0

WSO2 Identity Server での認証時に問題が発生しています。avis.com という名前の Web ページがあります。このページに入ると、ログイン ボタンをクリックすると、Web ページが WSO2 Identity Server のログイン フォームに移動します。しかし、ユーザー名とパスワードをフォームに入力してログインをクリックすると、次のようなエラー ページが表示されます。

SAML 2.0 based Single Sign-On

Error when processing the authentication request!
Please try login again.

Apache Tomcat ログに、次のエラーが表示されます。

Nov 07, 2013 3:12:32 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [SAML2ConsumerServlet] in context with path [/travelocity.com] threw exception
java.lang.NullPointerException
    at com.travelocity.saml.sso.SamlConsumerManager.getResult(SamlConsumerManager.java:272)
    at com.travelocity.saml.sso.SamlConsumerManager.processResponseMessage(SamlConsumerManager.java:246)
    at com.travelocity.saml.sso.SAML2ConsumerServlet.doPost(SAML2ConsumerServlet.java:73)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:724)

com.avis.saml.sso.SamlConsumerManager.getResult(SamlConsumerManager.java:272):

private Map<String, String> getResult(XMLObject responseXmlObj) {

        if (responseXmlObj.getDOM().getNodeName().equals("saml2p:LogoutResponse")) //line 722{
            return null;
        }

        Response response = (Response) responseXmlObj;

        Assertion assertion = response.getAssertions().get(0);
        Map<String, String> resutls = new HashMap<String, String>(); // line 72

        /*
         * If the request has failed, the IDP shouldn't send an assertion.
         * SSO profile spec 4.1.4.2 <Response> Usage
         */
        if (assertion != null) {

            String subject = assertion.getSubject().getNameID().getValue();
            resutls.put("Subject", subject); // get the subject

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

            if (attributeStatementList != null) {
                // we have received attributes of user
                Iterator<AttributeStatement> attribStatIter = attributeStatementList.iterator();
                while (attribStatIter.hasNext()) {
                    AttributeStatement statment = attribStatIter.next();
                    List<Attribute> attributesList = statment.getAttributes();
                    Iterator<Attribute> attributesIter = attributesList.iterator();
                    while (attributesIter.hasNext()) {
                        Attribute attrib = attributesIter.next();
                        Element value = attrib.getAttributeValues().get(0).getDOM();
                        String attribValue = value.getTextContent();
                        resutls.put(attrib.getName(), attribValue);
                    }
                }
            }
        }
        return resutls;
    }

com.avis.saml.sso.SAML2ConsumerServlet.doPost(SAML2ConsumerServlet.java:72) で

protected void doPost(HttpServletRequest request, HttpServletResponse response)
                                                                                   throws ServletException,
                                                                                   IOException {

        String responseMessage = request.getParameter("SAMLResponse");

        if (responseMessage != null) { /* response from the identity provider */

            Map<String, String> result = consumer.processResponseMessage(responseMessage);

            if (result != null && result.size() == 1) {
                /*
                 * No user attributes are returned, so just goto the default
                 * home page.
                 */
                response.sendRedirect("home.jsp?subject=" + result.get("Subject"));
            } else if (request != null && result.size() > 1) {
                /*
                 * We have received attributes, so lets show them in the
                 * attribute home page.
                 */
                String params = "home-attrib.jsp?";
                Object[] keys = result.keySet().toArray();
                for (int i = 0; i < result.size(); i++) {
                    String key = (String) keys[i];
                    String value = (String) result.get(key);
                    if (i != result.size()) {
                        params = params + key + "=" + value + "&";
                    } else {
                        params = params + key + "=" + value;
                    }
                }
                response.sendRedirect(params);
            } else {
                // something wrong, re-login
                response.sendRedirect("index.jsp");
            }

        } else { /* time to create the authentication request or logout request */

            try {
                String requestMessage = consumer.buildRequestMessage(request);

                response.sendRedirect(requestMessage);

            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }

com.avis.saml.sso.SamlConsumerManager.processResponseMessage(SamlConsumerManager.java:246) で

public Map<String, String> processResponseMessage(String responseMessage) {

        XMLObject responseXmlObj = null;

        try {
            responseXmlObj = unmarshall(responseMessage);

        } catch (ConfigurationException e) {
            e.printStackTrace();
        } catch (ParserConfigurationException e) {
            e.printStackTrace();
        } catch (SAXException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (UnmarshallingException e) {
            e.printStackTrace();
        }

        return getResult(responseXmlObj); // line 246
    }

実際、私は 2 つの Web ページを持っていますが、ここでは 1 つに言及しました。これらは同じものだからです。SAML2.0 と OpenSAML を使用して、2 つのサービス プロバイダー (Web ページ) が WSO2 Identity Server で中央認証されるシングル サインオン プロジェクトを行っています。

構成時にいくつかのステップを逃したかどうかわかりませんか? Web ページが正常に認証されるために留意しなければならない重要な点はありますか?

4

1 に答える 1

0

同じ例外が発生していました。以下のように非整列化メソッドを更新すると、問題が解決しました。

private XMLObject unmarshall(String responseMessage) throws ConfigurationException,
                                                        ParserConfigurationException, SAXException,
                                                        IOException, UnmarshallingException {
    DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
    documentBuilderFactory.setNamespaceAware(true);
    DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();


    byte[] base64DecodedResponse = responseMessage.getBytes("UTF-8");
    byte[] decoded = Base64.decode(base64DecodedResponse,0,responseMessage.length());
    System.out.println(new String(decoded, StandardCharsets.UTF_8));
    String s = new String(decoded,StandardCharsets.UTF_8);
    Document document = docBuilder.parse(new InputSource(new StringReader(s)));

    Element element = document.getDocumentElement();
    UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
    Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
    return unmarshaller.unmarshall(element);

}
于 2015-10-15T07:56:04.063 に答える