org.opensaml.xml.validation.ValidationException:Apache xmlsec IdResolver无法解析元素以进行id引用

时间:2014-03-26 20:32:11

标签: opensaml xmlsec

我正在尝试验证SAML断言签名,但收到以下错误:

org.opensaml.xml.validation.ValidationException: Apache xmlsec IdResolver could not resolve the Element for id reference: P_ZoIp8bCaGCKuf8Tqy1EckkF4_
    at org.opensaml.security.SAMLSignatureProfileValidator.validateReferenceURI(SAMLSignatureProfileValidator.java:153)
    at org.opensaml.security.SAMLSignatureProfileValidator.validateSignatureImpl(SAMLSignatureProfileValidator.java:84)
    at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:56)
    at com.test.AssertionValidator(AssertionValidator.java:341)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)"

我正在使用OpenSAML 2.6.1,XMLSec 1.5.6和JDK7u51。 有什么方法可以摆脱这个错误吗?

1 个答案:

答案 0 :(得分:1)

使用OpenSAML解密和验证签名时的常见问题。要解决此问题,您需要在解密之前在解密器中将RootInNewDocument属性设置为true。喜欢这个

decrypter.setRootInNewDocument(true);

参考。 http://mylifewithjava.blogspot.no/2014/05/exception-apache-xmlsec-idresolver.html

相关问题
最新问题