[keycloak-dev] Saml authentication Signature verification Exception when Special Characters is the username
rony joy
ronyjoy at gmail.com
Wed Nov 23 10:52:47 EST 2016
Created Jira Issue
https://issues.jboss.org/browse/KEYCLOAK-3971
thanks
Rony Joy
On Wed, Nov 23, 2016 at 1:35 AM Hynek Mlnarik <hmlnarik at redhat.com> wrote:
> Could you please create JIRA?
>
> On Wed, Nov 23, 2016 at 6:35 AM, rony joy <ronyjoy at gmail.com> wrote:
>
> Hi All,
>
> We are getting signature verification exception at the client side after
> Idp successfully authenticated the user("RoàåéèíñòøöùüßÅÄÖÜ") when the user
> id contains special characters.
>
> *UserName : RoàåéèíñòøöùüßÅÄÖÜ*
> *Following are the keycloak settings. *
> *Encryption req: false*
> *Sign Document : true*
>
> *Please find the below exception at the client side*
>
>
>
> 05:25:23at
>
> org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHandler.verifyPostBindingSignature(AbstractSamlAuthenticationHandler.java:480)se
> signature: org.keycloak.com
> mon.Veriat
>
> org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHandler.validateSamlSignature(AbstractSamlAuthenticationHandler.java:261)
> at
>
> org.keycloak.adapters.saml.profile.webbrowsersso.SamlEndpoint.handle(SamlEndpoint.java:44)stractSamlAuthenticationHandler.java:183)
> at
>
> org.keycloak.adapters.saml.undertow.AbstractSamlAuthMech.authenticate(AbstractSamlAuthMech.java:115)
> at
>
> io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:263)
> at
>
> io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:125)31)
> at
>
> io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92)9)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)(ServletAuthenticationCallHandler.java:55)
> at
>
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)3)
> at
>
> io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)ndler.java:64)
> at
>
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> at
>
> io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> at
>
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)java:292)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> at
>
> io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)tupAction.java:48)
> at
>
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> at
>
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)44)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805)
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
>
> --
>
> --Hynek
>
More information about the keycloak-dev
mailing list