-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
PLINK_2.5.2.FInal
-
None
If the namespace xenc is declared in the root element of SAML response, SP throws the following exception:
2017-05-16 17:12:24,703 ERROR [org.picketlink.common] (default task-23) Service Provider could not handle the request.: org.picketlink.common.exceptions.ProcessingException: PL00102: Processing Exception: at org.picketlink.common.DefaultPicketLinkLogger.processingError(DefaultPicketLinkLogger.java:174) at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.decryptAssertion(SAML2AuthenticationHandler.java:554) at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.handleStatusResponseType(SAML2AuthenticationHandler.java:480) at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler.handleStatusResponseType(SAML2AuthenticationHandler.java:142) at org.picketlink.identity.federation.web.process.SAMLHandlerChainProcessor.callHandlerChain(SAMLHandlerChainProcessor.java:67) at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.processHandlersChain(ServiceProviderSAMLResponseProcessor.java:106) at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.process(ServiceProviderSAMLResponseProcessor.java:88) at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.handleSAML2Response(SPFormAuthenticationMechanism.java:530) at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.handleSAMLResponse(SPFormAuthenticationMechanism.java:313) at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.authenticate(SPFormAuthenticationMechanism.java:275) at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:244) at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:230) at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:207) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: ParsingException [location=null]org.picketlink.common.exceptions.ParsingException: PL00074: Parsing Error:The prefix "xenc" for element "xenc:EncryptedData" is not bound. at org.picketlink.common.DefaultPicketLinkLogger.parserError(DefaultPicketLinkLogger.java:490) at org.picketlink.common.util.DocumentUtil.getDocument(DocumentUtil.java:217) at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.convert(SAML2Response.java:512) at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.decryptAssertion(SAML2AuthenticationHandler.java:534) ... 37 more Caused by: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 2721; The prefix "xenc" for element "xenc:EncryptedData" is not bound. at org.apache.xerces.parsers.DOMParser.parse(DOMParser.java:245) at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:298) at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:121) at org.picketlink.common.util.DocumentUtil.getDocument(DocumentUtil.java:213) ... 39 more
- clones
-
PLINK-764 SP can not parse SAML response if namespace is declared in root element
- Open