mace-opensaml-users - strange error when validating saml message
Subject: OpenSAML user discussion
List archive
- From:
- To:
- Subject: strange error when validating saml message
- Date: Tue, 29 Aug 2006 12:35:26 +0200
Title: strange error when validating saml message
Hi everybody
I use opensaml 1.0 for validating saml messages. Usually it works ok, but now we get a strange error. The log is the following:
**************
V1.1|20060829:11:28:32:453|DEBUG|1156843663:10.10.23.34:1969:0:4467|-|CMASACC2|cmweb|-|be.cm.commons.exceptions.LcmException|WARN|creating be.cm.commons.exceptions.LcmFatalException: Error occurred in the validation of the SAML message(Error occurred in the validation of the SAML message,java.security.cert.CertificateNotYetValidException: NotBefore: Thu Aug 17 15:10:47 CEST 2006)| be.cm.commons.exceptions.LcmFatalException: Error occurred in the validation of the SAML message
at be.cm.apps.cmweb.web.samlprocessing.SAMLValidator.validateSAMLResponse(SAMLValidator.java:198)
at be.cm.apps.cmweb.web.samlprocessing.SAMLValidator.startValidation(SAMLValidator.java:72)
at be.cm.apps.cmweb.web.samlprocessing.CmWebSamlProcessorServlet.doPost(CmWebSamlProcessorServlet.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
at be.cm.apps.cmweb.web.filters.TargetSetterFilter.doFilter(TargetSetterFilter.java:77)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:16)
at be.cm.apps.cmweb.web.filters.LanguageSetterFilter.doFilter(LanguageSetterFilter.java:88)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:617)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:794)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:208)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:125)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.security.cert.CertificateNotYetValidException: NotBefore: Thu Aug 17 15:10:47 CEST 2006
at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:264)
at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:564)
at be.cm.apps.cmweb.web.samlprocessing.SAMLMessageVerifier.validateCertificates(SAMLMessageVerifier.java:176)
at be.cm.apps.cmweb.web.samlprocessing.SAMLMessageVerifier.verifySAMLMessage(SAMLMessageVerifier.java:131)
at be.cm.apps.cmweb.web.samlprocessing.SAMLValidator.validateSAMLResponse(SAMLValidator.java:196) ... 15 more
**************
What I think it is strange is that the exception says that de certificate is not valid before 17 August 2006, but the date on the log header has the date of today (29 Aug 2006) !!!
Thus the certificate should be totally valid.
btw, the certificate is valid from the 17 Aug 2006 till the 17 Aug 2007 !
Anyone has an idea why this problem occurs?
regards,
Miro
- strange error when validating saml message, miro . casanova, 08/29/2006
- RE: strange error when validating saml message, Scott Cantor, 08/29/2006
- <Possible follow-up(s)>
- RE: strange error when validating saml message, miro . casanova, 08/30/2006
Archive powered by MHonArc 2.6.16.