Forum Stats

  • 3,768,996 Users
  • 2,252,894 Discussions
  • 7,874,831 Comments

Discussions

SAMLv2 signed metadata signature verification fails with latest JDK

1020398
1020398 Member Posts: 1
edited Mar 21, 2017 4:59AM in Java User Groups Discussions

Signature verification of SAMLv2 metadata is failing with following error message:

-----------

com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverExcept
ion: Cannot resolve element with ID sa93716b9ce3ed85c4be407064b7de77f39e5bb6c_01
        at
com.sun.org.apache.xml.internal.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:665)

-----------

This was working with JDK 1.6.

But now after moving to JDK 1.7 it started failing.

I have gone through following URL:

https://bugs.openjdk.java.net/browse/JDK-8017171

I have tried point #2 (Register the ID elements) in my application, still facing issue.

Please let me know if any thing I am missing or any pointer.

Answers

  • karianna
    karianna Member Posts: 205 Blue Ribbon
    edited Mar 21, 2017 4:59AM

    This probably needs to be moved to the JaaS commmunity.

    I'd also probably try the 3rd option:

    Implement a custom URIDereferencer which can find these references and override the builtin URIDereferencer with the DOMValidateContext.setURIDereferencer method.