[OpenSAML] Bootstrap Initialization Error

1,189 views
Skip to first unread message

lakshmi.na...@gmail.com

unread,
Oct 27, 2009, 2:03:03 PM10/27/09
to mace-open...@internet2.edu
Hi,

I'm trying to parse a SAML token and while initializing bootstrap(DefaultBootstrap.bootstrap();), I'm encountering the error message pasted below. I'm using xalan-2.7.0.jar in my classpath. I tried using xalan-2.6.0.jar too but was getting the same error message. Any suggestions would be gratefully received.

java.lang.NoSuchMethodError: org.apache.xpath.compiler.FunctionTable.installFunction(Ljava/lang/String;Lorg/apache/xpath/Expression;)I
org.apache.xml.security.Init.init(Init.java:215)
org.opensaml.DefaultBootstrap.initializeXMLSecurity(DefaultBootstrap.java:97)
org.opensaml.DefaultBootstrap.bootstrap(DefaultBootstrap.java:71)
org.apache.jsp.service_005fprovider_jsp._jspService(service_005fprovider_jsp.java:121)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

Thanks,
Laks.

Paul Hethmon

unread,
Oct 27, 2009, 2:18:49 PM10/27/09
to OpenSAML List
Do you have xalan/xerces endorsed for your web container?


On 10/27/09 2:03 PM, "lakshmi.na...@gmail.com"
<lakshmi.na...@gmail.com> wrote:

-----
Paul Hethmon
Chief Software Architect
Clareity Security, LLC
865.824.1350 - office
865.250.3517 - mobile
www.clareitysecurity.com
-----

God does not play dice with the universe; He plays an ineffable game of his
own devising, which might be compared, from the perspective of any of the
other players, to being involved in an obscure and complex version of poker
in a pitch dark room, with blank cards, for infinite stakes, with a dealer
who won't tell you the rules, and who smiles all the time.

-- Terry Pratchett, Good Omens


lakshmi narasimhan

unread,
Oct 27, 2009, 7:05:52 PM10/27/09
to mace-open...@internet2.edu

Hello,

Thanks for the swift response. Yes, I have the jar files for xalan and xerces in the directory tomcat/common/endorsed. Please advise.

Thanks,
Laks.

Chad La Joie

unread,
Oct 28, 2009, 12:03:51 AM10/28/09
to mace-open...@internet2.edu
This comes from having an older version of Xalan or Xerces on your
classpath somewhere. You'll need to examine your classpath and make
sure that you have only one version, and that that version is up to date.

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad....@switch.ch, http://www.switch.ch

lakshmi narasimhan

unread,
Oct 28, 2009, 10:26:51 AM10/28/09
to mace-open...@internet2.edu
Hi,
 
I'm able to get over the bootstrap initialization problem. However, when I try to parse the Base64-decoded SAML, the document object is coming up as null. Here's the code snippet which I'm using for this purpose:
 
String samlResponseB64Str = (String)session.getAttribute("samlToken"); 
 DefaultBootstrap.bootstrap();      
   
    // Decodage URL encoding with Base64
    String samlResponseStr = new String(Base64.decode(samlResponseB64Str),"UTF-8");
    out.println("<br/> Base64 decode of SAML: "+samlResponseStr);
  
 // Get parser pool manager
    BasicParserPool pp = new BasicParserPool();
    pp.setNamespaceAware(true);
       
 Document doc = pp.parse(new StringReader(samlResponseStr)); 
 out.println("Document is: "+doc); 
 
Any thoughts please?
 
Thanks,
Laks.

Paul Hethmon

unread,
Oct 28, 2009, 10:33:28 AM10/28/09
to OpenSAML List
Are you sure you are getting the right input value? You haven’t said exactly what you’re doing here, but if you’re doing the browser SSO profile, then the SAML Response would not normally be there as an attribute, but as a parameter. It’s also not known as “samlToken”.



On 10/28/09 10:26 AM, "lakshmi narasimhan" <lakshmi.na...@googlemail.com> wrote:

I'm able to get over the bootstrap initialization problem. However, when I try to parse the Base64-decoded SAML, the document object is coming up as null. Here's the code snippet which I'm using for this purpose:
 
String samlResponseB64Str = (String)session.getAttribute("samlToken"); 

lakshmi narasimhan

unread,
Oct 28, 2009, 11:09:03 AM10/28/09
to mace-open...@internet2.edu
Hi,
 
Thanks for responding. I'm sending the SAML in a servlet session and then capturing it in a JSP for subsequent processing. I'm also making sure that the input to the Parser is indeed a base64 decoded version of the SAML. I'm printing this Base64 decoded content before sending it to the Parser and it is displaying the correct SAML file. However, I noticed one thing - when the decoded version of the SAML is printed, it looks like the following:
 
P4kmLHVSzGE/t+/1k6E26ZB41bk=bUE1XNW1o6Mjh8sTGzGUG0lk3ANnExHkcdpK4Z7LWher56y0ualJWFLTXtbRKFbSpBjA.......
 
But when I right click and do a 'view source' on this page, it is displaying the decoded SAML content properly(the original content of the SAML)

Please let me know where I could be going wrong. I'm not able to get the document object as a result of parsing. The parsing process doesn't also throw any exceptions/error messages.
 
Thanks,
Laks.

Xavier Drudis Ferran

unread,
Oct 28, 2009, 11:13:08 AM10/28/09
to mace-open...@internet2.edu
On Wed, Oct 28, 2009 at 03:09:03PM +0000, lakshmi narasimhan wrote:

> I noticed one thing - when the
> decoded version of the SAML is printed, it looks like the following:
>
> P4kmLHVSzGE/t+/1k6E26ZB41bk=bUE1XNW1o6Mjh8sTGzGUG0lk3ANnExHkcdpK4Z7LWher56y0ualJWFLTXtbRKFbSpBjA.......
>
> But when I right click and do a 'view source' on this page, it is displaying
> the decoded SAML content properly(the original content of the SAML)
>


Sounds like you think you have the token encoded in Base 64 when you
really don't and then you decode it anyway and get garbage that you
feed to the parser. But I don't really know.

--
Xavi Drudis Ferran
xdr...@ambarinformatica.com

Chad La Joie

unread,
Oct 28, 2009, 12:09:07 PM10/28/09
to mace-open...@internet2.edu
Are you getting exceptions of some kind? I don't see any try/catch
there but most of those methods throw exceptions.

lakshmi narasimhan

unread,
Oct 28, 2009, 1:07:16 PM10/28/09
to mace-open...@internet2.edu
Hello,

I've a catch for XMLParsing but unfortunately am not getting any
exception to help me diagnose where it is failing exactly. Could
someone please share a sample 'valid' SAML file, so I can use that and
test my code? I just want to make sure that my SAML assertion doesn't
have anything weird(Even if there is any problem with the SAML, I
believe an XML Parsing exception would be thrown anyways) that could
prevent the Document object from getting created successfully. For
your reference, here's my JSP code:

=================================================================
<%@page import="java.io.StringReader"%>
<%@page import="java.io.UnsupportedEncodingException"%>

<%@page import="org.opensaml.saml2.core.Response"%>
<%@page import="org.opensaml.xml.util.Base64"%>
<%@page import="org.opensaml.xml.parse.BasicParserPool"%>
<%@page import="org.opensaml.xml.io.UnmarshallingException"%>
<%@page import="org.opensaml.xml.parse.XMLParserException" %>
<%@page import="org.opensaml.xml.io.UnmarshallerFactory" %>
<%@page import="org.opensaml.xml.io.Unmarshaller"%>
<%@page import="org.opensaml.Configuration"%>
<%@page import="org.opensaml.DefaultBootstrap"%>
<%@page import="util.Base64Coder"%>
<%@page import="org.w3c.dom.Document"%>
<%@page import="org.w3c.dom.Element"%>
<%@page import="java.io.InputStream"%>
<%@page import="java.io.ByteArrayInputStream"%>
<%@page import="javax.xml.parsers.DocumentBuilderFactory"%>

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>

<%
Response samlResponse = null;

String samlResponseB64Str = (String)request.getParameter("samlResponse");
Document doc;

try{
DefaultBootstrap.bootstrap();

// Base64 Decode


String samlResponseStr = new
String(Base64.decode(samlResponseB64Str),"UTF-8");

BasicParserPool pp = new BasicParserPool();
pp.setNamespaceAware(true);

doc = pp.parse(new StringReader(samlResponseStr));
out.println("<br/> <br/> Document is: "+doc);

//Element responseRoot = doc.getDocumentElement();

//UnmarshallerFactory unmfactory = Configuration.getUnmarshallerFactory();
//Unmarshaller unm = v.getUnmarshaller(responseRoot);

//samlResponse = (Response) unm.unmarshall(responseRoot);

}catch (UnmarshallingException ex){
ex.printStackTrace();
}
catch (XMLParserException ex){
ex.printStackTrace();
}
catch (UnsupportedEncodingException ex){
ex.printStackTrace();
}
%>
===================================================================

Would appreciate any suggestion to overcome this.

Cheers!
Laks.

Reply all
Reply to author
Forward
0 new messages