Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-74565

SAML ClassCastException caused by bundled Xerces during SSO

    Details

      Description

      Steps to reproduce:

      1. Redeploy saml-opensaml-integration to the SP
      2. Attempt a SP initiated login before metadata action on the SP is requested. You may need to be quick before the IdP will invoke this URL periodically

       Expected result: User is redirected to the IdP to complete the login process

       Actual result: Blank page is rendered in the browser and the following stacktrace is logged.

      Caused by: java.lang.ClassCastException: org.apache.xerces.parsers.XIncludeAwareParserConfiguration cannot be cast to org.apache.xerces.xni.parser.XMLParserConfiguration
      	at org.apache.xerces.parsers.DOMParser.<init>(Unknown Source)
      	at org.apache.xerces.parsers.DOMParser.<init>(Unknown Source)
      	at org.apache.xerces.jaxp.DocumentBuilderImpl.<init>(Unknown Source)
      	at org.apache.xerces.jaxp.DocumentBuilderFactoryImpl.newDocumentBuilder(Unknown Source)
      	at org.opensaml.xml.parse.BasicParserPool.createBuilder(BasicParserPool.java:584)
      	at org.opensaml.xml.parse.BasicParserPool.getBuilder(BasicParserPool.java:163)
      	at org.opensaml.xml.parse.BasicParserPool.newDocument(BasicParserPool.java:208)
      	at org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:84)
      	at com.liferay.saml.opensaml.integration.internal.util.OpenSamlUtil.signObject(OpenSamlUtil.java:807)
      	at com.liferay.saml.opensaml.integration.internal.metadata.MetadataGeneratorUtil.buildSpEntityDescriptor(MetadataGeneratorUtil.java:160)
      	at com.liferay.saml.opensaml.integration.internal.metadata.MetadataManagerImpl.getEntityDescriptor(MetadataManagerImpl.java:176)
      

      P.S. Once the SP metadata has been requested the issue is not reproducible. This is likely due to the Metadata action setting the TCCL classloader correctly when carrying out activity that shares state with the login process (See LPS-71493 and related change).

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  2 years, 10 weeks, 5 days ago

                  Packages

                  Version Package
                  7.0.X
                  7.1.X
                  7.2.X
                  Master