[jira] [Commented] (SANTUARIO-312) Cannot resolve element with ID error when signing SAML Assertion element with ID attribute

["Scott Cantor (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/SANTUARIO-312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13258928#comment-13258928 ] 

Scott Cantor commented on SANTUARIO-312:
----------------------------------------

More than likely this is your bug, not Santuario's. I believe the 1.4->1.5 switch is when Santuario was fixed to stop assuming IDness based on attribute names. Your SAML code is responsible for establishing the IDness of the ID attribute in the DOM. If it's not doing that, then you can't count on something else doing it for you unless you use a validating parser and the schema(s).

You can also, I believe, supply your own IDResolver component.
                
> Cannot resolve element with ID error when signing SAML Assertion element with ID attribute
> ------------------------------------------------------------------------------------------
>
>                 Key: SANTUARIO-312
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-312
>             Project: Santuario
>          Issue Type: Bug
>    Affects Versions: Java 1.5.1
>            Reporter: Murali Gunasekaran
>            Assignee: Colm O hEigeartaigh
>         Attachments: TestSignAssertion.java, assertion.xml, client.jks
>
>
> When trying to sign a SAML 2.0 Assertion XML element using the Apache XML Security provider (org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI), the below error is thrown and operation fails. This is seen in xmlsec 1.5.1 (java).
> However, using this provider (which is part of Java 6 and also was part of xmlsec 1.4.5) - org.jcp.xml.dsig.internal.dom.XMLDSigRI  does not result in any error.
> Please see attached test code to repro the problem.
> ------- Unit test output ----------
> XMLSignatureFactory class = org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory
> javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:419)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:347)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:471)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:370)
> 	at example.xmlseclib.TestSignAssertion.testSign(TestSignAssertion.java:117)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> 	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> 	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> 	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> 	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
> 	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
> 	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
> 	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
> 	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
> 	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
> 	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> 	at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
> 	at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
> 	at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:76)
> 	at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:182)
> 	at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:62)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
> Caused by: javax.xml.crypto.URIReferenceException: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:122)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:413)
> 	... 32 more
> Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
> 	at org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(ResolverFragment.java:86)
> 	at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:279)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:115)
> 	... 33 more
> javax.xml.crypto.URIReferenceException: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:122)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:413)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:347)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:471)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:370)
> 	at example.xmlseclib.TestSignAssertion.testSign(TestSignAssertion.java:117)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> 	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> 	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> 	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> 	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
> 	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
> 	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
> 	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
> 	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
> 	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
> 	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> 	at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
> 	at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
> 	at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:76)
> 	at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:182)
> 	at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:62)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
> Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
> 	at org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(ResolverFragment.java:86)
> 	at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:279)
> 	at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:115)
> 	... 33 more
> Process finished with exit code 255

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira