<div dir="ltr"><div>The signature algorithm is DSA_SHA1.</div><div><br></div>Note: Sorry, didn&#39;t reply all.<br><br><div class="gmail_quote"><div dir="ltr">On Tue, May 3, 2016 at 5:02 PM Bill Burke &lt;<a href="mailto:bburke@redhat.com">bburke@redhat.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    <p>What signature algorithm is configured?<br>
    </p></div><div bgcolor="#FFFFFF" text="#000000">
    <br>
    <div>On 5/3/2016 10:59 AM, Emanuel Couto
      wrote:<br>
    </div>
    </div><div bgcolor="#FFFFFF" text="#000000"><blockquote type="cite">
      <div dir="ltr">I&#39;m getting the following error when trying to
        connect to a SAML 2.0 identity provider:
        <div><br>
        </div>
        <div>
          <div>15:57:50,387 ERROR [org.keycloak.services] (default
            task-27) couldNotSendAuthenticationRequestMessage:
            org.keycloak.broker.provider.IdentityBrokerException: Could
            not create authentication request.</div>
          <div>        at
org.keycloak.broker.saml.SAMLIdentityProvider.performLogin(SAMLIdentityProvider.java:124)</div>
          <div>        at
org.keycloak.services.resources.IdentityBrokerService.performLogin(IdentityBrokerService.java:157)</div>
          <div>        at
            sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)</div>
          <div>        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)</div>
          <div>        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)</div>
          <div>        at
            java.lang.reflect.Method.invoke(Method.java:497)</div>
          <div>        at
org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139)</div>
          <div>        at
org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)</div>
          <div>        at
org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)</div>
          <div>        at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138)</div>
          <div>        at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)</div>
          <div>        at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395)</div>
          <div>        at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202)</div>
          <div>        at
org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221)</div>
          <div>        at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)</div>
          <div>        at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)</div>
          <div>        at
            javax.servlet.http.HttpServlet.service(HttpServlet.java:790)</div>
          <div>        at
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)</div>
          <div>        at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)</div>
          <div>        at
org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:88)</div>
          <div>        at
            io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)</div>
          <div>        at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)</div>
          <div>        at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)</div>
          <div>        at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)</div>
          <div>        at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)</div>
          <div>        at
org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)</div>
          <div>        at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)</div>
          <div>        at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)</div>
          <div>        at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)</div>
          <div>        at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)</div>
          <div>        at
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)</div>
          <div>        at
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)</div>
          <div>        at
            io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)</div>
          <div>        at
            io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)</div>
          <div>        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)</div>
          <div>        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)</div>
          <div>        at java.lang.Thread.run(Thread.java:745)</div>
          <div>Caused by:
            org.keycloak.saml.common.exceptions.ProcessingException:
            javax.xml.crypto.dsig.XMLSignatureException: PL00100:
            Signing Process Failure:</div>
          <div>        at
org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:162)</div>
          <div>        at
org.keycloak.saml.BaseSAML2BindingBuilder.signDocument(BaseSAML2BindingBuilder.java:266)</div>
          <div>        at
org.keycloak.saml.BaseSAML2BindingBuilder$BasePostBindingBuilder.&lt;init&gt;(BaseSAML2BindingBuilder.java:145)</div>
          <div>        at
org.keycloak.protocol.saml.JaxrsSAML2BindingBuilder$PostBindingBuilder.&lt;init&gt;(JaxrsSAML2BindingBuilder.java:38)</div>
          <div>        at
org.keycloak.protocol.saml.JaxrsSAML2BindingBuilder.postBinding(JaxrsSAML2BindingBuilder.java:87)</div>
          <div>        at
org.keycloak.broker.saml.SAMLIdentityProvider.performLogin(SAMLIdentityProvider.java:119)</div>
          <div>        ... 48 more</div>
          <div>Caused by: javax.xml.crypto.dsig.XMLSignatureException:
            PL00100: Signing Process Failure:</div>
          <div>        at
org.keycloak.saml.common.DefaultPicketLinkLogger.signatureError(DefaultPicketLinkLogger.java:184)</div>
          <div>        ... 54 more</div>
          <div>Caused by: javax.xml.crypto.dsig.XMLSignatureException:
            java.security.InvalidKeyException: can&#39;t identify DSA
            private key.</div>
          <div>        at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:403)</div>
          <div>        at
org.keycloak.saml.processing.core.util.XMLSignatureUtil.signImpl(XMLSignatureUtil.java:624)</div>
          <div>        at
org.keycloak.saml.processing.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:347)</div>
          <div>        at
org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:143)</div>
          <div>        at
org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:160)</div>
          <div>        ... 53 more</div>
          <div>Caused by: java.security.InvalidKeyException: can&#39;t
            identify DSA private key.</div>
          <div>        at
org.bouncycastle.jcajce.provider.asymmetric.dsa.DSAUtil.generatePrivateKeyParameter(Unknown
            Source)</div>
          <div>        at
org.bouncycastle.jcajce.provider.asymmetric.dsa.DSASigner.engineInitSign(Unknown
            Source)</div>
          <div>        at
            java.security.Signature$Delegate.init(Signature.java:1152)</div>
          <div>        at
            java.security.Signature$Delegate.chooseProvider(Signature.java:1112)</div>
          <div>        at
            java.security.Signature$Delegate.engineInitSign(Signature.java:1176)</div>
          <div>        at
            java.security.Signature.initSign(Signature.java:527)</div>
          <div>        at
org.apache.jcp.xml.dsig.internal.dom.DOMSignatureMethod.sign(DOMSignatureMethod.java:267)</div>
          <div>        at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:399)</div>
          <div>        ... 57 more</div>
        </div>
        <div><br>
        </div>
        <div>I don&#39;t understand this error.</div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      </blockquote></div><div bgcolor="#FFFFFF" text="#000000"><blockquote type="cite"><pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
    <pre cols="72">-- 
Bill Burke
JBoss, a division of Red Hat
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a></pre>
  </div>

_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote></div></div>