SAML V2.0 Standalone Client Exception (Doc ID 1524390.1)

Last updated on NOVEMBER 05, 2016

Applies to:

Oracle Weblogic Server - Version 12.1.1.0 to 12.1.1.0 [Release 12c]
Information in this document applies to any platform.

Symptoms

When invoking a Web Service secured with SAML from standalone client, the following error occurs :

org.opensaml.xml.io.UnmarshallingException: Unable to build XMLSec KeyInfo object from KeyInfo XML element
at com.bea.common.security.saml2.utils.SAML2AssertionInfoImpl.(SAML2AssertionInfoImpl.java:111)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at weblogic.security.utils.SAMLAssertionInfoFactoryImpl$SAML2AssertionInfoFactory.newInstance(SAMLAssertionInfoFactoryImpl.java:254)
at weblogic.security.utils.SAMLAssertionInfoFactoryImpl$SAML2AssertionInfoFactory.access$000(SAMLAssertionInfoFactoryImpl.java:244)
at weblogic.security.utils.SAMLAssertionInfoFactoryImpl.getSAMLAssertionInfo(SAMLAssertionInfoFactoryImpl.java:98)
at weblogic.wsee.security.saml.SAMLCredentialImpl.(SAMLCredentialImpl.java:146)
at weblogic.wsee.security.saml.SAMLCredentialImpl.(SAMLCredentialImpl.java:87)
at weblogic.wsee.security.saml.SAMLCredentialImpl.(SAMLCredentialImpl.java:79)
at weblogic.wsee.security.saml.AbstractSAMLTokenHandler.newSecurityToken(AbstractSAMLTokenHandler.java:191)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshalAndProcessSecurityToken(SecurityImpl.java:660)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshalChildren(SecurityImpl.java:512)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshalInternal(SecurityImpl.java:450)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshal(SecurityImpl.java:418)
at weblogic.xml.crypto.wss11.internal.WSS11Factory.unmarshalAndProcessSecurity(WSS11Factory.java:33)
at weblogic.wsee.security.wssp.handlers.WssServerHandler.processRequest(WssServerHandler.java:50)
at weblogic.wsee.security.wssp.handlers.WssHandler.handleRequest(WssHandler.java:112)
at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory$JAXRPCTube.processRequest(TubeFactory.java:222)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:892)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:841)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:804)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:706)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:430)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:265)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)
at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:171)
at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:708)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.wsee.util.ServerSecurityHelper.authenticatedInvoke(ServerSecurityHelper.java:103)
at weblogic.wsee.jaxws.HttpServletAdapter$3.run(HttpServletAdapter.java:311)
at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:336)
at weblogic.wsee.jaxws.VerboseHttpProcessor.post(VerboseHttpProcessor.java:39)
at weblogic.wsee.jaxws.JAXWSServlet.doRequest(JAXWSServlet.java:99)
at weblogic.servlet.http.AbstractAsyncServlet.service(AbstractAsyncServlet.java:99)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:242)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:216)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:132)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:352)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:235)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3284)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3254)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:57)
at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2163)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2089)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2074)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1512)
at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:254)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: org.opensaml.xml.io.UnmarshallingException: Unable to build XMLSec KeyInfo object from KeyInfo XML element
at org.opensaml.xml.signature.KeyInfoUnmarshaller.unmarshall(KeyInfoUnmarshaller.java:97)
at org.opensaml.xml.signature.SignatureUnmarshaller.unmarshall(SignatureUnmarshaller.java:75)
at org.opensaml.xml.signature.SignatureUnmarshaller.unmarshall(SignatureUnmarshaller.java:32)
at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:328)
at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:136)
at com.bea.common.security.saml2.utils.SAML2AssertionInfoImpl.createAssertion(SAML2AssertionInfoImpl.java:254)
at com.bea.common.security.saml2.utils.SAML2AssertionInfoImpl.init(SAML2AssertionInfoImpl.java:349)
at com.bea.common.security.saml2.utils.SAML2AssertionInfoImpl.(SAML2AssertionInfoImpl.java:108)
... 55 more
weblogic.xml.crypto.wss.WSSecurityException: Invalid SAML token when samlAsst= null
at weblogic.wsee.security.saml.SAMLCredentialImpl.(SAMLCredentialImpl.java:174)
at weblogic.wsee.security.saml.SAMLCredentialImpl.(SAMLCredentialImpl.java:87)
at weblogic.wsee.security.saml.SAMLCredentialImpl.(SAMLCredentialImpl.java:79)
at weblogic.wsee.security.saml.AbstractSAMLTokenHandler.newSecurityToken(AbstractSAMLTokenHandler.java:191)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshalAndProcessSecurityToken(SecurityImpl.java:660)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshalChildren(SecurityImpl.java:512)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshalInternal(SecurityImpl.java:450)
at weblogic.xml.crypto.wss.SecurityImpl.unmarshal(SecurityImpl.java:418)
at weblogic.xml.crypto.wss11.internal.WSS11Factory.unmarshalAndProcessSecurity(WSS11Factory.java:33)
at weblogic.wsee.security.wssp.handlers.WssServerHandler.processRequest(WssServerHandler.java:50)
at weblogic.wsee.security.wssp.handlers.WssHandler.handleRequest(WssHandler.java:112)
at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory$JAXRPCTube.processRequest(TubeFactory.java:222)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:892)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:841)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:804)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:706)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:430)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:265)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)
at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:171)
at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:708)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.wsee.util.ServerSecurityHelper.authenticatedInvoke(ServerSecurityHelper.java:103)
at weblogic.wsee.jaxws.HttpServletAdapter$3.run(HttpServletAdapter.java:311)
at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:336)
at weblogic.wsee.jaxws.VerboseHttpProcessor.post(VerboseHttpProcessor.java:39)
at weblogic.wsee.jaxws.JAXWSServlet.doRequest(JAXWSServlet.java:99)
at weblogic.servlet.http.AbstractAsyncServlet.service(AbstractAsyncServlet.java:99)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:242)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:216)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:132)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:352)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:235)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3284)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3254)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:57)
at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2163)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2089)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2074)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1512)
at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:254)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms