Hi Megala, Enabling debug for oauth2 and sso on the server where your IDP is located you can get something what is happening when they try to log in.
log4j.logger.org.wso2.carbon.identity.oauth2=DEBUG log4j.logger.org.wso2.carbon.identity.sso.saml=DEBUG maybe you are just not validating with the right cert/key. You can verify this by looking at SAML accession. On Wed, Jun 1, 2016 at 9:35 AM, Udara Rathnayake <uda...@wso2.com> wrote: > > > On Wed, Jun 1, 2016 at 8:53 AM, Megala Uthayakumar <meg...@wso2.com> > wrote: > >> Hi All, >> >> I am trying to configure SSO in APIM 2.0.x by following [1]. Publisher >> and Store jaggery apps work as expected but when I try to login to portal >> app(Portal of Dashboard Server) using SSO, it works fine when I am logging >> in as super-tenant user but whenever I try to login in as a user from other >> tenants, it throws following error, >> >> org.opensaml.xml.validation.ValidationException: Signature did not >> validate against the credential's key >> > For the moment, shall we disable the signature validation and try? > > >> at >> org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:79) >> at >> org.jaggeryjs.modules.sso.common.util.Util.validateSignature(Util.java:290) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:606) >> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) >> at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:225) >> at org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52) >> at >> org.jaggeryjs.rhino.<sso>.scripts.c0._c_anonymous_3(<sso>/scripts/sso.client.js:57) >> at org.jaggeryjs.rhino.<sso>.scripts.c0.call(<sso>/scripts/sso.client.js) >> at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42) >> at >> org.jaggeryjs.rhino.portal.controllers.c3._c_anonymous_1(/portal/controllers/acs.jag:77) >> at >> org.jaggeryjs.rhino.portal.controllers.c3.call(/portal/controllers/acs.jag) >> at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23) >> at >> org.jaggeryjs.rhino.portal.controllers.c3._c_script_0(/portal/controllers/acs.jag:20) >> at >> org.jaggeryjs.rhino.portal.controllers.c3.call(/portal/controllers/acs.jag) >> at >> org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394) >> at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091) >> at >> org.jaggeryjs.rhino.portal.controllers.c3.call(/portal/controllers/acs.jag) >> at >> org.jaggeryjs.rhino.portal.controllers.c3.exec(/portal/controllers/acs.jag) >> at >> org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567) >> at >> org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273) >> at >> org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:587) >> at >> org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:507) >> at >> org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at >> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747) >> at >> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485) >> at >> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:377) >> at >> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337) >> at >> org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) >> at >> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) >> at >> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) >> at >> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) >> at >> org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48) >> at >> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) >> at >> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) >> at >> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) >> at >> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) >> at >> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436) >> at >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078) >> at >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) >> at >> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749) >> at >> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> at java.lang.Thread.run(Thread.java:745) >> >> When I tried the same setup in product-ds using the internal identity >> server, it works fine for both super-tenant and other tenants. >> >> What could be the possible reason for this? Any help on this is highly >> appreciated. >> >> [1] >> https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2#ConfiguringSingleSign-onwithSAML2-ConfiguringWSO2APIManagerappsasSAML2.0SSOserviceproviders >> Thanks. >> >> Regards, >> Megala >> -- >> Megala Uthayakumar >> >> Software Engineer >> Mobile : 0779967122 >> > > > > -- > Regards, > UdaraR > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Geesara Prathap Kulathunga Software Engineer WSO2 Inc; http://wso2.com Mobile : +940772684174
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
