<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <p>What signature algorithm is configured?<br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 5/3/2016 10:59 AM, Emanuel Couto
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAM5_DbpSz5dQ9mDz-w4G=R3Fpk51kqPNN-sYgH4rGd5fE7fT6A@mail.gmail.com"
      type="cite">
      <div dir="ltr">I'm getting the following error when trying to
        connect to a SAML 2.0 identity provider:
        <div><br>
        </div>
        <div>
          <div>15:57:50,387 ERROR [org.keycloak.services] (default
            task-27) couldNotSendAuthenticationRequestMessage:
            org.keycloak.broker.provider.IdentityBrokerException: Could
            not create authentication request.</div>
          <div>        at
org.keycloak.broker.saml.SAMLIdentityProvider.performLogin(SAMLIdentityProvider.java:124)</div>
          <div>        at
org.keycloak.services.resources.IdentityBrokerService.performLogin(IdentityBrokerService.java:157)</div>
          <div>        at
            sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)</div>
          <div>        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)</div>
          <div>        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)</div>
          <div>        at
            java.lang.reflect.Method.invoke(Method.java:497)</div>
          <div>        at
org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139)</div>
          <div>        at
org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)</div>
          <div>        at
org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)</div>
          <div>        at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138)</div>
          <div>        at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)</div>
          <div>        at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395)</div>
          <div>        at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202)</div>
          <div>        at
org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221)</div>
          <div>        at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)</div>
          <div>        at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)</div>
          <div>        at
            javax.servlet.http.HttpServlet.service(HttpServlet.java:790)</div>
          <div>        at
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)</div>
          <div>        at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)</div>
          <div>        at
org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:88)</div>
          <div>        at
            io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)</div>
          <div>        at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)</div>
          <div>        at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)</div>
          <div>        at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)</div>
          <div>        at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)</div>
          <div>        at
org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)</div>
          <div>        at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)</div>
          <div>        at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)</div>
          <div>        at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)</div>
          <div>        at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)</div>
          <div>        at
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)</div>
          <div>        at
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)</div>
          <div>        at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)</div>
          <div>        at
            io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)</div>
          <div>        at
            io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)</div>
          <div>        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)</div>
          <div>        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)</div>
          <div>        at java.lang.Thread.run(Thread.java:745)</div>
          <div>Caused by:
            org.keycloak.saml.common.exceptions.ProcessingException:
            javax.xml.crypto.dsig.XMLSignatureException: PL00100:
            Signing Process Failure:</div>
          <div>        at
org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:162)</div>
          <div>        at
org.keycloak.saml.BaseSAML2BindingBuilder.signDocument(BaseSAML2BindingBuilder.java:266)</div>
          <div>        at
org.keycloak.saml.BaseSAML2BindingBuilder$BasePostBindingBuilder.&lt;init&gt;(BaseSAML2BindingBuilder.java:145)</div>
          <div>        at
org.keycloak.protocol.saml.JaxrsSAML2BindingBuilder$PostBindingBuilder.&lt;init&gt;(JaxrsSAML2BindingBuilder.java:38)</div>
          <div>        at
org.keycloak.protocol.saml.JaxrsSAML2BindingBuilder.postBinding(JaxrsSAML2BindingBuilder.java:87)</div>
          <div>        at
org.keycloak.broker.saml.SAMLIdentityProvider.performLogin(SAMLIdentityProvider.java:119)</div>
          <div>        ... 48 more</div>
          <div>Caused by: javax.xml.crypto.dsig.XMLSignatureException:
            PL00100: Signing Process Failure:</div>
          <div>        at
org.keycloak.saml.common.DefaultPicketLinkLogger.signatureError(DefaultPicketLinkLogger.java:184)</div>
          <div>        ... 54 more</div>
          <div>Caused by: javax.xml.crypto.dsig.XMLSignatureException:
            java.security.InvalidKeyException: can't identify DSA
            private key.</div>
          <div>        at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:403)</div>
          <div>        at
org.keycloak.saml.processing.core.util.XMLSignatureUtil.signImpl(XMLSignatureUtil.java:624)</div>
          <div>        at
org.keycloak.saml.processing.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:347)</div>
          <div>        at
org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:143)</div>
          <div>        at
org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:160)</div>
          <div>        ... 53 more</div>
          <div>Caused by: java.security.InvalidKeyException: can't
            identify DSA private key.</div>
          <div>        at
org.bouncycastle.jcajce.provider.asymmetric.dsa.DSAUtil.generatePrivateKeyParameter(Unknown
            Source)</div>
          <div>        at
org.bouncycastle.jcajce.provider.asymmetric.dsa.DSASigner.engineInitSign(Unknown
            Source)</div>
          <div>        at
            java.security.Signature$Delegate.init(Signature.java:1152)</div>
          <div>        at
            java.security.Signature$Delegate.chooseProvider(Signature.java:1112)</div>
          <div>        at
            java.security.Signature$Delegate.engineInitSign(Signature.java:1176)</div>
          <div>        at
            java.security.Signature.initSign(Signature.java:527)</div>
          <div>        at
org.apache.jcp.xml.dsig.internal.dom.DOMSignatureMethod.sign(DOMSignatureMethod.java:267)</div>
          <div>        at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:399)</div>
          <div>        ... 57 more</div>
        </div>
        <div><br>
        </div>
        <div>I don't understand this error.</div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
    <pre class="moz-signature" cols="72">-- 
Bill Burke
JBoss, a division of Red Hat
<a class="moz-txt-link-freetext" href="http://bill.burkecentral.com">http://bill.burkecentral.com</a></pre>
  </body>
</html>