[keycloak-dev] Saml authentication Signature verification Exception when Special Characters is the username
Hynek Mlnarik
hmlnarik at redhat.com
Wed Nov 23 02:35:21 EST 2016
Could you please create JIRA?
On Wed, Nov 23, 2016 at 6:35 AM, rony joy <ronyjoy at gmail.com> wrote:
> Hi All,
>
> We are getting signature verification exception at the client side after
> Idp successfully authenticated the user("RoàåéèíñòøöùüßÅÄÖÜ") when the user
> id contains special characters.
>
> *UserName : RoàåéèíñòøöùüßÅÄÖÜ*
> *Following are the keycloak settings. *
> *Encryption req: false*
> *Sign Document : true*
>
> *Please find the below exception at the client side*
>
> 05:25:23at
> org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHandler.
> verifyPostBindingSignature(AbstractSamlAuthenticationHandler.java:480)se
> signature: org.keycloak.com
> mon.Veriat
> org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHand
> ler.validateSamlSignature(AbstractSamlAuthenticationHandler.java:261)
> at
> org.keycloak.adapters.saml.profile.webbrowsersso.SamlEndpoint.handle(
> SamlEndpoint.java:44)stractSamlAuthenticationHandler.java:183)
> at
> org.keycloak.adapters.saml.undertow.AbstractSamlAuthMech.authenticate(
> AbstractSamlAuthMech.java:115)
> at
> io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(
> SecurityContextImpl.java:263)
> at
> io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(
> SecurityContextImpl.java:125)31)
> at
> io.undertow.security.impl.SecurityContextImpl.authenticate(
> SecurityContextImpl.java:92)9)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(
> PredicateHandler.java:43)(ServletAuthenticationCallHandler.java:55)
> at
> io.undertow.security.handlers.AbstractConfidentialityHandler
> .handleRequest(AbstractConfidentialityHandler.java:46)3)
> at
> io.undertow.servlet.handlers.security.ServletSecurityConstraintHandl
> er.handleRequest(ServletSecurityConstraintHandler.java:59)ndler.java:64)
> at
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHand
> ler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> at
> io.undertow.security.handlers.AbstractSecurityContextAssocia
> tionHandler.handleRequest(AbstractSecurityContextAssocia
> tionHandler.java:43)
> at
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.
> handleRequest(JACCContextIdHandler.java:61)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(
> PredicateHandler.java:43)
> at
> io.undertow.servlet.handlers.ServletInitialHandler.access$
> 100(ServletInitialHandler.java:81)java:292)
> at
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(
> ServletInitialHandler.java:135)
> at
> io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(
> ContextClassLoaderSetupAction.java:43)tupAction.java:48)
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(
> LegacyThreadSetupActionWrapper.java:44)
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(
> LegacyThreadSetupActionWrapper.java:44)
> at
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(
> ServletInitialHandler.java:272)44)
> at
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(
> ServletInitialHandler.java:104)
> at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
--Hynek
More information about the keycloak-dev
mailing list