java.lang.IllegalArgumentException: org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object

Spring JIRA | Rob Moore | 7 years ago
  1. 0

    I do not see this issue with the original zip file that was provided in SEC-1004 (SpringSecurity SAML.zip) but see it consistently with the war built from Subversion source (revision 53). I'm getting this exception when I make a request to the application via a browser: java.lang.IllegalArgumentException: org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object at org.opensaml.xml.AbstractXMLObject.prepareForAssignment(AbstractXMLObject.java:272) at org.opensaml.saml2.metadata.impl.KeyDescriptorImpl.setKeyInfo(KeyDescriptorImpl.java:79) at org.springframework.security.saml.metadata.MetadataGenerator.getKeyDescriptor(MetadataGenerator.java:125) at org.springframework.security.saml.metadata.MetadataGenerator.buildSPSSODescriptor(MetadataGenerator.java:116) at org.springframework.security.saml.metadata.MetadataGenerator.generateMetadata(MetadataGenerator.java:96) at org.springframework.security.saml.metadata.MetadataDisplayFilter.initializeSystemMetadata(MetadataDisplayFilter.java:134) at org.springframework.security.saml.metadata.MetadataDisplayFilter.doFilterHttp(MetadataDisplayFilter.java:88) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.saml.SAMLEntryPoint.doFilterHttp(SAMLEntryPoint.java:102) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)

    Spring JIRA | 7 years ago | Rob Moore
    java.lang.IllegalArgumentException: org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object
  2. 0

    I do not see this issue with the original zip file that was provided in SEC-1004 (SpringSecurity SAML.zip) but see it consistently with the war built from Subversion source (revision 53). I'm getting this exception when I make a request to the application via a browser: java.lang.IllegalArgumentException: org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object at org.opensaml.xml.AbstractXMLObject.prepareForAssignment(AbstractXMLObject.java:272) at org.opensaml.saml2.metadata.impl.KeyDescriptorImpl.setKeyInfo(KeyDescriptorImpl.java:79) at org.springframework.security.saml.metadata.MetadataGenerator.getKeyDescriptor(MetadataGenerator.java:125) at org.springframework.security.saml.metadata.MetadataGenerator.buildSPSSODescriptor(MetadataGenerator.java:116) at org.springframework.security.saml.metadata.MetadataGenerator.generateMetadata(MetadataGenerator.java:96) at org.springframework.security.saml.metadata.MetadataDisplayFilter.initializeSystemMetadata(MetadataDisplayFilter.java:134) at org.springframework.security.saml.metadata.MetadataDisplayFilter.doFilterHttp(MetadataDisplayFilter.java:88) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.saml.SAMLEntryPoint.doFilterHttp(SAMLEntryPoint.java:102) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)

    Spring JIRA | 7 years ago | Rob Moore
    java.lang.IllegalArgumentException: org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object
  3. 0

    SES-16: OpenSAML exception on request to example webapp

    GitHub | 7 years ago | spring-issuemaster
    java.lang.IllegalArgumentException: org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0
    Some bots are sending malformed HTTP requests to your site. Try to find their IP addresses in the access logs and ask them to fix the bots or blacklist them.
  6. 0
    URI part of the request contains invalid characters. You may try to encode the path from the URI. Check RFC7230 and RFC3986 documentation below. https://www.ietf.org/rfc/rfc3986.txt and https://tools.ietf.org/html/rfc7230

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. java.lang.IllegalArgumentException

      org.opensaml.xml.signature.impl.KeyInfoImpl cannot be added - it is already the child of another SAML Object

      at org.opensaml.xml.AbstractXMLObject.prepareForAssignment()
    2. XMLTooling-J
      AbstractXMLObject.prepareForAssignment
      1. org.opensaml.xml.AbstractXMLObject.prepareForAssignment(AbstractXMLObject.java:272)
      1 frame
    3. OpenSAML-J
      KeyDescriptorImpl.setKeyInfo
      1. org.opensaml.saml2.metadata.impl.KeyDescriptorImpl.setKeyInfo(KeyDescriptorImpl.java:79)
      1 frame
    4. org.springframework.security
      SpringSecurityFilter.doFilter
      1. org.springframework.security.saml.metadata.MetadataGenerator.getKeyDescriptor(MetadataGenerator.java:125)
      2. org.springframework.security.saml.metadata.MetadataGenerator.buildSPSSODescriptor(MetadataGenerator.java:116)
      3. org.springframework.security.saml.metadata.MetadataGenerator.generateMetadata(MetadataGenerator.java:96)
      4. org.springframework.security.saml.metadata.MetadataDisplayFilter.initializeSystemMetadata(MetadataDisplayFilter.java:134)
      5. org.springframework.security.saml.metadata.MetadataDisplayFilter.doFilterHttp(MetadataDisplayFilter.java:88)
      6. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      6 frames
    5. spring-security-core
      FilterChainProxy$VirtualFilterChain.doFilter
      1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      1 frame
    6. org.springframework.security
      SpringSecurityFilter.doFilter
      1. org.springframework.security.saml.SAMLEntryPoint.doFilterHttp(SAMLEntryPoint.java:102)
      2. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      2 frames
    7. spring-security-core
      FilterChainProxy$VirtualFilterChain.doFilter
      1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      1 frame
    8. org.springframework.security
      SpringSecurityFilter.doFilter
      1. org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89)
      2. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      2 frames
    9. spring-security-core
      FilterChainProxy$VirtualFilterChain.doFilter
      1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      1 frame
    10. Spring Security - Portlet support
      HttpSessionContextIntegrationFilter.doFilterHttp
      1. org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
      1 frame
    11. org.springframework.security
      SpringSecurityFilter.doFilter
      1. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      1 frame
    12. spring-security-core
      FilterChainProxy.doFilter
      1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      2. org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175)
      2 frames
    13. Spring
      DelegatingFilterProxy.doFilter
      1. org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
      2. org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
      2 frames