Search:

This impacted me as well in the past week, I modified SAMLAutenticationProvider.java locally to fix the problem.

The root cause of the issue was a defect introduced during a recent refactoring...

How are you getting the spring-security-saml2-core artifact, are you building it from source ?

If so, how are you getting the source ? Are you cloning and building from master ?

I fixed my problem by importing, to the SAML2 sample webapp's samlKeystore.jks, the CA cert for the signer of the X509 cert presented by my tomcat instance hosting the Shibboleth IdP webapp to the...

Here's the contents of my catalina.out, with log4j logging set to DEBUG for com.springframework.security.saml:

I also verified that the shibboleth IDP's private key matches the cert with alias...

My environment was fubar'd, when I fixed the environment the problem went away.

I'm encountering the same issue. Using /usr/java/default/bin/keytool I added the contents of idp.crt file to samlKeystore.jks and to /usr/java/default/jre/lib/security/cacerts, using the alias...

One more thing: I had to make this change to saml2-core/pom.xml to successfully build:

$ git diff ../../../../../saml2-core/pom.xml
diff --git a/spring-security-saml/saml2-core/pom.xml...

I'm integrating the SAML Spring security extension into a Spring 3.0 application (tomcat) that's previously been integrated with Spring Security 3.1.

The source for the Spring Security SAML...