-
Bug
-
Resolution: Obsolete
-
Minor
-
None
Application Server: JBoss 5.1.0 AS
JBoss security framework: PicketLink v2.1.3.Final, picketlink-jbas5-2.1.3.Final.jar
Sample Web application deployed on JBoss as Service Provider
ADFS 2.0 as STS
I have tried to configure authentication for web application deployed in JBoss using picketlink and connecting to ADFS for SAML 2.0 token. I have done all the configurations as per the PDF document given in the URL:
"https://community.jboss.org/wiki/HowToConfigurePicketlinkOnJbossWithMicrosoftADFSV2"
I am able to get the SAML token from ADFS. I can see this through the trace. But when the SAML token response reaches the Server side, I am getting the following error:
--------------------------------------------------
19:54:20,828 ERROR [federation] Service Provider could not handle the request.
java.lang.IllegalArgumentException: PL00078: Null Parameter:privateKey
at org.picketlink.identity.federation.DefaultPicketLinkLogger.nullArgumentError(DefaultPicketLinkLogger.java:147)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.decryptAssertion(SAML2AuthenticationHandler.java:433)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.handleStatusResponseType(SAML2AuthenticationHandler.java:409)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler.handleStatusResponseType(SAML2AuthenticationHandler.java:134)
at org.picketlink.identity.federation.web.process.SAMLHandlerChainProcessor.callHandlerChain(SAMLHandlerChainProcessor.java:64)
at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.processHandlersChain(ServiceProviderSAMLResponseProcessor.java:105)
at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.process(ServiceProviderSAMLResponseProcessor.java:86)
at org.picketlink.identity.federation.bindings.tomcat.sp.AbstractSPFormAuthenticator.handleSAMLResponse(AbstractSPFormAuthenticator.java:422)
at org.picketlink.identity.federation.bindings.tomcat.sp.AbstractSPFormAuthenticator.authenticate(AbstractSPFormAuthenticator.java:298)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:662)
--------------------------------------------------
I have attached the response seen in trace for your reference.
I have done all the certificate config as per the PDF and certificate is configured in the file "picketlink-idfed.xml". Even then it is giving an error saying that "PL00078: Null Parameter:privateKey".
Can you look into this and let us know how to solve this issue..
Let me know if you need any other information.
Aravind
