6:25 a.m.
Hello,
Anybody have any clue what could be causing this "silent exception" when DEBUG
level logging is used, to SP's log. IOException is written to log all the time. Thus
SAML authentication is working ok / normally. Using SSL (https) public addresses both with
IDP and SP, along with signed & encrypted SAML assertions. Public certificates are
good and ok!
2016-04-19 13:25:26,441 DEBUG [io.undertow.request.io] (default I/O-8) UT005013: An
IOException occurred: java.io.IOException: javax.net.ssl.SSLException: Inbound closed
before receiving peer's close_notify: possible truncation attack?
at
io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:577)
at
io.undertow.protocols.ssl.SslConduit.terminateReads(SslConduit.java:178)
at
org.xnio.conduits.ConduitStreamSourceChannel.close(ConduitStreamSourceChannel.java:168)
at org.xnio.IoUtils.safeClose(IoUtils.java:134)
at
org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.forceTermination(ReadReadyHandler.java:58)
at
io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.forceTermination(SslConduit.java:1091)
at
org.xnio.nio.NioSocketConduit.forceTermination(NioSocketConduit.java:105)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:492)
Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's
close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at
sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at
sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at
sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at
io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:575)
... 7 more
________________________________
Tämä sähköpostiviesti (liitteineen) saattaa sisältää luottamuksellista tietoa, joka on
tarkoitettu
vain vastaanottajalleen. Jos et ole oikea vastaanottaja, ilmoita viestin lähettäjälle
tapahtuneesta
virheestä ja tuhoa viesti välittömästi. Viestin luvaton julkaiseminen, kopioiminen, jakelu
tai muu
käyttö tai toimenpiteisiin ryhtyminen sen perusteella on ehdottomasti kielletty.
This message (including any attachments) may contain confidential information intended
for
the person or entity to which it is addressed. If you are not the intended recipient,
notify the
sender and delete this message immediately. Notice that disclosing, copying, distributing
or any
other use of the message and its information, or taking any action based on it, is
strictly prohibited.
________________________________