无法找到所请求目标的有效证书路径wso2

时间:2016-05-19 05:53:40

标签: security oauth-2.0 wso2 saml

我正在运行wso2 saml SSO示例(travelocity.com),该版本与saml运行良好。但是当我在wso2is中配置oAuth并在travelocity属性文件中设置EnableSAML2Grant=true时,我收到以下错误

  

org.wso2.carbon.identity.sso.agent.exception.SSOAgentException:错误   使用SAML2授权类型检索OAuth2访问令牌时   org.wso2.carbon.identity.sso.agent.oauth2.SAML2GrantAccessTokenRequestor.getAccessToken(SAML2GrantAccessTokenRequestor.java:63)     在   org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:135)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)     在   org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)     在   org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)     在   org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)     在   org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)     在   org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)     在   org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)     在   org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)     在   org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)     在   org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)     在   org.apache.coyote.AbstractProtocol $ AbstractConnectionHandler.process(AbstractProtocol.java:625)     在   org.apache.tomcat.util.net.JIoEndpoint $ SocketProcessor.run(JIoEndpoint.java:318)     在   java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)     在   java.util.concurrent.ThreadPoolExecutor中的$ Worker.run(ThreadPoolExecutor.java:615)     在   org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)     在java.lang.Thread.run(Thread.java:745)引起:   javax.net.ssl.SSLHandshakeException:   sun.security.validator.ValidatorException:PKIX路径构建失败:   sun.security.provider.certpath.SunCertPathBuilderException:无法   找到所请求目标的有效证书路径   sun.security.ssl.Alerts.getSSLException(Alerts.java:192)at   sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1916)at at   sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)at   sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)at   sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1472)     在   sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)     在sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)at   sun.security.ssl.Handshaker.process_record(Handshaker.java:849)at   sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)at at   sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)     在   sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)     在   sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)     在   sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)     在   sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)     在   sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1093)     在   sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)     在   org.wso2.carbon.identity.sso.agent.oauth2.SAML2GrantAccessTokenRequestor.executePost(SAML2GrantAccessTokenRequestor.java:88)     在   org.wso2.carbon.identity.sso.agent.oauth2.SAML2GrantAccessTokenRequestor.getAccessToken(SAML2GrantAccessTokenRequestor.java:50)     ... 18更多引起:sun.security.validator.ValidatorException:   PKIX路径构建失败:   sun.security.provider.certpath.SunCertPathBuilderException:无法   找到所请求目标的有效证书路径   sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)     在   sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)     在sun.security.validator.Validator.validate(Validator.java:260)at   sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)     在   sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)     在   sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)     在   sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1454)     ... 31更多引起:   sun.security.provider.certpath.SunCertPathBuilderException:无法   找到所请求目标的有效证书路径   sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)     在java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)     在   sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)     ......还有37个

1 个答案:

答案 0 :(得分:0)

根据文档[1],您必须设置EnableOAuth2SAML2Grant=true以在travelocity属性文件中配置OAuth。

[1] https://docs.wso2.com/display/IS510/SAML2+Bearer+Assertion+Profile+for+OAuth+2.0+with+WSO2+Travelocity

感谢。

相关问题
最新问题