我正在尝试使用此testShib连接并登录到Sp Mock IDP,问题是当我尝试登录时没有选择对authnRequest进行签名的选项时,我可以登录,但是我得到了重定向时出错。
Caused by: java.security.InvalidKeyException: Unwrapping failed
at com.sun.crypto.provider.RSACipher.engineUnwrap(RSACipher.java:445)
at javax.crypto.Cipher.unwrap(Cipher.java:2549)
at org.apache.xml.security.encryption.XMLCipher.decryptKey(XMLCipher.java:1477)
... 70 common frames omitted
Caused by: javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadOAEP(RSAPadding.java:502)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:296)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:363)
at com.sun.crypto.provider.RSACipher.engineUnwrap(RSACipher.java:440)
... 72 common frames omitted
DEBUG o.opensaml.xml.encryption.Decrypter - Attempt to decrypt EncryptedKey using credential from KEK KeyInfo resolver failed:
org.opensaml.xml.encryption.DecryptionException: Error decrypting encrypted key
ERROR o.o.saml2.encryption.Decrypter - SAML Decrypter encountered an error decrypting element content
org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData
如果我尝试使用对authnRequest进行签名的选项,则会在idp中收到错误
WARN [edu.internet2.middleware.shibboleth.idp.profile.saml2.SSOProfileHandler:406] - Message did not meet security requirements
org.opensaml.ws.security.SecurityPolicyException: Validation of protocol message signature failed
我在做错什么我是SAML的新手,所以我对此不太熟悉