Skip to Main Content

Java User Groups

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

SAMLv2 signed metadata signature verification fails with latest JDK

Santosh Jadhav-OracleMar 21 2017 — edited Mar 21 2017

Signature verification of SAMLv2 metadata is failing with following error message:

-----------

com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverExcept
ion: Cannot resolve element with ID sa93716b9ce3ed85c4be407064b7de77f39e5bb6c_01
        at
com.sun.org.apache.xml.internal.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:665)

-----------

This was working with JDK 1.6.

But now after moving to JDK 1.7 it started failing.

I have gone through following URL:

https://bugs.openjdk.java.net/browse/JDK-8017171

I have tried point #2 (Register the ID elements) in my application, still facing issue.

Please let me know if any thing I am missing or any pointer.

Comments

karianna

This probably needs to be moved to the JaaS commmunity.

I'd also probably try the 3rd option:

Implement a custom URIDereferencer which can find these references and override the builtin URIDereferencer with the DOMValidateContext.setURIDereferencer method.

1 - 1

Post Details

Added on Mar 21 2017
1 comment
239 views