Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix to #363 causes org.xml.sax.SAXParseException #412

Closed
uboznikov opened this issue Dec 13, 2016 · 4 comments
Closed

Fix to #363 causes org.xml.sax.SAXParseException #412

uboznikov opened this issue Dec 13, 2016 · 4 comments
Assignees
@yurem
Labels
bug
Milestone
CE 3.0.0

Comments

@uboznikov
Copy link
Contributor

USe XmlService to parse XML documents #363

Stack trace follows:

2016-12-13 14:15:33,744 INFO  [org.gluu.oxtrust.ldap.service.Shibboleth3ConfService] >>>>>>>>>> IN Shibboleth3ConfService.generateMetadataFiles()...
2016-12-13 14:15:33,763 INFO  [org.gluu.oxtrust.ldap.service.Shibboleth3ConfService] >>>>>>>>>> LEAVING Shibboleth3ConfService.generateMetadataFiles()...
2016-12-13 14:15:33,764 INFO  [org.gluu.oxtrust.ldap.service.Shibboleth3ConfService] >>>>>>>>>> IN Shibboleth3ConfService.generateConfigurationFiles()...
2016-12-13 14:15:33,902 DEBUG [org.gluu.oxtrust.ldap.service.AttributeService] objectClassTypes=[inetOrgPerson, gluuPerson, eduPerson]
2016-12-13 14:15:33,911 TRACE [org.gluu.oxtrust.ldap.service.Shibboleth3ConfService] Starting trust parameters map initialization.
2016-12-13 14:15:33,927 ERROR [org.gluu.oxtrust.ldap.service.Shibboleth3ConfService] Failed to parse stored metadataFilter configuration for trustRelationship inum=@!C1E0.934D.3AB2.2066!0002!F1D2.2577!0006!7EE7.E6AF,ou=trustRelationships,inum=@!C1E0.934D.3AB2.2066!0002!F1D2.2577,ou=appliances,o=gluu
org.xml.sax.SAXParseException; lineNumber: 10; columnNumber: 3; The prefix "rp" for element "rp:ProfileConfiguration" is not bound.
        at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
        at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
        at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:121)
        at org.xdi.service.XmlService.getXmlDocument(XmlService.java:174)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196)
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114)
        at org.xdi.service.XmlService_$$_javassist_seam_17.getXmlDocument(XmlService_$$_javassist_seam_17.java)
        at org.gluu.oxtrust.ldap.service.ProfileConfigurationService.parseProfileConfigurations(ProfileConfigurationService.java:152)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196)
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114)
        at org.gluu.oxtrust.ldap.service.ProfileConfigurationService_$$_javassist_seam_27.parseProfileConfigurations(ProfileConfigurationService_$$_javassist_seam_27.java)
        at org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.initTrustParamMap(Shibboleth3ConfService.java:319)
        at org.gluu.oxtrust.ldap.service.Shibboleth3ConfService.generateConfigurationFiles(Shibboleth3ConfService.java:173)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196)
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114)
        at org.gluu.oxtrust.ldap.service.Shibboleth3ConfService_$$_javassist_seam_11.generateConfigurationFiles(Shibboleth3ConfService_$$_javassist_seam_11.java)
        at org.gluu.oxtrust.ldap.service.AppInitializer.createShibbolethConfiguration(AppInitializer.java:302)
        at org.gluu.oxtrust.ldap.service.AppInitializer.createApplicationComponents(AppInitializer.java:154)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.async.AsynchronousInterceptor.aroundInvoke(AsynchronousInterceptor.java:52)
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196)
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114)
        at org.gluu.oxtrust.ldap.service.AppInitializer_$$_javassist_seam_9.createApplicationComponents(AppInitializer_$$_javassist_seam_9.java)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
        at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:144)
        at org.jboss.seam.Component.callComponentMethod(Component.java:2313)
        at org.jboss.seam.Component.callCreateMethod(Component.java:2236)
        at org.jboss.seam.Component.newInstance(Component.java:2196)
        at org.jboss.seam.contexts.Contexts.startup(Contexts.java:343)
        at org.jboss.seam.contexts.Contexts.startup(Contexts.java:335)
        at org.jboss.seam.contexts.Contexts.startup(Contexts.java:317)
        at org.jboss.seam.contexts.ServletLifecycle.endInitialization(ServletLifecycle.java:143)
        at org.jboss.seam.init.Initialization.init(Initialization.java:813)
        at org.jboss.seam.servlet.SeamListener.contextInitialized(SeamListener.java:36)
        at org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:843)
        at org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:533)
        at org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:816)
        at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:345)
        at org.eclipse.jetty.webapp.WebAppContext.startWebapp(WebAppContext.java:1404)
        at org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1366)
        at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:778)
        at org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:262)
        at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:520)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.deploy.bindings.StandardStarter.processBinding(StandardStarter.java:41)
        at org.eclipse.jetty.deploy.AppLifeCycle.runBindings(AppLifeCycle.java:188)
        at org.eclipse.jetty.deploy.DeploymentManager.requestAppGoal(DeploymentManager.java:499)
        at org.eclipse.jetty.deploy.DeploymentManager.addApp(DeploymentManager.java:147)
        at org.eclipse.jetty.deploy.providers.ScanningAppProvider.fileAdded(ScanningAppProvider.java:180)
        at org.eclipse.jetty.deploy.providers.WebAppProvider.fileAdded(WebAppProvider.java:452)
        at org.eclipse.jetty.deploy.providers.ScanningAppProvider$1.fileAdded(ScanningAppProvider.java:64)
        at org.eclipse.jetty.util.Scanner.reportAddition(Scanner.java:610)
        at org.eclipse.jetty.util.Scanner.reportDifferences(Scanner.java:529)
        at org.eclipse.jetty.util.Scanner.scan(Scanner.java:392)
        at org.eclipse.jetty.util.Scanner.doStart(Scanner.java:313)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.deploy.providers.ScanningAppProvider.doStart(ScanningAppProvider.java:150)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.deploy.DeploymentManager.startAppProvider(DeploymentManager.java:561)
        at org.eclipse.jetty.deploy.DeploymentManager.doStart(DeploymentManager.java:236)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
        at org.eclipse.jetty.server.Server.start(Server.java:411)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
        at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61)
        at org.eclipse.jetty.server.Server.doStart(Server.java:378)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1516)
        at java.security.AccessController.doPrivileged(Native Method)
        at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1441)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:214)
        at org.eclipse.jetty.start.Main.start(Main.java:457)
        at org.eclipse.jetty.start.Main.main(Main.java:75)
2016-12-13 14:15:34,017 INFO  [org.gluu.oxtrust.ldap.service.Shibboleth3ConfService] >>>>>>>>>> LEAVING Shibboleth3ConfService.generateConfigurationFiles()...
@uboznikov uboznikov added the bug label Dec 13, 2016
@uboznikov uboznikov added this to the CE 3.0.0 milestone Dec 13, 2016
@uboznikov
Copy link
Contributor Author

RP data:

<rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" 
	includeAttributeStatement="true"
	assertionLifetime="120000"
	assertionProxyCount="0"
	signResponses="conditional"
	signAssertions="never"
	signRequests="conditional"
	encryptAssertions="conditional"
	encryptNameIds="never"
/>

qbert2k added a commit that referenced this issue Dec 29, 2016
@qbert2k
oxAuth #412
bf3557d 
Support JSON Property for HTTPOnly

To enable it, set sessionStateHttpOnly: true in oxAuth config.

Note that SessionManagement will not work.
See http://openid.net/specs/openid-connect-session-1_0.html

Note that your browser should not allow a client-side script to access the session_state cookie. Unfortunately, since the attribute is relatively new, several browsers may neglect to handle the new attribute properly.
See https://www.owasp.org/index.php/HttpOnly
@yurem
Copy link
Contributor

yurem commented Jan 15, 2017

@uboznikov should I take a loo on this. Is it working fine now?

@uboznikov
Copy link
Contributor Author

@yurem In recent builds I have noticed that the error has gone. Should we close this?

@yurem
Copy link
Contributor

yurem commented Jan 17, 2017

yes, I'm closing it. We updated java version and probably few libs during migration to log4j v2.

@yurem yurem closed this as completed Jan 17, 2017
@uboznikov uboznikov mentioned this issue Jan 20, 2017
Closed
yurem added a commit that referenced this issue Jan 20, 2017
@yurem
Fix to #363 causes org.xml.sax.SAXParseException #412
84a60ce
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yurem yurem

Labels
bug
Projects
None yet
Milestone
CE 3.0.0
Development

No branches or pull requests
2 participants
@yurem @uboznikov