Hello,
Anybody have any clue what could be causing this "silent exception" when DEBUG level logging is used, to SP's log. IOException is written to log all the time. Thus SAML authentication is working ok / normally. Using
SSL (https) public addresses both with IDP and SP, along with signed & encrypted SAML assertions. Public certificates are good and ok!
2016-04-19 13:25:26,441 DEBUG [io.undertow.request.io] (default I/O-8) UT005013: An IOException occurred: java.io.IOException: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible
truncation attack?
at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:577)
at io.undertow.protocols.ssl.SslConduit.terminateReads(SslConduit.java:178)
at org.xnio.conduits.ConduitStreamSourceChannel.close(ConduitStreamSourceChannel.java:168)
at org.xnio.IoUtils.safeClose(IoUtils.java:134)
at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.forceTermination(ReadReadyHandler.java:58)
at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.forceTermination(SslConduit.java:1091)
at org.xnio.nio.NioSocketConduit.forceTermination(NioSocketConduit.java:105)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:492)
Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:575)
... 7 more