org.opensaml.common.SAMLException: Error validating SAML response

Spring JIRA | Vladislav Mostovoy | 2 years ago
  1. 0

    Sorry for my bad english. Thank you, for your spring-security-saml extension! When SP app has received LogoutResponse, and try perform destination verification, the exception (see below) has been thrown. LogoutResponse;FAILURE;127.0.0.1org.opensaml.common.SAMLException: Error validating SAML response at org.springframework.security.saml.websso.SingleLogoutProfileImpl.processLogoutResponse(SingleLogoutProfileImpl.java:365) at org.springframework.security.saml.SAMLLogoutProcessingFilter.processLogout(SAMLLogoutProcessingFilter.java:138) at org.springframework.security.saml.SAMLLogoutProcessingFilter.doFilter(SAMLLogoutProcessingFilter.java:93) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:166) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1539) at org.springframework.boot.actuate.autoconfigure.MetricFilterAutoConfiguration$MetricsFilter.doFilterInternal(MetricFilterAutoConfiguration.java:90) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1539) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) IMHO, problem with response to service destination check. as is: response.getDestination().equals(service.getLocation()), to be response.getDestination().equals(service.getResponseLocation())

    Spring JIRA | 2 years ago | Vladislav Mostovoy
    org.opensaml.common.SAMLException: Error validating SAML response
  2. 0

    Sorry for my bad english. Thank you, for your spring-security-saml extension! When SP app has received LogoutResponse, and try perform destination verification, the exception (see below) has been thrown. LogoutResponse;FAILURE;127.0.0.1org.opensaml.common.SAMLException: Error validating SAML response at org.springframework.security.saml.websso.SingleLogoutProfileImpl.processLogoutResponse(SingleLogoutProfileImpl.java:365) at org.springframework.security.saml.SAMLLogoutProcessingFilter.processLogout(SAMLLogoutProcessingFilter.java:138) at org.springframework.security.saml.SAMLLogoutProcessingFilter.doFilter(SAMLLogoutProcessingFilter.java:93) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:166) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1539) at org.springframework.boot.actuate.autoconfigure.MetricFilterAutoConfiguration$MetricsFilter.doFilterInternal(MetricFilterAutoConfiguration.java:90) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1539) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) IMHO, problem with response to service destination check. as is: response.getDestination().equals(service.getLocation()), to be response.getDestination().equals(service.getResponseLocation())

    Spring JIRA | 2 years ago | Vladislav Mostovoy
    org.opensaml.common.SAMLException: Error validating SAML response
  3. Speed up your debug routine!

    Automated exception search integrated into your IDE

  4. 0

    errorCode 16 while using SAML to log in | Tableau Support Community

    tableau.com | 1 year ago
    org.springframework.security.authentication.AuthenticationServiceException: Error validating SAML message
  5. 0

    errorCode 16 while using SAML to log in |Tableau Support Community

    tableau.com | 5 months ago
    org.springframework.security.authentication.AuthenticationServiceException: Error validating SAML message

    1 unregistered visitors
    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.opensaml.common.SAMLException

      Error validating SAML response

      at org.springframework.security.saml.websso.SingleLogoutProfileImpl.processLogoutResponse()
    2. org.springframework.security
      SAMLLogoutProcessingFilter.doFilter
      1. org.springframework.security.saml.websso.SingleLogoutProfileImpl.processLogoutResponse(SingleLogoutProfileImpl.java:365)
      2. org.springframework.security.saml.SAMLLogoutProcessingFilter.processLogout(SAMLLogoutProcessingFilter.java:138)
      3. org.springframework.security.saml.SAMLLogoutProcessingFilter.doFilter(SAMLLogoutProcessingFilter.java:93)
      3 frames
    3. Spring Security
      FilterChainProxy$VirtualFilterChain.doFilter
      1. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      2. org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
      3. org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:166)
      4. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      5. org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
      6. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      7. org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
      8. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      8 frames
    4. org.springframework.security
      HeaderWriterFilter.doFilterInternal
      1. org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
      1 frame
    5. Spring
      OncePerRequestFilter.doFilter
      1. org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      1 frame
    6. Spring Security
      FilterChainProxy$VirtualFilterChain.doFilter
      1. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      2. org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
      3. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      3 frames
    7. org.springframework.security
      WebAsyncManagerIntegrationFilter.doFilterInternal
      1. org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
      1 frame
    8. Spring
      OncePerRequestFilter.doFilter
      1. org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      1 frame
    9. Spring Security
      FilterChainProxy.doFilter
      1. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
      2. org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
      3. org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
      3 frames
    10. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1539)
      1 frame
    11. Spring Boot Actuator
      MetricFilterAutoConfiguration$MetricsFilter.doFilterInternal
      1. org.springframework.boot.actuate.autoconfigure.MetricFilterAutoConfiguration$MetricsFilter.doFilterInternal(MetricFilterAutoConfiguration.java:90)
      1 frame
    12. Spring
      OncePerRequestFilter.doFilter
      1. org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      1 frame
    13. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1539)
      1 frame
    14. Spring
      OncePerRequestFilter.doFilter
      1. org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
      2. org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      2 frames