu,
>>
>> Just to understand the scenario,
>> 1. Is it the normal AF deployment and you are trying to login to AF
>> appmgt app?
>>
>
> yes to both. My tenant can successfully login to the carbon console of AF
> now. :) But that is not SSO.
>
>
>> 2. Have we updated Identity features recently?
>>
>
> No
>
>
>> 3. Have we configured other carbon servers as service providers in AF
>> setup, currently, only the appmgt, publisher and store are the service
>> providers
>>
>
> Nothing is changed. Same setup.
>
> thanks,
> dimuthu
>
>
>>
>> Regarding the above issue, domain2 is the tenant(or application name)
>> and Identity server looks for default jks of tenant(AFAIR this is created
>> at tenant creation time) not the super tenant one. I can not figure out
>> such a scenario we use tenancy jks.
>>
>> thank you.
>>
>>
>> On Fri, Jul 12, 2013 at 7:00 AM, Dimuthu Leelarathne
>> <[email protected]>wrote:
>>
>>> Hi,
>>>
>>> I am trying to login to appmgt with of AF with SSO, as a tenant and
>>> getting the following exception. Any pointers on where I should look at?
>>>
>>> [2013-07-12 19:27:39,534] ERROR
>>> {org.wso2.carbon.identity.sso.saml.processors.AuthnRequestProcessor} -
>>> Error processing the authentication request
>>> org.wso2.carbon.identity.base.IdentityException: Key Store with a name :
>>> domain2.jks does not exist.
>>> at
>>> org.wso2.carbon.identity.sso.saml.builders.SignKeyDataHolder.<init>(SignKeyDataHolder.java:135)
>>> at
>>> org.wso2.carbon.identity.sso.saml.builders.ResponseBuilder.buildResponse(ResponseBuilder.java:96)
>>> at
>>> org.wso2.carbon.identity.sso.saml.processors.AuthnRequestProcessor.process(AuthnRequestProcessor.java:154)
>>> at
>>> org.wso2.carbon.identity.sso.saml.SAMLSSOService.authenticate(SAMLSSOService.java:113)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>>> at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>>> at java.lang.reflect.Method.invoke(Method.java:597)
>>> at
>>> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
>>> at
>>> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
>>> at
>>> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
>>> at
>>> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
>>> at
>>> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:169)
>>> at
>>> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
>>> at
>>> org.wso2.carbon.core.transports.local.CarbonLocalTransportSender.finalizeSendWithToAddress(CarbonLocalTransportSender.java:45)
>>> at
>>> org.apache.axis2.transport.local.LocalTransportSender.invoke(LocalTransportSender.java:77)
>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>>> at
>>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:398)
>>> at
>>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:224)
>>> at
>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
>>> at
>>> org.wso2.carbon.identity.sso.saml.stub.IdentitySAMLSSOServiceStub.authenticate(IdentitySAMLSSOServiceStub.java:783)
>>> at
>>> org.wso2.carbon.identity.sso.saml.ui.client.SAMLSSOServiceClient.authenticate(SAMLSSOServiceClient.java:81)
>>> at
>>> org.wso2.carbon.identity.sso.saml.ui.SAMLSSOProvider.handleRequestFromLoginPage(SAMLSSOProvider.java:323)
>>> at
>>> org.wso2.carbon.identity.sso.saml.ui.SAMLSSOProvider.doPost(SAMLSSOProvider.java:131)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
>>> at
>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>> at
>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
>>> at
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:177)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:161)
>>> at
>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
>>> at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
>>> at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
>>> at
>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
>>> at
>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
>>> at
>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
>>> at
>>> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
>>> at
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
>>> at java.lang.Thread.run(Thread.java:662)
>>> Caused by: java.lang.SecurityException: Key Store with a name :
>>> domain2.jks does not exist.
>>> at
>>> org.wso2.carbon.core.util.KeyStoreManager.getKeyStore(KeyStoreManager.java:156)
>>> at
>>> org.wso2.carbon.identity.sso.saml.builders.SignKeyDataHolder.<init>(SignKeyDataHolder.java:90)
>>> ... 53 more
>>>
>>> thanks in advance,
>>> dimuthu
>>>
>>> --
>>> Dimuthu Leelarathne
>>> Architect & Product Lead of App Factory
>>>
>>> WSO2, Inc. (http://wso2.com)
>>> email: [email protected]
>>> Mobile : 0773661935
>>>
>>> Lean . Enterprise . Middleware
>>>
>>
>>
>>
>> --
>> Manjula Rathnayaka
>> Software Engineer
>> WSO2, Inc.
>> Mobile:+94 77 743 1987
>>
>
>
>
> --
> Dimuthu Leelarathne
> Architect & Product Lead of App Factory
>
> WSO2, Inc. (http://wso2.com)
> email: [email protected]
> Mobile : 0773661935
>
> Lean . Enterprise . Middleware
>
--
Dimuthu Leelarathne
Architect & Product Lead of App Factory
WSO2, Inc. (http://wso2.com)
email: [email protected]
Mobile : 0773661935
Lean . Enterprise . Middleware
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
