Hi there
In regards to issuee 4818 (
https://issues.jboss.org/browse/KEYCLOAK-4818),
we are still encountering issue with recognising dsig.
06:54:51,265 WARN [org.keycloak.saml.common] (default task-110) XML
External Entity switches are not supported. You may get XML injection
vulnerabilities.
09:19:31,939 ERROR [io.undertow.request] (default task-245) UT005023:
Exception handling request to
/auth/realms/demo/login-actions/first-broker-login:
org.jboss.resteasy.spi.UnhandledExcept
ion: java.lang.RuntimeException: java.lang.RuntimeException:
com.ctc.wstx.exc.WstxParsingException: Undeclared namespace prefix "dsig"
at [row,col {unknown-source}]: [1,914]
at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(
ExceptionHandler.java:78)
at org.jboss.resteasy.core.ExceptionHandler.handleException(
ExceptionHandler.java:222)
at org.jboss.resteasy.core.SynchronousDispatcher.writeException(
SynchronousDispatcher.java:179)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(
SynchronousDispatcher.java:422)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(
SynchronousDispatcher.java:213)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.
service(ServletContainerDispatcher.java:228)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(
HttpServletDispatcher.java:56)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(
HttpServletDispatcher.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(
ServletHandler.java:85)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.
doFilter(FilterHandler.java:129)
at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(
KeycloakSessionServletFilter.java:90)