0

使用 WSO2 身份服务器进行身份验证时遇到问题。我有一个名为 avis.com 的网页,当我进入该页面时,单击登录按钮,然后该网页导航到 WSO2 Identity Server 的登录表单。但是,当我在表单中输入用户名和密码并单击登录时。错误页面显示为:

SAML 2.0 based Single Sign-On

Error when processing the authentication request!
Please try login again.

在 Apache Tomcat 日志中,出现错误:

Nov 07, 2013 3:12:32 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [SAML2ConsumerServlet] in context with path [/travelocity.com] threw exception
java.lang.NullPointerException
    at com.travelocity.saml.sso.SamlConsumerManager.getResult(SamlConsumerManager.java:272)
    at com.travelocity.saml.sso.SamlConsumerManager.processResponseMessage(SamlConsumerManager.java:246)
    at com.travelocity.saml.sso.SAML2ConsumerServlet.doPost(SAML2ConsumerServlet.java:73)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:724)

在 com.avis.saml.sso.SamlConsumerManager.getResult(SamlConsumerManager.java:272):

private Map<String, String> getResult(XMLObject responseXmlObj) {

        if (responseXmlObj.getDOM().getNodeName().equals("saml2p:LogoutResponse")) //line 722{
            return null;
        }

        Response response = (Response) responseXmlObj;

        Assertion assertion = response.getAssertions().get(0);
        Map<String, String> resutls = new HashMap<String, String>(); // line 72

        /*
         * If the request has failed, the IDP shouldn't send an assertion.
         * SSO profile spec 4.1.4.2 <Response> Usage
         */
        if (assertion != null) {

            String subject = assertion.getSubject().getNameID().getValue();
            resutls.put("Subject", subject); // get the subject

            List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

            if (attributeStatementList != null) {
                // we have received attributes of user
                Iterator<AttributeStatement> attribStatIter = attributeStatementList.iterator();
                while (attribStatIter.hasNext()) {
                    AttributeStatement statment = attribStatIter.next();
                    List<Attribute> attributesList = statment.getAttributes();
                    Iterator<Attribute> attributesIter = attributesList.iterator();
                    while (attributesIter.hasNext()) {
                        Attribute attrib = attributesIter.next();
                        Element value = attrib.getAttributeValues().get(0).getDOM();
                        String attribValue = value.getTextContent();
                        resutls.put(attrib.getName(), attribValue);
                    }
                }
            }
        }
        return resutls;
    }

在 com.avis.saml.sso.SAML2ConsumerServlet.doPost(SAML2ConsumerServlet.java:72)

protected void doPost(HttpServletRequest request, HttpServletResponse response)
                                                                                   throws ServletException,
                                                                                   IOException {

        String responseMessage = request.getParameter("SAMLResponse");

        if (responseMessage != null) { /* response from the identity provider */

            Map<String, String> result = consumer.processResponseMessage(responseMessage);

            if (result != null && result.size() == 1) {
                /*
                 * No user attributes are returned, so just goto the default
                 * home page.
                 */
                response.sendRedirect("home.jsp?subject=" + result.get("Subject"));
            } else if (request != null && result.size() > 1) {
                /*
                 * We have received attributes, so lets show them in the
                 * attribute home page.
                 */
                String params = "home-attrib.jsp?";
                Object[] keys = result.keySet().toArray();
                for (int i = 0; i < result.size(); i++) {
                    String key = (String) keys[i];
                    String value = (String) result.get(key);
                    if (i != result.size()) {
                        params = params + key + "=" + value + "&";
                    } else {
                        params = params + key + "=" + value;
                    }
                }
                response.sendRedirect(params);
            } else {
                // something wrong, re-login
                response.sendRedirect("index.jsp");
            }

        } else { /* time to create the authentication request or logout request */

            try {
                String requestMessage = consumer.buildRequestMessage(request);

                response.sendRedirect(requestMessage);

            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }

在 com.avis.saml.sso.SamlConsumerManager.processResponseMessage(SamlConsumerManager.java:246)

public Map<String, String> processResponseMessage(String responseMessage) {

        XMLObject responseXmlObj = null;

        try {
            responseXmlObj = unmarshall(responseMessage);

        } catch (ConfigurationException e) {
            e.printStackTrace();
        } catch (ParserConfigurationException e) {
            e.printStackTrace();
        } catch (SAXException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (UnmarshallingException e) {
            e.printStackTrace();
        }

        return getResult(responseXmlObj); // line 246
    }

实际上,我有两个网页,但在这里我提到了一个,因为它们是相同的。我正在做一个单点登录项目,两个服务提供商(网页)使用 SAML2.0 和 OpenSAML 在 WSO2 身份服务器上进行中央身份验证

我不知道我是否在配置时错过了一些步骤?为了使我的网页成功进行身份验证,我必须记住任何重要的一点。

4

1 回答 1

0

我得到了同样的异常。更新解组方法如下解决了我的问题。

private XMLObject unmarshall(String responseMessage) throws ConfigurationException,
                                                        ParserConfigurationException, SAXException,
                                                        IOException, UnmarshallingException {
    DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
    documentBuilderFactory.setNamespaceAware(true);
    DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();


    byte[] base64DecodedResponse = responseMessage.getBytes("UTF-8");
    byte[] decoded = Base64.decode(base64DecodedResponse,0,responseMessage.length());
    System.out.println(new String(decoded, StandardCharsets.UTF_8));
    String s = new String(decoded,StandardCharsets.UTF_8);
    Document document = docBuilder.parse(new InputSource(new StringReader(s)));

    Element element = document.getDocumentElement();
    UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
    Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
    return unmarshaller.unmarshall(element);

}
于 2015-10-15T07:56:04.063 回答