CAS 5.1 SAML IdP And SP. it can't resolve metadata of SP

1,309 views
Skip to first unread message

Marco Osorio

unread,
Jun 15, 2017, 6:49:26 AM6/15/17
to CAS Community
Hello everyone,

I have managed to configure, I create cas 5.1 as IdP and create the files correctly, I think, I am not an expert on SAML, it is my first time :).
Regarding the configuration for petadatas is where I am generating errors and I do not know how to solve them.

All the configuration is standalone. If I put this value cas.samlMetadataUi.resources=file://c:/etc/cas/saml/sp/:: the message trace is: 

2017-06-15 12:31:54,760 DEBUG [org.opensaml.core.xml.config.XMLObjectProviderRegistry] - <Registering new builder, marshaller, and unmarshaller for {http://www.w3.org/2009/xmlenc11#}MGF>
2017-06-15 12:31:54,760 DEBUG [org.opensaml.core.xml.XMLObjectBuilderFactory] - <Registering builder org.opensaml.xmlsec.encryption.impl.MGFBuilder under key {http://www.w3.org/2009/xmlenc11#}MGF>
2017-06-15 12:31:54,760 DEBUG [org.opensaml.core.xml.io.MarshallerFactory] - <Registering marshaller, org.opensaml.xmlsec.encryption.impl.MGFMarshaller, for object type {http://www.w3.org/2009/xmlenc11#}MGF>
2017-06-15 12:31:54,760 DEBUG [org.opensaml.core.xml.io.UnmarshallerFactory] - <Registering unmarshaller, org.opensaml.xmlsec.encryption.impl.MGFUnmarshaller, for object type, {http://www.w3.org/2009/xmlenc11#}MGF>
2017-06-15 12:31:54,760 DEBUG [org.opensaml.core.xml.config.XMLConfigurator] - <{http://www.w3.org/2009/xmlenc11#}MGF intialized and configuration cached>
2017-06-15 12:31:54,760 DEBUG [org.opensaml.core.xml.config.XMLConfigurator] - <ObjectProviders load complete>
2017-06-15 12:31:54,763 DEBUG [org.opensaml.core.config.InitializationService] - <Initializing module initializer implementation: org.opensaml.xmlsec.config.ApacheXMLSecurityInitializer>
2017-06-15 12:31:54,763 DEBUG [org.opensaml.xmlsec.config.ApacheXMLSecurityInitializer] - <Apache XMLSecurity library was already initialized, skipping...>
2017-06-15 12:31:54,764 DEBUG [org.opensaml.core.config.InitializationService] - <Initializing module initializer implementation: org.opensaml.xmlsec.config.GlobalSecurityConfigurationInitializer>
2017-06-15 12:31:54,806 DEBUG [org.apereo.cas.support.saml.OpenSamlConfigBean] - <Initialized OpenSaml successfully.>
2017-06-15 12:31:55,541 INFO [org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService] - <Metadata directory location is at [URL [file://c:/etc/cas/saml/idp]] with entityID [https://cas.psoplaneta.com:8443/cas/idp]>
2017-06-15 12:31:55,541 DEBUG [org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService] - <Preparing to generate metadata for entityId [https://cas.psoplaneta.com:8443/cas/idp]>
2017-06-15 12:31:55,541 INFO [org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService] - <Metadata is available at [c:\etc\cas\saml\idp\idp-metadata.xml]>
2017-06-15 12:31:55,639 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Beginning refresh of metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,655 DEBUG [org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Resource file [c:\etc\cas\saml\idp\idp-metadata.xml] was last modified 2017-06-15T10:01:54.311+02:00>
2017-06-15 12:31:55,680 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Processing new metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,680 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Unmarshalling metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,719 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Preprocessing metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,719 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Releasing cached DOM for metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,720 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Post-processing metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,720 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Computing expiration time for metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,720 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Expiration of metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]' will occur at 2017-06-15T14:31:55.639Z>
2017-06-15 12:31:55,720 INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: New metadata successfully loaded for 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-15 12:31:55,720 INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Next refresh cycle for metadata provider 'file [c:\etc\cas\saml\idp\idp-metadata.xml]' will occur on '2017-06-15T13:31:55.659Z' ('2017-06-15T15:31:55.659+02:00' local time)>
2017-06-15 12:31:56,129 DEBUG [org.apereo.cas.logout.config.CasCoreLogoutConfiguration] - <Configuring logout execution plan [CasCoreLogoutConfiguration]>
2017-06-15 12:32:05,795 WARN [org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration] - <Skipping metadata [file://c:/etc/cas/saml/sp/]; Either the resource cannot be retrieved or its signing key is missing>
2017-06-15 12:32:05,796 DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Building metadata resolver aggregate>
2017-06-15 12:32:05,801 INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Collected metadata from [0] resolvers(s). Initializing aggregate resolver...>
2017-06-15 12:32:05,802 INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Metadata aggregate initialized successfully.>
2017-06-15 12:32:05,808 WARN [org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration] - <Skipping metadata [file://c:/etc/cas/saml/sp/]; Either the resource cannot be retrieved or its signing key is missing>



If I put this other value cas.samlMetadataUi.resources=file:///c:/etc/cas/saml/sp/:: the message trace is

2017-06-15 12:08:30,625 INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Next refresh cycle for metadata provider 'file [c:\etc\cas\saml\idp\idp-metadata.xml]' will occur on '2017-06-15T13:08:30.561Z' ('2017-06-15T15:08:30.561+02:00' local time)>
2017-06-15 12:08:31,052 DEBUG [org.apereo.cas.logout.config.CasCoreLogoutConfiguration] - <Configuring logout execution plan [CasCoreLogoutConfiguration]>
2017-06-15 12:08:31,613 DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Building metadata resolver aggregate>
2017-06-15 12:08:31,616 DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Loading []>
2017-06-15 12:08:31,617 DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Evaluating metadata resource []>
2017-06-15 12:08:31,617 DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Locating metadata resource from input stream.>
2017-06-15 12:08:31,618 WARN [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Could not retrieve input stream from resource. Moving on...>
java.io.FileNotFoundException: Resource does not exist or is unreadable
at org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter.getResourceInputStream(AbstractMetadataResolverAdapter.java:88) ~[cas-server-support-saml-mdui-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter.loadMetadataFromResource(AbstractMetadataResolverAdapter.java:158) ~[cas-server-support-saml-mdui-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter.lambda$buildMetadataResolverAggregate$0(AbstractMetadataResolverAdapter.java:131) ~[cas-server-support-saml-mdui-core-5.1.0.jar:5.1.0]
at java.util.HashMap$EntrySet.forEach(HashMap.java:1035) ~[?:1.8.0_71]
at org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter.buildMetadataResolverAggregate(AbstractMetadataResolverAdapter.java:128) ~[cas-server-support-saml-mdui-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter.buildMetadataResolverAggregate(AbstractMetadataResolverAdapter.java:111) ~[cas-server-support-saml-mdui-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.StaticMetadataResolverAdapter.buildMetadataResolverAggregate(StaticMetadataResolverAdapter.java:37) ~[cas-server-support-saml-mdui-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.getStaticMetadataResolverAdapter(SamlMetadataUIConfiguration.java:161) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.chainingSamlMetadataUIMetadataResolverAdapter(SamlMetadataUIConfiguration.java:102) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.CGLIB$chainingSamlMetadataUIMetadataResolverAdapter$2(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6$$FastClassBySpringCGLIB$$8510edfa.invoke(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.chainingSamlMetadataUIMetadataResolverAdapter(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_71]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_71]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_71]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_71]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.chainingSamlMetadataUIMetadataResolverAdapter(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.samlMetadataUIParserAction(SamlMetadataUIConfiguration.java:95) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.CGLIB$samlMetadataUIParserAction$0(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6$$FastClassBySpringCGLIB$$8510edfa.invoke(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.samlMetadataUIParserAction(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_71]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_71]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_71]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_71]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.samlMetadataUIParserAction(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.samlMetadataUIWebConfigurer(SamlMetadataUIConfiguration.java:87) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.CGLIB$samlMetadataUIWebConfigurer$1(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6$$FastClassBySpringCGLIB$$8510edfa.invoke(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$77a5ef6.samlMetadataUIWebConfigurer(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_71]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_71]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_71]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_71]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:866) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:542) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:737) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:370) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:314) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.boot.web.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:151) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.boot.web.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:131) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.boot.web.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:86) ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:169) ~[spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5196) ~[catalina.jar:8.5.15]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ~[catalina.jar:8.5.15]
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752) ~[catalina.jar:8.5.15]
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728) ~[catalina.jar:8.5.15]
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734) ~[catalina.jar:8.5.15]
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952) ~[catalina.jar:8.5.15]
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823) ~[catalina.jar:8.5.15]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) ~[?:1.8.0_71]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_71]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_71]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_71]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_71]
2017-06-15 12:08:31,618 INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Collected metadata from [0] resolvers(s). Initializing aggregate resolver...>
2017-06-15 12:08:31,619 INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Metadata aggregate initialized successfully.>
2017-06-15 12:08:32,148 DEBUG [org.apereo.cas.web.report.BaseCasMvcEndpoint] - <Sensitivity for endpoint [AuthenticationEvents] is undefined. Checking defaults...>
2017-06-15 12:08:32,148 DEBUG [org.apereo.cas.web.report.BaseCasMvcEndpoint] - <Default sensitivity for endpoint [AuthenticationEvents] is set to [true]>




Here are my settings:

####################################
# SAML CORE
#
 cas.samlCore.ticketidSaml2=false
 cas.samlCore.skewAllowance=0
 cas.samlCore.attributeNamespace=http://www.ja-sig.org/products/cas/
 cas.samlCore.issuer=cas.psoplaneta.com
 cas.samlCore.securityManager=com.sun.org.apache.xerces.internal.util.SecurityManager

####################################
# SAML2 IdP
#
 cas.authn.samlIdp.entityId=https://cas.psoplaneta.com:8443/cas/idp
 cas.authn.samlIdp.hostName=cas.psoplaneta.com:8443
 cas.authn.samlIdp.scope=psoplaneta.com

 cas.authn.samlIdp.metadata.cacheExpirationMinutes=30
 cas.authn.samlIdp.metadata.failFast=true
 cas.authn.samlIdp.metadata.location=file://c:/etc/cas/saml/idp
 cas.authn.samlIdp.metadata.privateKeyAlgName=RSA
 cas.authn.samlIdp.metadata.requireValidMetadata=true

 cas.authn.samlIdp.metadata.basicAuthnUsername=
 cas.authn.samlIdp.metadata.basicAuthnPassword=
 cas.authn.samlIdp.metadata.supportedContentTypes=

 cas.authn.samlIdp.logout.forceSignedLogoutRequests=true
 cas.authn.samlIdp.logout.singleLogoutCallbacksDisabled=false

 cas.authn.samlIdp.response.skewAllowance=0
 cas.authn.samlIdp.response.signError=false
 cas.authn.samlIdp.response.overrideSignatureCanonicalizationAlgorithm=
 cas.authn.samlIdp.response.useAttributeFriendlyName=true

############################################
# SAML MEDATADA UI
#
 cas.samlMetadataUi.requireValidMetadata=true
 cas.samlMetadataUi.repeatInterval=120000
 cas.samlMetadataUi.startDelay=30000
 cas.samlMetadataUi.resources=file://c:/etc/cas/saml/sp/::
 cas.samlMetadataUi.maxValidity=0
 cas.samlMetadataUi.requireSignedRoot=false
 cas.samlMetadataUi.parameter=entityId



Is there any value that is omitting or not correct ?. Where can I find detailed information on the values that should be assigned for a correct configuration?

Thanks again!

Marco Osorio

unread,
Jun 16, 2017, 8:33:17 AM6/16/17
to CAS Community
Hello,
The error that generates me is another, I used the page that suggests the documentation to generate the metadata, but apparently does not find anything of the certificate.

This message if I did not indicate where the pub.key is, but I do not understand what the pub.key is. It is not my forte, this part can someone explain it to me? please.
2017-06-16 10:50:52,558 DEBUG [org.apereo.cas.logout.config.CasCoreLogoutConfiguration] - <Configuring logout execution plan [CasCoreLogoutConfiguration]>
2017-06-16 10:51:02,243 WARN [org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration] - <Skipping metadata [file://c:/etc/cas/saml/sp/]; Either the resource cannot be retrieved or its signing key is missing>
2017-06-16 10:51:02,244 DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Building metadata resolver aggregate>
2017-06-16 10:51:02,256 INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Collected metadata from [0] resolvers(s). Initializing aggregate resolver...>
2017-06-16 10:51:02,257 INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] - <Metadata aggregate initialized successfully.>
2017-06-16 10:51:02,266 WARN [org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration] - <Skipping metadata [file://c:/etc/cas/saml/sp/]; Either the resource cannot be retrieved or its signing key is missing>


If I indicate the path of the pub.key, which I believe is the key that generates in the idp folder, this is the error.

2017-06-16 11:52:31,705 INFO [org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService] - <Metadata directory location is at [URL [file://c:/etc/cas/saml/idp]] with entityID [https://psoplaneta.com:8443/cas/idp]>
2017-06-16 11:52:31,705 DEBUG [org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService] - <Preparing to generate metadata for entityId [https://cas.psoplaneta.com:8443/cas/idp]>
2017-06-16 11:52:31,706 INFO [org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService] - <Metadata is available at [c:\etc\cas\saml\idp\idp-metadata.xml]>
2017-06-16 11:52:31,787 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Beginning refresh of metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,799 DEBUG [org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Resource file [c:\etc\cas\saml\idp\idp-metadata.xml] was last modified 2017-06-16T11:43:18.036+02:00>
2017-06-16 11:52:31,800 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Processing new metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,800 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Unmarshalling metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,841 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Preprocessing metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,841 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Releasing cached DOM for metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,842 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Post-processing metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,842 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Computing expiration time for metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,842 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Expiration of metadata from 'file [c:\etc\cas\saml\idp\idp-metadata.xml]' will occur at 2017-06-16T13:52:31.787Z>
2017-06-16 11:52:31,842 INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: New metadata successfully loaded for 'file [c:\etc\cas\saml\idp\idp-metadata.xml]'>
2017-06-16 11:52:31,842 INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver] - <Metadata Resolver ResourceBackedMetadataResolver https://cas.psoplaneta.com:8443/cas/idp: Next refresh cycle for metadata provider 'file [c:\etc\cas\saml\idp\idp-metadata.xml]' will occur on '2017-06-16T12:52:31.801Z' ('2017-06-16T14:52:31.801+02:00' local time)>
2017-06-16 11:52:32,222 DEBUG [org.apereo.cas.logout.config.CasCoreLogoutConfiguration] - <Configuring logout execution plan [CasCoreLogoutConfiguration]>
2017-06-16 11:52:32,559 DEBUG [org.apereo.cas.support.saml.SamlUtils] - <Attempting to resolve credentials from [URL [file:/c:/etc/cas/saml/sp/certimport.key]]>
2017-06-16 11:52:32,580 DEBUG [org.apereo.cas.support.saml.SamlUtils] - <Credential cannot be extracted from [URL [file:/c:/etc/cas/saml/sp/certimport.key]] via X.509. Treating it as a public key to locate credential...>
2017-06-16 11:52:32,653 DEBUG [org.apereo.cas.support.saml.SamlUtils] - <Bad sequence size: 9>
java.lang.IllegalArgumentException: Bad sequence size: 9
at org.bouncycastle.asn1.x509.SubjectPublicKeyInfo.<init>(Unknown Source) ~[bcprov-jdk15on-1.56.jar:1.56.0]
at org.bouncycastle.asn1.x509.SubjectPublicKeyInfo.getInstance(Unknown Source) ~[bcprov-jdk15on-1.56.jar:1.56.0]
at org.bouncycastle.crypto.util.PublicKeyFactory.createKey(Unknown Source) ~[bcprov-jdk15on-1.56.jar:1.56.0]
at org.cryptacular.asn.PublicKeyDecoder.decode(PublicKeyDecoder.java:24) ~[cryptacular-1.2.0.jar:?]
at org.cryptacular.util.KeyPairUtil.decodePublicKey(KeyPairUtil.java:481) ~[cryptacular-1.2.0.jar:?]
at org.cryptacular.util.KeyPairUtil.readPublicKey(KeyPairUtil.java:466) ~[cryptacular-1.2.0.jar:?]
at net.shibboleth.idp.profile.spring.factory.BasicResourceCredentialFactoryBean.getPublicKey(BasicResourceCredentialFactoryBean.java:116) ~[idp-profile-spring-3.3.1.jar:?]
at net.shibboleth.idp.profile.spring.factory.AbstractBasicCredentialFactoryBean.doCreateInstance(AbstractBasicCredentialFactoryBean.java:116) ~[idp-profile-spring-3.3.1.jar:?]
at net.shibboleth.idp.profile.spring.factory.AbstractBasicCredentialFactoryBean.doCreateInstance(AbstractBasicCredentialFactoryBean.java:43) ~[idp-profile-spring-3.3.1.jar:?]
at net.shibboleth.ext.spring.factory.AbstractComponentAwareFactoryBean.createInstance(AbstractComponentAwareFactoryBean.java:49) ~[spring-extensions-5.3.0.jar:?]
at org.springframework.beans.factory.config.AbstractFactoryBean.afterPropertiesSet(AbstractFactoryBean.java:134) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.SamlUtils.buildCredentialForMetadataSignatureValidation(SamlUtils.java:176) ~[cas-server-support-saml-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.SamlUtils.buildSignatureValidationFilter(SamlUtils.java:141) ~[cas-server-support-saml-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.SamlUtils.buildSignatureValidationFilter(SamlUtils.java:114) ~[cas-server-support-saml-core-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.lambda$configureResource$1(SamlMetadataUIConfiguration.java:132) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.jooq.lambda.Unchecked.lambda$consumer$16(Unchecked.java:646) ~[jool-0.9.12.jar:?]
at java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948) ~[?:1.8.0_71]
at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) ~[?:1.8.0_71]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.configureResource(SamlMetadataUIConfiguration.java:120) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.lambda$configureAdapter$0(SamlMetadataUIConfiguration.java:108) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.jooq.lambda.Unchecked.lambda$consumer$16(Unchecked.java:646) ~[jool-0.9.12.jar:?]
at java.util.ArrayList.forEach(ArrayList.java:1249) ~[?:1.8.0_71]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.configureAdapter(SamlMetadataUIConfiguration.java:108) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.getStaticMetadataResolverAdapter(SamlMetadataUIConfiguration.java:160) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.chainingSamlMetadataUIMetadataResolverAdapter(SamlMetadataUIConfiguration.java:102) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.CGLIB$chainingSamlMetadataUIMetadataResolverAdapter$0(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d$$FastClassBySpringCGLIB$$c142b89d.invoke(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.chainingSamlMetadataUIMetadataResolverAdapter(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_71]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_71]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_71]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_71]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.chainingSamlMetadataUIMetadataResolverAdapter(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.samlMetadataUIParserAction(SamlMetadataUIConfiguration.java:95) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.CGLIB$samlMetadataUIParserAction$1(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d$$FastClassBySpringCGLIB$$c142b89d.invoke(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.samlMetadataUIParserAction(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_71]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_71]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_71]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_71]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.samlMetadataUIParserAction(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration.samlMetadataUIWebConfigurer(SamlMetadataUIConfiguration.java:87) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.CGLIB$samlMetadataUIWebConfigurer$2(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d$$FastClassBySpringCGLIB$$c142b89d.invoke(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
at org.apereo.cas.support.saml.mdui.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$ab66890d.samlMetadataUIWebConfigurer(<generated>) ~[cas-server-support-saml-mdui-5.1.0.jar:5.1.0]

Please someone who has pity on me, I've been trying to setup this for a week for saml2 + sp and there has been no way to do this.

Thanks in advance!!!!!!

Song, Doe-Hyun

unread,
Jun 19, 2017, 7:47:32 PM6/19/17
to cas-...@apereo.org

Did you resolve this issue?

 

I assume the configuration should use service provider metadata and its public key.

 

This is what I did ..

 

 cas.samlMetadataUi.resources=file:///etc/cas/saml/sp/FederationMetadata.xml::file:///etc/cas/saml/sp/ultipro-signing.crt

 

 

Instead, I have this BufferOverflowException from metadataAdapter.

 

2017-06-19 19:45:10,743 WARN [org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext] - <Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlMetadataUIWebConfigurer' defined in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.web.flow.CasWebflowConfigurer]: Factory method 'samlMetadataUIWebConfigurer' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlMetadataUIParserAction' defined in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.webflow.execution.Action]: Factory method 'samlMetadataUIParserAction' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAdapter' defined in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.MetadataResolverAdapter]: Factory method 'metadataAdapter' threw exception; nested exception is java.nio.BufferOverflowException>

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/40b01b33-2b6a-49d7-9e67-7fe64848fbc6%40apereo.org.


The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly.  Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.

Song, Doe-Hyun

unread,
Jun 19, 2017, 7:59:41 PM6/19/17
to cas-...@apereo.org

Still Stuck with this error message.

 

2017-06-19 19:49:43,809 WARN [org.apache.catalina.loader.WebappClassLoaderBase] - <The web application [cas] appears to have started a thread named [Abandoned c

onnection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:

 java.lang.Object.wait(Native Method)

 java.lang.ref.ReferenceQueue.remove(Unknown Source)

 com.mysql.cj.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43)>

Exception in thread "main" java.lang.reflect.InvocationTargetException

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

        at java.lang.reflect.Method.invoke(Unknown Source)

        at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)

        at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)

        at org.springframework.boot.loader.Launcher.launch(Launcher.java:50)

        at org.springframework.boot.loader.WarLauncher.main(WarLauncher.java:59)

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlMetadataUIWebConfigurer' defined in class path resource [

org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springfram

ework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.web.flow.CasWebflowConfigurer]: Factory method 'samlMetadataUIWebConfigurer' threw

 exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlMetadataUIParserAction' defined in c

lass path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested excepti

on is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.webflow.execution.Action]: Factory method 'samlMetadataUI

ParserAction' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAdapter' defi

ned in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested

 exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.MetadataResolverAdapter]: F

actory method 'metadataAdapter' threw exception; nested exception is java.nio.BufferOverflowException

        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:11

28)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1022)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)

        at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)

        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)

        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)

        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:754)

        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:866)

        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:542)

        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)

        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:761)

        at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:371)

        at org.springframework.boot.SpringApplication.run(SpringApplication.java:315)

        at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:134)

        at org.apereo.cas.web.CasWebApplication.main(CasWebApplication.java:61)

        ... 8 more

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.web.flow.CasWebflowConfigurer]: Factory method 'samlMetad

ataUIWebConfigurer' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlMetadataUIP

arserAction' defined in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory meth

od failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.webflow.execution.Action]: Facto

ry method 'samlMetadataUIParserAction' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with na

me 'metadataAdapter' defined in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via fact

ory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.Me

tadataResolverAdapter]: Factory method 'metadataAdapter' threw exception; nested exception is java.nio.BufferOverflowException

        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)

        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)

        ... 25 more

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlMetadataUIParserAction' defined in class path resource [o

rg/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframe

work.beans.BeanInstantiationException: Failed to instantiate [org.springframework.webflow.execution.Action]: Factory method 'samlMetadataUIParserAction' threw e

xception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAdapter' defined in class path res

ource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.spr

ingframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.MetadataResolverAdapter]: Factory method 'metada

taAdapter' threw exception; nested exception is java.nio.BufferOverflowException

        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:11

28)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1022)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)

        at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)

        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)

        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)

        at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:381)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.samlMetadataUIParserAction(<generated>)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.samlMetadataUIWebConfigurer(SamlMetadataUIConfiguration.java:90)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.CGLIB$samlMetadataUIWebConfigurer$1(<generat

ed>)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94$$FastClassBySpringCGLIB$$bd14cf41.invoke(<ge

nerated>)

        at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)

        at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:356)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.samlMetadataUIWebConfigurer(<generated>)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

        at java.lang.reflect.Method.invoke(Unknown Source)

        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)

        ... 26 more

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.webflow.execution.Action]: Factory method 'samlMetad

ataUIParserAction' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAdapter'

 defined in class path resource [org/apereo/cas/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; n

ested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.MetadataResolverAdapte

r]: Factory method 'metadataAdapter' threw exception; nested exception is java.nio.BufferOverflowException

        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)

        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)

        ... 47 more

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAdapter' defined in class path resource [org/apereo/c

as/support/saml/web/flow/config/SamlMetadataUIConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.

BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.MetadataResolverAdapter]: Factory method 'metadataAdapter' threw ex

ception; nested exception is java.nio.BufferOverflowException

        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:11

28)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1022)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512)

        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)

        at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)

        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)

        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)

        at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:381)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.metadataAdapter(<generated>)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.samlMetadataUIParserAction(SamlMetadataUIConfiguration.java:101)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.CGLIB$samlMetadataUIParserAction$2(<generate

d>)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94$$FastClassBySpringCGLIB$$bd14cf41.invoke(<ge

nerated>)

        at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)

        at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:356)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.samlMetadataUIParserAction(<generated>)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

        at java.lang.reflect.Method.invoke(Unknown Source)

        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)

        ... 48 more

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.flow.mdui.MetadataResolverAdapter]: Fact

ory method 'metadataAdapter' threw exception; nested exception is java.nio.BufferOverflowException

        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)

        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)

        ... 69 more

Caused by: java.nio.BufferOverflowException

        at java.nio.Buffer.nextPutIndex(Unknown Source)

        at java.nio.HeapCharBuffer.put(Unknown Source)

        at org.cryptacular.util.PemUtil.decode(PemUtil.java:123)

        at org.cryptacular.util.PemUtil.decode(PemUtil.java:95)

        at org.cryptacular.asn.PublicKeyDecoder.decode(PublicKeyDecoder.java:26)

        at org.cryptacular.util.KeyPairUtil.decodePublicKey(KeyPairUtil.java:487)

        at org.cryptacular.util.KeyPairUtil.readPublicKey(KeyPairUtil.java:473)

        at org.cryptacular.util.KeyPairUtil.readPublicKey(KeyPairUtil.java:457)

        at net.shibboleth.idp.profile.spring.relyingparty.security.credential.impl.BasicResourceCredentialFactoryBean.getPublicKey(BasicResourceCredentialFactor

yBean.java:115)

        at net.shibboleth.idp.profile.spring.relyingparty.security.credential.impl.AbstractBasicCredentialFactoryBean.doCreateInstance(AbstractBasicCredentialFa

ctoryBean.java:117)

        at net.shibboleth.idp.profile.spring.relyingparty.security.credential.impl.AbstractBasicCredentialFactoryBean.doCreateInstance(AbstractBasicCredentialFa

ctoryBean.java:44)

        at net.shibboleth.ext.spring.factory.AbstractComponentAwareFactoryBean.createInstance(AbstractComponentAwareFactoryBean.java:49)

        at org.springframework.beans.factory.config.AbstractFactoryBean.afterPropertiesSet(AbstractFactoryBean.java:134)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.lambda$configureResource$1(SamlMetadataUIConfiguration.java:146)

        at org.jooq.lambda.Unchecked.lambda$consumer$16(Unchecked.java:646)

        at java.util.Spliterators$ArraySpliterator.forEachRemaining(Unknown Source)

        at java.util.stream.ReferencePipeline$Head.forEach(Unknown Source)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.configureResource(SamlMetadataUIConfiguration.java:132)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.lambda$configureAdapter$0(SamlMetadataUIConfiguration.java:120)

        at org.jooq.lambda.Unchecked.lambda$consumer$16(Unchecked.java:646)

        at java.util.ArrayList.forEach(Unknown Source)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.configureAdapter(SamlMetadataUIConfiguration.java:120)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.getStaticMetadataResolverAdapter(SamlMetadataUIConfiguration.java:180)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration.metadataAdapter(SamlMetadataUIConfiguration.java:112)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.CGLIB$metadataAdapter$0(<generated>)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94$$FastClassBySpringCGLIB$$bd14cf41.invoke(<ge

nerated>)

        at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)

        at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:356)

        at org.apereo.cas.support.saml.web.flow.config.SamlMetadataUIConfiguration$$EnhancerBySpringCGLIB$$bc8e1e94.metadataAdapter(<generated>)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

        at java.lang.reflect.Method.invoke(Unknown Source)

        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)

        ... 70 more

Song, Doe-Hyun

unread,
Jun 22, 2017, 8:42:45 AM6/22/17
to cas-...@apereo.org

I previous used certificate copied from metadata. I retrieved public key out of the certificate and used the key for the resources. Error is gone since then.

 

 cas.samlMetadataUi.resources=file:///etc/cas/saml/sp/FederationMetadata.xml::file:///etc/cas/saml/sp/ultipro-signing-pub.key

 

I am not sure if I did correctly. But, it does not spit any error message so far.

 

Hope this helps you.

Marco Osorio

unread,
Jun 23, 2017, 4:41:51 AM6/23/17
to CAS Community, DS...@armada.net
Hello dan,
Thank you for your response, sorry that you did not respond before but were on other issues.
I've done your test, but I have not been lucky, I probably have not done the same thing as you.

I tell you what I've done. When you start CAS in tomcat 8.5.15, the certificate files and the idp-metadata.xml are generated in the etc / cas / saml / idp folder, then I modify that metadata to give you the certificate, I do not know if it is correct and I do not know If the certificate holders correspond to the certificate that I have installed in tomcat for ssl or if these certificate files are random. If so, it is likely that the error that is occurring is therefore because it does not find in the certificate how to extract the correct key.

Anyway, I have extracted the public key of my certificate and I have indicated the path as you commented in your last post, but it follows the same error.

I have read a lot of documentation for metadata generation, but I have not had satisfactory results.

Someone could tell us what are the steps that must be taken into account to be able to configure this and specifically if each service that wants to authenticate against saml must have a metadata, which I suppose yes since it has a entitiID, so I understand that the Property "cas.samlMetadataUi.resources" can get or load multiple metadata with the same publik key.

Thanks again
...

Marco Osorio

unread,
Jun 23, 2017, 6:18:29 AM6/23/17
to CAS Community, DS...@armada.net
Hi Song, Doe-Hyun
Sorry for the slip and change the name :)

Song, Doe-Hyun

unread,
Jun 23, 2017, 1:22:17 PM6/23/17
to Marco Osorio, CAS Community

Hello Marco,

 

 

This is my understanding for SAML METADATA UI.

Per the following document,

https://apereo.github.io/cas/5.0.x/integration/Shibboleth.html#displaying-saml-mdui

The CAS server is able to recognize the entityId parameter and display SAML MDUI on the login page, that is provided by the metadata associated with the relying party.

 

I understood this as we need metadata of relying party.

 

So, Idp-metadata is not the one we need to use.

 

Idp-metadata is the metadata of cas server itself for working as IdP.

 

From here,

https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#saml-metadata-ui

 

# cas.samlMetadataUi.resources=classpath:/sp-metadata::classpath:/pub.key,http://md.incommon.org/InCommon/InCommon-metadata.xml::classpath:/inc-md-pub.key

 

Example shows, its metadata name sp-metadata (sp is not idp. My understanding is sp is service provider. So, I assumed it is relying party.)

 

In my example, FederationMetadata.xml is from my service provider. That’s why I copied the file under /etc/cas/saml/sp/

 

Then, from the Metadata, I created the signing certificate. Originally, I used the certificate, causing bufferoverflow error. Then, I read the example file and it shows pub.key. So, I retrieved its public key from the certificate and used it. Then, it does not spit any more error.

 

I don’t have any clear conclusion whether I did correct. So, if you think it does not make sense, let me know.

 

I hope if it helps you. 


The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly.  Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.

Marco Osorio

unread,
Jun 28, 2017, 12:20:45 PM6/28/17
to CAS Community, osorio...@gmail.com, DS...@armada.net
Hi Song, Doe-Hyun,

I managed to load the metadata of the SP, the problem I had was that it was not generated by the JIRA plugin, now or loading correctly without errors, also the certificate.

The problem I have now is in authentication, which rejects access to the CAS indicating that it is not authorized to use CAS.
I think the problem is given in the Manager in the configuration of the service and I do not know if it is correct. For example the metadata path how to solve it or how to solve it? I have put it in several ways, /etc/cas/saml/sp/jira-metadata.xml and it does not complain, but if I change the path, it gives a 500 error.

Do you have any idea? Or do you know what the url is for me to solve the SP metadata by browser?

Thanks again
...

Song, Doe-Hyun

unread,
Jul 5, 2017, 2:27:41 PM7/5/17
to Marco Osorio, CAS Community

Answered in your other email thread. Need to register service to make SAML work. 


The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly.  Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.
Reply all
Reply to author
Forward
0 new messages