6:28 p.m.
Hi Hynek
Keycloak 3.3.0 Final is still broken for issue KEYCLOAK-4818.
https://issues.jboss.org/browse/KEYCLOAK-4818
The SAML dsig error occurred in SAMLDataMarshaller.*deserialize()* method
The fix for KEYCLOAK-4818 was added to SAMLDataMarshaller.*serialize()* method
however the error occured in SAMLDataMarshaller.*deserialize()* method.
Please refer to the change set report below.
https://source.jboss.org/changelog/Keycloak?cs=
d52d685161336d68413bc633a81b223c66886c7a
I also notice in the change set, the new unit test methods only assert the
serialize() method. The deserialize() test method (ie *testParseResponse()
) does not test *for any dsig namespace.
Are you able to update your unit test and verify the fix? Thank you for
your help.
SAMLDataMarshaller.java line 85
Caused by: java.lang.RuntimeException:
com.ctc.wstx.exc.WstxParsingException: Undeclared namespace prefix
"dsig"
at [row,col
{unknown-source}]: [1,914]
at
org.codehaus.stax2.ri.evt.Stax2FilteredEventReader.hasNext(Stax2FilteredEventReader.java:58)
at
org.keycloak.saml.processing.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:84)
at
org.keycloak.saml.processing.core.parsers.saml.SAMLResponseParser.parse(SAMLResponseParser.java:73)
at org.keycloak.saml.processing.core.parsers.saml.SAMLParser.parse(SAMLParser.java:81)
at org.keycloak.saml.common.parsers.AbstractParser.parse(AbstractParser.java:90)
at org.keycloak.broker.saml.SAMLDataMarshaller.deserialize(SAMLDataMarshaller.java:85)
at
org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext.deserialize(SerializedBrokeredIdentityContext.java:277)
Best Regards
Michael Mok
11:43 a.m.
Hi Michael
I appreciate your diligence in testing this issue. Thank you for filing the
https://issues.jboss.org/browse/KEYCLOAK-5581 issue which did not stay
without investigation. Please note that I am aware of the issue and
repeated notification on ML would not help increase awareness. As always,
community contribution is welcome, it needs a proper test and would be
appreciated.
Regards
--Hynek
On Sat, Oct 28, 2017 at 1:28 AM, Michael Mok <teatimej(a)gmail.com> wrote:
Hi Hynek
Keycloak 3.3.0 Final is still broken for issue KEYCLOAK-4818.
https://issues.jboss.org/browse/KEYCLOAK-4818
The SAML dsig error occurred in SAMLDataMarshaller.*deserialize()* method
The fix for KEYCLOAK-4818 was added to SAMLDataMarshaller.*serialize()* method
however the error occured in SAMLDataMarshaller.*deserialize()* method.
Please refer to the change set report below.
https://source.jboss.org/changelog/Keycloak?cs=d52d685161336
d68413bc633a81b223c66886c7a
I also notice in the change set, the new unit test methods only assert the
serialize() method. The deserialize() test method (ie *testParseResponse()
) does not test *for any dsig namespace.
Are you able to update your unit test and verify the fix? Thank you for
your help.
SAMLDataMarshaller.java line 85
Caused by: java.lang.RuntimeException: com.ctc.wstx.exc.WstxParsingException: Undeclared
namespace prefix "dsig"
at [row,col
{unknown-source}]: [1,914]
at
org.codehaus.stax2.ri.evt.Stax2FilteredEventReader.hasNext(Stax2FilteredEventReader.java:58)
at
org.keycloak.saml.processing.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:84)
at
org.keycloak.saml.processing.core.parsers.saml.SAMLResponseParser.parse(SAMLResponseParser.java:73)
at org.keycloak.saml.processing.core.parsers.saml.SAMLParser.parse(SAMLParser.java:81)
at org.keycloak.saml.common.parsers.AbstractParser.parse(AbstractParser.java:90)
at org.keycloak.broker.saml.SAMLDataMarshaller.deserialize(SAMLDataMarshaller.java:85)
at
org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext.deserialize(SerializedBrokeredIdentityContext.java:277)
Best Regards
Michael Mok
--
--Hynek
2615
days inactive
2617
days old
1 comments
2 participants
participants (2)
-
Hynek Mlnarik -
Michael Mok