You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Vishnu Radhakrishnan <vi...@10point1.com> on 2015/06/16 21:26:03 UTC
fed decrypt error
I am getting the below error while decrypting the RST.
All the certificates seems to be in place not sure why its erroring out. Any
help regarding the below would be great.
Thanks,
Vishnu
[http-bio-8080-exec-10] INFO
org.apache.cxf.fediz.core.FederationProcessorImpl - +++++++++++++++++DEBUG
INFO+++++++++++++++++++++++++++++
2015-06-16 19:21:12,261 ERROR Merlin - Cannot find key for alias:
[bamssouat] in keystore of type [JKS] from provider [SUN version 1.7] with
size [7] and aliases: {bamsso_rootcert, bamssouat, bamssoselfsigned,
bamssokeyuat, mykey, bam_devsso, mykeyname}
[http-bio-8080-exec-10] INFO
org.apache.cxf.fediz.core.FederationProcessorImpl - The signature or
decryption was invalid
org.apache.ws.security.WSSecurityException: The signature or decryption was
invalid
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encrypted
KeyProcessor.java:163)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encrypted
KeyProcessor.java:66)
at
org.apache.ws.security.processor.EncryptedDataProcessor.handleToken(Encrypte
dDataProcessor.java:113)
at
org.apache.cxf.fediz.core.FederationProcessorImpl.decryptEncryptedRST(Federa
tionProcessorImpl.java:295)
at
org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInRequest(Feder
ationProcessorImpl.java:184)
at
org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(FederationP
rocessorImpl.java:85)
at
org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider.
authenticateNow(FederationAuthenticationProvider.java:126)
at
org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider.
authenticate(FederationAuthenticationProvider.java:109)
at
com.w1.auth.sso.FedizAuthenticationProvider.authenticate(FedizAuthentication
Provider.java:29)
at
org.springframework.security.authentication.ProviderManager.authenticate(Pro
viderManager.java:156)
at
org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter.attemptAuthen
tication(FederationAuthenticationFilter.java:62)
at
com.w1.auth.sso.InstreamFederationAuthenticationFilter.attemptAuthentication
(InstreamFederationAuthenticationFilter.java:28)
at
org.springframework.security.web.authentication.AbstractAuthenticationProces
singFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)
at
com.w1.auth.sso.DelegatingAuthenticationProcessingFilter.doFilter(Delegating
AuthenticationProcessingFilter.java:40)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
r(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.AbstractAuthenticationProces
singFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
r(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter
(LogoutFilter.java:105)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
r(FilterChainProxy.java:342)
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.do
Filter(SecurityContextPersistenceFilter.java:65)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
r(FilterChainProxy.java:342)
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterCha
inProxy.java:192)
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.
java:166)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegati
ngFilterProxy.java:343)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilt
erProxy.java:260)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:208)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.
java:748)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDis
patcher.java:486)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatch
er.java:411)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher
.java:338)
at
com.w1.auth.sso.AutenticationResource.federationLogout(AutenticationResource
.java:207)
at
com.w1.auth.sso.AutenticationResource$Proxy$_$$_WeldClientProxy.federationLo
gout(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57
)
Re: fed decrypt error
Posted by Colm O hEigeartaigh <co...@apache.org>.
Does your service keystore have the private key for "bamssouat" in it? Or
just the certificate? What is the output of "keytool -list -keystore
<keystore.jks> -v"?
Colm.
On Tue, Jun 16, 2015 at 8:26 PM, Vishnu Radhakrishnan <vi...@10point1.com>
wrote:
> I am getting the below error while decrypting the RST.
>
>
>
> All the certificates seems to be in place not sure why its erroring out.
> Any
> help regarding the below would be great.
>
>
>
> Thanks,
>
>
>
> Vishnu
>
> [http-bio-8080-exec-10] INFO
> org.apache.cxf.fediz.core.FederationProcessorImpl - +++++++++++++++++DEBUG
> INFO+++++++++++++++++++++++++++++
>
> 2015-06-16 19:21:12,261 ERROR Merlin - Cannot find key for alias:
> [bamssouat] in keystore of type [JKS] from provider [SUN version 1.7] with
> size [7] and aliases: {bamsso_rootcert, bamssouat, bamssoselfsigned,
> bamssokeyuat, mykey, bam_devsso, mykeyname}
>
> [http-bio-8080-exec-10] INFO
> org.apache.cxf.fediz.core.FederationProcessorImpl - The signature or
> decryption was invalid
>
> org.apache.ws.security.WSSecurityException: The signature or decryption was
> invalid
>
> at
>
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encrypted
> KeyProcessor.java:163)
>
> at
>
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encrypted
> KeyProcessor.java:66)
>
> at
>
> org.apache.ws.security.processor.EncryptedDataProcessor.handleToken(Encrypte
> dDataProcessor.java:113)
>
> at
>
> org.apache.cxf.fediz.core.FederationProcessorImpl.decryptEncryptedRST(Federa
> tionProcessorImpl.java:295)
>
> at
>
> org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInRequest(Feder
> ationProcessorImpl.java:184)
>
> at
>
> org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(FederationP
> rocessorImpl.java:85)
>
> at
>
> org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider.
> authenticateNow(FederationAuthenticationProvider.java:126)
>
> at
>
> org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider.
> authenticate(FederationAuthenticationProvider.java:109)
>
> at
>
> com.w1.auth.sso.FedizAuthenticationProvider.authenticate(FedizAuthentication
> Provider.java:29)
>
> at
>
> org.springframework.security.authentication.ProviderManager.authenticate(Pro
> viderManager.java:156)
>
> at
>
> org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter.attemptAuthen
> tication(FederationAuthenticationFilter.java:62)
>
> at
>
> com.w1.auth.sso.InstreamFederationAuthenticationFilter.attemptAuthentication
> (InstreamFederationAuthenticationFilter.java:28)
>
> at
>
> org.springframework.security.web.authentication.AbstractAuthenticationProces
> singFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)
>
> at
>
> com.w1.auth.sso.DelegatingAuthenticationProcessingFilter.doFilter(Delegating
> AuthenticationProcessingFilter.java:40)
>
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
> r(FilterChainProxy.java:342)
>
> at
>
> org.springframework.security.web.authentication.AbstractAuthenticationProces
> singFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183)
>
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
> r(FilterChainProxy.java:342)
>
> at
>
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter
> (LogoutFilter.java:105)
>
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
> r(FilterChainProxy.java:342)
>
> at
>
> org.springframework.security.web.context.SecurityContextPersistenceFilter.do
> Filter(SecurityContextPersistenceFilter.java:65)
>
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilte
> r(FilterChainProxy.java:342)
>
> at
>
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterCha
> inProxy.java:192)
>
> at
>
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.
> java:166)
>
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegati
> ngFilterProxy.java:343)
>
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilt
> erProxy.java:260)
>
> at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
> FilterChain.java:241)
>
> at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
> ain.java:208)
>
> at
>
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.
> java:748)
>
> at
>
> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDis
> patcher.java:486)
>
> at
>
> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatch
> er.java:411)
>
> at
>
> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher
> .java:338)
>
> at
>
> com.w1.auth.sso.AutenticationResource.federationLogout(AutenticationResource
> .java:207)
>
> at
>
> com.w1.auth.sso.AutenticationResource$Proxy$_$$_WeldClientProxy.federationLo
> gout(Unknown Source)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57
> )
>
>
>
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com