mace-opensaml-users - RE: Getting Exception: There are multiple occurrences of ID value
Subject: OpenSAML user discussion
List archive
- From: "Gitesh Malik" <>
- To: <>
- Subject: RE: Getting Exception: There are multiple occurrences of ID value
- Date: Tue, 9 Jan 2007 19:55:54 +0530
Scott, I had put in a hack in my code to ensure that
samlResponse id and assertion id are not same and even If they - a new
SAMLidentifier value should be set up as responseid. However there seem
to be issue with this as well as an attempt to generate a new SAML
identifier does not create a new one. (Attached short code and short
error log)
Any clues will be greatly appreciated.
Thanks and regards,
<gitesh/>
-----Original Message-----
From: Gitesh Malik
Sent: Friday, December 08, 2006 6:29 PM
To:
''
Subject: RE: Getting Exception: There are multiple occurrences of ID
value
Scott, Is it the expected behavior per the SAX parser validation (per
the opensaml schema) when It raises exception with message - "There are
multiple occurrences of ID value - "#<guid>" given that there is
1. No Id tag attributes
2. Value for two different tags - ResponseId and AssertionID is same
(which per you it should never be)
I was planning to write a standalone test case that would try to pass in
the data that I get from an erroneous debug session and see if still
does fail.
Thanks,
<gitesh/>
-----Original Message-----
From: Scott Cantor
[mailto:]
Sent: Tuesday, December 05, 2006 10:36 PM
To:
Subject: RE: Getting Exception: There are multiple occurrences of ID
value
> Now the ids in response assertion xml are automatically
> generated by the openSAML code. The ids are not passed from
> outside as params.
No chance. If they weren't being set by you somehow, they wouldn't be
the
same.
> Now in a normal run the 2 ids appear to be different as found
> out from debug session on my setup. However on some occasion
> the ids are set as same and it is at that time that this
> exception ensues. Also there seems to be no external way of
> setting up/configuring that saml library that might take care of this.
I see no possible way they could be the same. Simply isn't statistically
possible. If you come up with any way for that to happen, you can report
it
as a bug, but I can't see it.
You can always generate the IDs with the ID generator class and pass the
ID
in, but I see no reason for doing that in most cases.
-- Scott
2007-01-08 15:39:22,870 INFO [STDOUT]
[WARN]checkAndReturnSAMLIdentifierIfNeeded: FOUND EQUAL : SAMLRespone ID
a7364b9f925e388541dac072cca6ab74 AssertionID :
a7364b9f925e388541dac072cca6ab74
2007-01-08 15:39:22,870 INFO [STDOUT] Offending trace :
2007-01-08 15:39:22,870 INFO [STDOUT] java.lang.Exception
2007-01-08 15:39:22,870 INFO [STDOUT] at
com.adobe.idp.um.util.SAMLHelper.checkAndReturnSAMLIdentifierIfNeeded(SAMLHelper.java:446)
2007-01-08 15:39:22,885 INFO [STDOUT] at
com.adobe.idp.um.util.SAMLHelper.createSAMLResponse(SAMLHelper.java:431)
2007-01-08 15:39:22,885 INFO [STDOUT] at
com.adobe.idp.um.util.SAMLHelper.createPostProfileSAMLResponse(SAMLHelper.java:162)
2007-01-08 15:39:22,885 INFO [STDOUT] at
com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean.getSSOToken(AuthenticationManagerBean.java:444)
2007-01-08 15:39:22,885 INFO [STDOUT] at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2007-01-08 15:39:22,885 INFO [STDOUT] at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
2007-01-08 15:39:22,885 INFO [STDOUT] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2007-01-08 15:39:22,885 INFO [STDOUT] at
java.lang.reflect.Method.invoke(Method.java:585)
2007-01-08 15:39:22,885 INFO [STDOUT] at
org.jboss.invocation.Invocation.performCall(Invocation.java:345)
2007-01-08 15:39:22,885 INFO [STDOUT] at
org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:214)
2007-01-08 15:39:22,885 INFO [STDOUT] at
org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:149)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:154)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.webservice.server.ServiceEndpointInterceptor.invoke(ServiceEndpointInterceptor.java:54)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:48)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:106)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:363)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:166)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:153)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:192)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:624)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.Container.invoke(Container.java:873)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:415)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:88)
2007-01-08 15:39:22,901 INFO [STDOUT] at $Proxy264.getSSOToken(Unknown
Source)
2007-01-08 15:39:22,901 INFO [STDOUT] at
com.adobe.idp.um.api.impl.AuthenticationManagerImpl.getSSOToken(AuthenticationManagerImpl.java:258)
2007-01-08 15:39:22,901 INFO [STDOUT] at
com.adobe.framework.UITools.getSSOToken(UITools.java:304)
2007-01-08 15:39:22,901 INFO [STDOUT] at
com.adobe.admin.bean.FeaturesBean.getSSOToken(FeaturesBean.java:147)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.apache.jsp.postsso_jsp._jspService(org.apache.jsp.postsso_jsp:114)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
2007-01-08 15:39:22,901 INFO [STDOUT] at
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:322)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
2007-01-08 15:39:22,901 INFO [STDOUT] at
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
2007-01-08 15:39:22,901 INFO [STDOUT] at
sun.reflect.GeneratedMethodAccessor359.invoke(Unknown Source)
2007-01-08 15:39:22,901 INFO [STDOUT] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2007-01-08 15:39:22,901 INFO [STDOUT] at
java.lang.reflect.Method.invoke(Method.java:585)
2007-01-08 15:39:22,901 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
2007-01-08 15:39:22,917 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,917 INFO [STDOUT] at
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:245)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:50)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156)
2007-01-08 15:39:22,917 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationDispatcher.access$000(ApplicationDispatcher.java:66)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationDispatcher$PrivilegedForward.run(ApplicationDispatcher.java:81)
2007-01-08 15:39:22,917 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:293)
2007-01-08 15:39:22,917 INFO [STDOUT] at
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:322)
2007-01-08 15:39:22,917 INFO [STDOUT] at
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:130)
2007-01-08 15:39:22,917 INFO [STDOUT] at
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:87)
2007-01-08 15:39:22,917 INFO [STDOUT] at
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
2007-01-08 15:39:22,917 INFO [STDOUT] at
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:117)
2007-01-08 15:39:22,917 INFO [STDOUT] at
javax.faces.webapp.FacesServlet.service(FacesServlet.java:198)
2007-01-08 15:39:22,917 INFO [STDOUT] at
sun.reflect.GeneratedMethodAccessor567.invoke(Unknown Source)
2007-01-08 15:39:22,917 INFO [STDOUT] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2007-01-08 15:39:22,917 INFO [STDOUT] at
java.lang.reflect.Method.invoke(Method.java:585)
2007-01-08 15:39:22,917 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,932 INFO [STDOUT] at
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:245)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:50)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152)
2007-01-08 15:39:22,932 INFO [STDOUT] at
com.adobe.framework.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:161)
2007-01-08 15:39:22,932 INFO [STDOUT] at
sun.reflect.GeneratedMethodAccessor358.invoke(Unknown Source)
2007-01-08 15:39:22,932 INFO [STDOUT] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.lang.reflect.Method.invoke(Method.java:585)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,932 INFO [STDOUT] at
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:217)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:197)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:50)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152)
2007-01-08 15:39:22,932 INFO [STDOUT] at
com.adobe.idp.um.auth.filter.PortalSSOFilter.doFilter(PortalSSOFilter.java:113)
2007-01-08 15:39:22,932 INFO [STDOUT] at
sun.reflect.GeneratedMethodAccessor356.invoke(Unknown Source)
2007-01-08 15:39:22,932 INFO [STDOUT] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.lang.reflect.Method.invoke(Method.java:585)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,932 INFO [STDOUT] at
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:217)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:197)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:50)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156)
2007-01-08 15:39:22,932 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152)
2007-01-08 15:39:22,932 INFO [STDOUT] at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:81)
2007-01-08 15:39:22,948 INFO [STDOUT] at
sun.reflect.GeneratedMethodAccessor357.invoke(Unknown Source)
2007-01-08 15:39:22,948 INFO [STDOUT] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2007-01-08 15:39:22,948 INFO [STDOUT] at
java.lang.reflect.Method.invoke(Method.java:585)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
2007-01-08 15:39:22,948 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,948 INFO [STDOUT] at
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:217)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:197)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:50)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156)
2007-01-08 15:39:22,948 INFO [STDOUT] at
java.security.AccessController.doPrivileged(Native Method)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:152)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:39)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:159)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
2007-01-08 15:39:22,948 INFO [STDOUT] at
org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
2007-01-08 15:39:22,948 INFO [STDOUT] at
java.lang.Thread.run(Thread.java:595)
2007-01-08 15:39:22,948 INFO [STDOUT] checkAndReturnSAMLIdentifierIfNeeded :
Attempt to get New ID # 0
2007-01-08 15:39:24,448 INFO [STDOUT] checkAndReturnSAMLIdentifierIfNeeded :
Attempt to get New ID # 1
2007-01-08 15:39:25,948 INFO [STDOUT] checkAndReturnSAMLIdentifierIfNeeded :
Attempt to get New ID # 2
2007-01-08 15:39:27,463 INFO [STDOUT] checkAndReturnSAMLIdentifierIfNeeded :
Attempt to get New ID # 3
2007-01-08 15:39:28,964 INFO [STDOUT] checkAndReturnSAMLIdentifierIfNeeded :
Attempt to get New ID # 4
2007-01-08 15:39:30,542 INFO [STDOUT] Error : createAssertion flag : true
2007-01-08 15:39:30,542 INFO [STDOUT] Error on ssoToken :
<Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
IssueInstant="2007-01-08T23:39:22.870Z" MajorVersion="1" MinorVersion="1"
Recipient="LiveCycle"
ResponseID="a7364b9f925e388541dac072cca6ab74"><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMethod>
<ds:Reference URI="#a7364b9f925e388541dac072cca6ab74">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="code ds kind
rw saml samlp typens #default"></ec:InclusiveNamespaces></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>hluVA5vy7m0ShT+8SDGUJKCM7Uo=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>/Sr3FEQAjpgt6+ZePUhRuUYruZY=</ds:SignatureValue>
</ds:Signature><Status><StatusCode
Value="samlp:Success"></StatusCode></Status><Assertion
xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
AssertionID="a7364b9f925e388541dac072cca6ab74"
IssueInstant="2007-01-08T23:39:22.870Z" Issuer="LiveCycle" MajorVersion="1"
MinorVersion="1"><Conditions NotBefore="2007-01-08T23:39:22.870Z"
NotOnOrAfter="2007-01-08T23:44:22.870Z"></Conditions><AuthenticationStatement
AuthenticationInstant="2007-01-08T23:39:22.870Z"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"><Subject><NameIdentifier
NameQualifier="DefaultDom">administrator</NameIdentifier><SubjectConfirmation><ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod></SubjectConfirmation></Subject></AuthenticationStatement></Assertion></Response>
2007-01-08 15:39:30,573 WARN
[com.adobe.idp.common.errors.exception.IDPLoggedException]
UserM:GENERIC_WARNING: [Thread Hashcode: 5426428] |
[com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean]
errorCode:16386 errorCodeHEX:0x4002 message:null
chainedException:org.xml.sax.SAXParseException: cvc-id.2: There are multiple
occurrences of ID value
'a7364b9f925e388541dac072cca6ab74'.chainedExceptionMessage:cvc-id.2: There
are multiple occurrences of ID value 'a7364b9f925e388541dac072cca6ab74'.
chainedException trace:org.xml.sax.SAXParseException: cvc-id.2: There are
multiple occurrences of ID value 'a7364b9f925e388541dac072cca6ab74'.
at
org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown
Source)
at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at
org.apache.xerces.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(Unknown
Source)
at
org.apache.xerces.impl.xs.XMLSchemaValidator.reportSchemaError(Unknown Source)
at
org.apache.xerces.impl.xs.XMLSchemaValidator.processOneAttribute(Unknown
Source)
at
org.apache.xerces.impl.xs.XMLSchemaValidator.processAttributes(Unknown Source)
at
org.apache.xerces.impl.xs.XMLSchemaValidator.handleStartElement(Unknown
Source)
at org.apache.xerces.impl.xs.XMLSchemaValidator.startElement(Unknown
Source)
at
org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown
Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown
Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.opensaml.XML$ParserPool.parse(Unknown Source)
at com.adobe.idp.um.util.SAMLHelper.parse(SAMLHelper.java:138)
private SAMLResponse createSAMLResponse(String recipient,
String issuer,
Collection audiences,
String name,
String nameQualifier,
String format,
String subjectIP,
String authMethod,
Date authInstant,
Collection bindings,
int ttlMilliSecs)
throws SAMLException
{
logger.debug("Creating SAML Response.");
if (recipient == null || recipient.length() == 0)
throw new SAMLException(SAMLException.RESPONDER,
"SAMLPOSTProfile.prepare() requires recipient");
Vector conditions = new Vector(1);
if (audiences != null && audiences.size() > 0)
conditions.add(new
SAMLAudienceRestrictionCondition(audiences));
String[] confirmationMethods = {SAMLSubject.CONF_BEARER};
SAMLSubject subject = new SAMLSubject(new
SAMLNameIdentifier(name, nameQualifier, format),
Arrays.asList(confirmationMethods), null,
null);
//statements do not contain any id
SAMLStatement[] statements =
{new SAMLAuthenticationStatement(subject, authMethod,
authInstant, subjectIP, null, bindings)};
//assertion has an id
SAMLAssertion[] assertions = {
new SAMLAssertion(issuer, new
Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() +
ttlMilliSecs),
conditions,
null, Arrays.asList(statements))
};
//no id passed in or setup...
SAMLResponse smlResp = new SAMLResponse(null, recipient,
Arrays.asList(assertions), null);
//Post process SAML resp to see if for some reason ids have
matched. if yes, we will change them
String sid = null;
if ((sid =
checkAndReturnSAMLIdentifierIfNeeded(smlResp.getId(), assertions[0].getId()
)) != null){ //just 1 assertion for now...
//set up sid in response...
smlResp.setId(sid);
}
return smlResp;
}
//This is just a hack. perhaps it will give a clue as to what path is
creating a dubious IDs that fail subsequent parsing...
private String checkAndReturnSAMLIdentifierIfNeeded(String srId,
String assertionId){
if(assertionId.equals(srId) == true){ //both are same ans we
have an issue!
int count = 0;
String samlRespStr = null;
//weird case ... ! why is assertionid == ResponseId??
System.out.println("[WARN]checkAndReturnSAMLIdentifierIfNeeded: FOUND EQUAL :
SAMLRespone ID " + srId + " AssertionID : " + assertionId);
System.out.println("Offending trace : ");
try{ throw new Exception();}catch(Exception e){
e.printStackTrace();} //get the stacktrace
do{
System.out.println("checkAndReturnSAMLIdentifierIfNeeded : Attempt to get New
ID # " + count++);
samlRespStr = new
SAMLIdentifier().toString();
if(!samlRespStr.equals(srId)){
System.out.println("checkAndReturnSAMLIdentifierIfNeeded : Got non matching
ID - " + samlRespStr + " on count : " + count);
return samlRespStr;
}
try{ Thread.sleep(1500);} catch (Exception e)
{ //sleep for 1.5 secs before trying again... we dont want to hogg the cpu
// TODO: handle exception
}
}while(count < 5);//try 5 times and come out
}//they are unqual... no issues!
return null;
}
- RE: Getting Exception: There are multiple occurrences of ID value, Gitesh Malik, 01/09/2007
- RE: Getting Exception: There are multiple occurrences of ID value, Scott Cantor, 01/09/2007
- RE: Getting Exception: There are multiple occurrences of ID value, Gitesh Malik, 01/10/2007
- Re: Getting Exception: There are multiple occurrences of ID value, Tom Scavo, 01/10/2007
- RE: Getting Exception: There are multiple occurrences of ID value, Gitesh Malik, 01/10/2007
- RE: Getting Exception: There are multiple occurrences of ID value, Scott Cantor, 01/09/2007
Archive powered by MHonArc 2.6.16.