mace-opensaml-users - Re: Signature Verification error
Subject: OpenSAML user discussion
List archive
- From: Brad Anderson <>
- To:
- Subject: Re: Signature Verification error
- Date: Mon, 04 Dec 2006 15:52:24 -0500
- Organization: The Sankaty Group, Inc.
Scott Cantor wrote:
>> I have the latest and greatest code as of this morning. Here's the debug
>> output. Is there a setting I can flip to get this thing to not ignore the
>> Signature element? I haven't had time to go thru the code,
>> and it's a foreign land to me in there, anyway.
>
> No, it's a bug. I just checked in an assertion fix, give it a try.
Hmm, didn't seem to work. See attached.
Also, is there anything I can send you to help your debugging?
BA
nQueryDescriptorBuilder under key
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLObjectBuilderFactory
- Registering builder,
org.opensaml.samlext.saml2mdquery.impl.AuthnQueryDescriptorBuilder under key
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.io.MarshallerFactory -
Registering marshaller,
org.opensaml.samlext.saml2mdquery.impl.AuthnQueryDescriptorMarshaller, for
object type
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.io.MarshallerFactory -
Registering marshaller,
org.opensaml.samlext.saml2mdquery.impl.AuthnQueryDescriptorMarshaller, for
object type
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.io.UnmarshallerFactory
- Registering unmarshaller,
org.opensaml.samlext.saml2mdquery.impl.AuthnQueryDescriptorUnmarshaller, for
object type
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.io.UnmarshallerFactory
- Registering unmarshaller,
org.opensaml.samlext.saml2mdquery.impl.AuthnQueryDescriptorUnmarshaller, for
object type
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
intialized and configuration cached
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthnQueryDescriptorType
intialized and configuration cached
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Initializing object provider
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthzDecisionQueryDescriptor
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Initializing object provider
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthzDecisionQueryDescriptor
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.samlext.saml2mdquery.impl.AuthzDecisionQueryDescriptorBuilder
22472 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.samlext.saml2mdquery.impl.AuthzDecisionQueryDescriptorBuilder
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of org.opensaml.samlext.samlpthrpty.impl.RespondToMarshaller
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of org.opensaml.samlext.samlpthrpty.impl.RespondToMarshaller
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.samlext.samlpthrpty.impl.RespondToUnmarshaller
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.samlext.samlpthrpty.impl.RespondToUnmarshaller
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.Configuration -
Registering new builder, marshaller, and unmarshaller for
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthzDecisionQueryDescriptor
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.Configuration -
Registering new builder, marshaller, and unmarshaller for
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthzDecisionQueryDescriptor
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLObjectBuilderFactory
- Registering builder,
org.opensaml.samlext.saml2mdquery.impl.AuthzDecisionQueryDescriptorBuilder
under key
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthzDecisionQueryDescriptor
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLObjectBuilderFactory
- Registering builder,
org.opensaml.samlext.saml2mdquery.impl.AuthzDecisionQueryDescriptorBuilder
under key
{urn:oasis:names:tc:SAML:metadata:ext:query}AuthzDecisionQueryDescriptor
22474 [http-8080-Processor24] DEBUG org.opensaml.xml.io.MarshallerFactory -
Registering marshaller,
org.opensaml.samlext.samlpthrpty.impl.RespondToMarshaller, for object type
{urn:oasis:names:tc:SAML:metadata:ext:quelext.samlpthrpty.implidator.AssertionIDRequestServiceSchemaValidator
22656 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.AttributeAuthorityDescriptorSchemaValidator
22656 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.AttributeAuthorityDescriptorSchemaValidator
22688 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.AttributeConsu.metadata.validator.GivenNameSchemaValidator
22735 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.GivenNameSchemaValidator
22742 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.IDPSSODescriptorSchemaValidator
22742 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.IDPSSODescriptorSchcriptionSchemaValidator
22754 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.ServiceNameSchemaValidator
22754 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.ServiceNameSchemaValidator
22755 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.SingleLogoutServiceSchemaValidator
22755 nce of
org.opensaml.saml2.metadata.validator.EntityDescriptorSpecValidator
22807 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.IDPSSODescriptorSpecValidator
22807 [http-8080-Processor24] DEBUG org.opensaml.xml.XMLConfigurator -
Creating instance of
org.opensaml.saml2.metadata.validator.IDPSSODescriptorSpecValidator
22809 [http-8080-Processor24] DEBUG org.opensaml.xml.XML-processing attribute
AssertionID
22871 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Attribute AssertionID is
neither a schema type nor namespace, calling processAttribute()
22871 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Attribute AssertionID is
neither a schema type nor namespace, calling processAttribute()
22871 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Pre-proc
[http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller -
{http://www.w3.org/2000/xmlns/}saml is a namespace declaration, adding it to
the list of namespaces on the XMLObject
23041 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller -
{http://www.w3.org/2000/xmlns/}saml is a namespace declaration, adding it to
the list of namespaces on the XMLObject
23042 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.Abstrattp-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller -
{urn:oasis:names:tc:SAML:1.0:assertion}Conditions element name matches target.
23072 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller -
{urn:oasis:names:tc:SAML:1.0:assertion}Conditions element name matches target.
23072 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Building XMLObject for
{urn.io.AbstractXMLObjectUnmarshaller - Checking that
{urn:oasis:names:tc:SAML:1.0:assertion}AuthenticationStatement meets target
criteria.
23076 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller -
{urn:oasis:names:tc:SAML:1.0:assertion}AuthenticationStatement element name
matches target.
23076 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller -
{urn:oasis:names:tc:SAML:1.0:assertion}AuthenticationStat0:assertion}Subject
23092 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Checking that
{urn:oasis:names:tc:SAML:1.0:assertion}Subject meets target criteria.
23092 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Checking that
{urn:oasis:names:tc:SAML:1.0:assertion}Subject meets target criteria.
23092 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - {urn:oent
{urn:oasis:names:tc:SAML:1.0:assertion}NameIdentifier
23094 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling attributes
of DOM Element {urn:oasis:names:tc:SAML:1.0:assertion}NameIdentifier
23095 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Pre-processing attribute
Format
23095 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Pre-procesProcessor24]
DEBUG org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling
other child nodes of DOM Element
{urn:oasis:names:tc:SAML:1.0:assertion}SubjectConfirmation
23096 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
elements of XMLObject
{urn:oasis:names:tc:SAML:1.0:assertion}SubjectConfirmation
23096 [http-8080-Processor24] DEBUG org.opensaml.xml.io.AbstraSignature,
child of {urn:oasis:names:tc:SAML:1.0:assertion}Assertion but the default
unmarshaller org.opensaml.xml.ElementProxyUnmarshaller was available, using
it.
23124 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
element {http://www.w3.org/2000/09/xmldsig#}Signature with unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller
23124 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
element {http://www.w3.org/2000/09/xmldsig#}Signature with unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller
23124 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarsh - No unmarshaller was registered
for {http://www.w3.org/2000/09/xmldsig#}SignedInfo, child of
{http://www.w3.org/2000/09/xmldsig#}Signature but the default unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller was available, using it.
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - No unmarshaller was
registered for {http://www.w3.org/2000/09/xmldsig#}SignedInfo, child of
{http://www.w3.org/2000/09/xmldsig#}Signature but the default unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller was available, using it.
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
element {http://www.w3.org/2000/09/xmldsig#}SignedInfo with unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
element {http://www.w3.org/2000/09/xmldsig#}SignedInfo with unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Starting to unmarshall
DOM element {http://www.w3.org/2000/09/xmldsi.AbstractXMLObjectUnmarshaller
- No unmarshaller was registered for
{http://www.w3.org/2000/09/xmldsig#}CanonicalizationMethod, child of
{http://www.w3.org/2000/09/xmldsig#}SignedInfo but the default unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller was available, using it.
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - aller - Unmarshalling
child elements of XMLObject {http://www.w3.org/2000/09/xmldsig#}SignedInfo
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - No unmarshaller was
registered for {http://www.w3.org/2000/09/xmldsig#}SignatureMethod, child of
{http://www.w3.org/2000/09/xmldsig#}SignedInfo but the default unmarshaller
org.opensaml.xml.ElementProxyUnmarshaller was available, using it.
23139 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjecjectUnmarshaller - Unmarshalling other
child nodes of DOM Element {http://www.w3.org/2000/09/xmldsig#}SignatureMethod
23140 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
elements of XMLObject {http://www.w3.org/2000/09/xmldsig#}SignedInfo
23140 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling child
elements of XMLObject {http://www.w3.org/2000/09/xmldsig#}SignedInfo
23140 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - No unmarshaller was
registered for {http://www.w3.org/2000/09/xmldsig#}Reference, child of
{http://www.w3.org/2000/09/xmldsig#}SignedInfo butAttribute()
23140 [http-8080-Processor24] DE-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Starting to unmarshall
DOM element {http://www.w3.org/2000/09/xmldsig#}Transform
23141 [http-8080-Processor24] DEBUG org.openttp-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Starting to unmarshall
DOM element {http://www.w3.org/2000/09/xmlsaml.xml.ElementProxyUnmarshaller
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Starting to unmarshall
DOM element {http://www.w3.org/2000/09/xmldsig#}SignatureValue
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Starting to unmarshall
DOM element {http://www.w3.org/2000/09/xmldsig#}SignatureValue
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Targeted QName checking
is not available for this unmarshaller, DOM Element
{http://www.w3.org/2000/09/xmldsig#}SignatureValue was not verified
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Targeted QName checking
is not available for this unmarshaller, DOM Element
{http://www.w3.org/2000/09/xmldsig#}SignatureValue was not verified
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Building XMLObject for
{http://www.w3.org/2000/09/xmldsig#}SignatureValue
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Building XMLObject for
{http://www.w3.org/2000/09/xmldsig#}SignatureValue
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - No builder was
registered for {http://www.w3.org/2000/09/xmldsig#}SignatureValue but the
default builder org.opensaml.xml.ElementProxyBuilder was available, using it.
23143 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - No builder was
registered for {http://www.w3.org/2000/09/xmldsig#}SignatureValue but the
default builder org.opensaml.xml.ElementProxyBuilder was available, using it.
23144 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling attributes
of DOM Element {http://www.w3.org/2000/09/xmldsig#}SignatureValue
23144 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling attributes
of DOM Element {http://www.w3.org/2000/09/xmldsig#}SignatureValue
23144 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling other
child nodes of DOM Element {http://www.w3.org/2000/09/xmldsig#}SignatureValue
23144 [http-8080-Processor24] DEBUG
org.opensaml.xml.io.AbstractXMLObjectUnmarshaller - Unmarshalling other
child nodes of DOM Element {http://www.w3.org/2000/09/xmldsig#}SignatureValue
23144 [http-8080-Processor24] DEBUG
org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller - Ignoring unknown
element {http://www.w3.org/2000/09/xmldsig#}Signature
23144 [http-8080-Processor24] DEBUG
org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller - Ignoring unknown
element {http://www.w3.org/2000/09/xmldsig#}Signature
- Re: Signature Verification error, Brad Anderson, 12/04/2006
- RE: Signature Verification error, Scott Cantor, 12/04/2006
- Re: Signature Verification error, Brad Anderson, 12/04/2006
- RE: Signature Verification error, Scott Cantor, 12/04/2006
- Re: Signature Verification error, Brad Anderson, 12/04/2006
- RE: Signature Verification error, Scott Cantor, 12/04/2006
Archive powered by MHonArc 2.6.16.