-
Type:
Bug
-
Status: Open (View Workflow)
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: PLINK_2.1.3
-
Fix Version/s: None
-
Component/s: SAML
-
Labels:None
-
Environment:
JBoss AS 7.1.1.Final, Picketlink 2.1.3.Final subsystem and federation, Java 7u5, picketlink quickstarts
-
Bugzilla References:
-
Bugzilla Update:Perform
The SAMLConfigParser class used by the MetadataServlet cannot read picketlink.xml. It looks as if it was only ever designed to read the deprecated picketlink-idfed.xml and picketlink-handlers.xml formats. The first StartElement read from the file is <PicketLink/>, which should be validated then discarded. Instead, it is taken and tested for either <PicketLinkSP/> or <PicketLinkIDP/> then handed off unconditionally to read for <Handlers/>, and the following exception is thrown:
The exception reported is:
|
|
12:48:06,041 ERROR [org.picketlink.identity.federation.web.servlets.saml.MetadataServlet] (http--127.0.0.1-8080-1) Exception in starting servlet:: java.lang.RuntimeException: PLFED000060: Parser : Expected start tag: Handlers ::Found <PicketLink>
|
at org.picketlink.identity.federation.PicketLinkLoggerImpl.parserExpectedTag(PicketLinkLoggerImpl.java:281) [picketlink-jbas7-2.1.3.Final.jar:2.1.3.Final]
|
at org.picketlink.identity.federation.core.parsers.util.StaxParserUtil.validate(StaxParserUtil.java:414) [picketlink-core-2.1.3.Final.jar:2.1.3.Final]
|
at org.picketlink.identity.federation.core.parsers.config.SAMLConfigParser.parseHandlers(SAMLConfigParser.java:135) [picketlink-core-2.1.3.Final.jar:2.1.3.Final]
|
at org.picketlink.identity.federation.core.parsers.config.SAMLConfigParser.parse(SAMLConfigParser.java:124) [picketlink-core-2.1.3.Final.jar:2.1.3.Final]
|
at org.picketlink.identity.federation.core.parsers.AbstractParser.parse(AbstractParser.java:86) [picketlink-core-2.1.3.Final.jar:2.1.3.Final]
|
at org.picketlink.identity.federation.web.util.ConfigurationUtil.getIDPConfiguration(ConfigurationUtil.java:66) [picketlink-core-2.1.3.Final.jar:2.1.3.Final]
|
at org.picketlink.identity.federation.web.servlets.saml.MetadataServlet.init(MetadataServlet.java:113) [picketlink-core-2.1.3.Final.jar:2.1.3.Final]
|
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1202) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:952) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:188) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:489) [jbossweb-7.0.13.Final.jar:]
|
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
|
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
|
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
|
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_05]
|
The following addition to the sales-post quickstart web.xml file will cause the error:
<web-app> |
...
|
<servlet> |
<servlet-name>Metadata Servlet</servlet-name> |
<servlet-class>org.picketlink.identity.federation.web.servlets.saml.MetadataServlet</servlet-class> |
</servlet> |
|
<servlet-mapping> |
<servlet-name>Metadata Servlet</servlet-name> |
<url-pattern>/metadata</url-pattern> |
</servlet-mapping> |
|
<security-constraint> |
<web-resource-collection> |
<web-resource-name>Metadata</web-resource-name> |
<url-pattern>/metadata</url-pattern> |
</web-resource-collection> |
</security-constraint> |
...
|
</web-app> |
