Details

      Description

      19:27:02,528 ERROR [http-bio-8080-exec-86][status_jsp:668] com.liferay.saml.SamlException: org.opensaml.ws.security.SecurityPolicyException: Error during trust engine evaluation of the simple signature
      com.liferay.saml.SamlException: org.opensaml.ws.security.SecurityPolicyException: Error during trust engine evaluation of the simple signature
      	at com.liferay.saml.profile.WebSsoProfileImpl.processAuthnRequest(WebSsoProfileImpl.java:132)
      	at com.liferay.saml.profile.WebSsoProfileUtil.processAuthnRequest(WebSsoProfileUtil.java:36)
      	at com.liferay.saml.hook.action.WebSsoAction.execute(WebSsoAction.java:40)
      	at com.liferay.portal.kernel.struts.BaseStrutsAction.execute(BaseStrutsAction.java:39)
      	at sun.reflect.GeneratedMethodAccessor933.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
      	at com.sun.proxy.$Proxy955.execute(Unknown Source)
      	at com.liferay.portal.struts.ActionAdapter.execute(ActionAdapter.java:50)
      	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
      	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
      	at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:175)
      	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
      	at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
      	at com.liferay.portal.servlet.MainServlet.callParentService(MainServlet.java:547)
      	at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:524)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      	at org.apache.catalina.filters.RequestDumperFilter.doFilter(RequestDumperFilter.java:203)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:73)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.servlet.filters.strip.StripFilter.processFilter(StripFilter.java:358)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.servlet.filters.gzip.GZipFilter.processFilter(GZipFilter.java:123)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.servlet.filters.secure.SecureFilter.processFilter(SecureFilter.java:293)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.servlet.filters.jsoncontenttype.JSONContentTypeFilter.processFilter(JSONContentTypeFilter.java:42)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.servlet.filters.sso.ntlm.NtlmPostFilter.processFilter(NtlmPostFilter.java:83)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:88)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:169)
      	at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:193)
      	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:59)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:109)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:117)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
      	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilter.doFilter(InvokerFilter.java:81)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
      	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
      	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
      	at java.lang.Thread.run(Thread.java:680)
      Caused by: org.opensaml.ws.security.SecurityPolicyException: Error during trust engine evaluation of the simple signature
      	at org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule.validateSignature(BaseSAMLSimpleSignatureSecurityPolicyRule.java:210)
      	at org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule.doEvaluate(BaseSAMLSimpleSignatureSecurityPolicyRule.java:129)
      	at org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule.evaluate(BaseSAMLSimpleSignatureSecurityPolicyRule.java:103)
      	at org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51)
      	at org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132)
      	at org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83)
      	at org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70)
      	at com.liferay.saml.profile.BaseProfile.decodeSamlMessage(BaseProfile.java:75)
      	at com.liferay.saml.profile.WebSsoProfileImpl.decodeAuthnRequest(WebSsoProfileImpl.java:290)
      	at com.liferay.saml.profile.WebSsoProfileImpl.doProcessAuthnRequest(WebSsoProfileImpl.java:320)
      	at com.liferay.saml.profile.WebSsoProfileImpl.processAuthnRequest(WebSsoProfileImpl.java:122)
      	... 97 more
      Caused by: org.opensaml.xml.security.SecurityException: Error extracting certificates from X509Data
      	at org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider.extractCertificates(InlineX509DataProvider.java:195)
      	at org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider.process(InlineX509DataProvider.java:126)
      	at org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver.processKeyInfoChild(BasicProviderKeyInfoCredentialResolver.java:300)
      	at org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver.processKeyInfoChildren(BasicProviderKeyInfoCredentialResolver.java:256)
      	at org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver.processKeyInfo(BasicProviderKeyInfoCredentialResolver.java:190)
      	at org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver.resolveFromSource(BasicProviderKeyInfoCredentialResolver.java:149)
      	at org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver.resolve(AbstractCriteriaFilteringCredentialResolver.java:57)
      	at org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver.resolve(AbstractCriteriaFilteringCredentialResolver.java:37)
      	at org.opensaml.security.MetadataCredentialResolver.retrieveFromMetadata(MetadataCredentialResolver.java:275)
      	at org.opensaml.security.MetadataCredentialResolver.resolveFromSource(MetadataCredentialResolver.java:178)
      	at org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver.resolve(AbstractCriteriaFilteringCredentialResolver.java:57)
      	at org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver.resolve(AbstractCriteriaFilteringCredentialResolver.java:37)
      	at org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine.validate(ExplicitKeySignatureTrustEngine.java:135)
      	at org.opensaml.xml.signature.impl.ChainingSignatureTrustEngine.validate(ChainingSignatureTrustEngine.java:80)
      	at org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule.validateSignature(BaseSAMLSimpleSignatureSecurityPolicyRule.java:191)
      	... 107 more
      Caused by: java.security.cert.CertificateException: Unable to decode X.509 certificates
      	at org.opensaml.xml.security.x509.X509Util.decodeCertificate(X509Util.java:354)
      	at org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificate(KeyInfoHelper.java:201)
      	at org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(KeyInfoHelper.java:176)
      	at org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider.extractCertificates(InlineX509DataProvider.java:192)
      	... 121 more
      Caused by: java.security.KeyStoreException: failed to extract any certificates or private keys - maybe bad password?
      	at org.apache.commons.ssl.KeyStoreBuilder.parse(KeyStoreBuilder.java:443)
      	at org.apache.commons.ssl.TrustMaterial.<init>(TrustMaterial.java:213)
      	at org.apache.commons.ssl.TrustMaterial.<init>(TrustMaterial.java:165)
      	at org.opensaml.xml.security.x509.X509Util.decodeCertificate(X509Util.java:351)
      	... 124 more
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                justin.choi Justin Choi
                Reporter:
                mika.koivisto Mika Koivisto
                Participants of an Issue:
                Recent user:
                Esther Sanz
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  6 years, 17 weeks, 2 days ago

                  Packages

                  Version Package
                  6.1.2 CE GA3
                  6.1.30 EE GA3
                  6.2.0 CE B1