Java Spring SAML单点登录ADFS响应失败,因为状态消息为空
我正试图在SpringSAML扩展和ADFS服务器的帮助下集成我的web应用程序的单点登录,3个月前,我在SpringSAML示例应用程序的帮助下集成了该应用程序,当时它工作得很好,但现在它给了我以下例外 AuthNRequest;SUCCESS;111.11.11.111;https://my.domain.com:443/app/saml/metadata;http://myfedservicesserver.com/trustme;;; AuthNResponse;FAILURE;111.11.11.111;https://my.domain.com:443/app/saml/metadata;http://myfedservicesserver.com/trustme;;;org.opensaml.common.SAMLException: Response has invalid status code urn:oasis:names:tc:SAML:2.0:status:Responder, status message is null at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:113) at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:84) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:166) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) 作者需求;成功;111.11.11.111;https://my.domain.com:443/app/saml/metadata;http://myfedservicesserver.com/trustme;;; 授权回复;失败;111.11.11.111;https://my.domain.com:443/app/saml/metadata;http://myfedservicesserver.com/trustme;;;org.opensaml.common.SAMLException:响应的状态代码无效urn:oasis:names:tc:SAML:2.0:status:Responder,状态消息为null 位于org.springframework.security.saml.webso.websoprofileConsumerImpl.processAuthenticationResponse(websoprofileConsumerImpl.java:113) 位于org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82) 位于org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) 位于org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:84) 位于org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195) 位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 位于org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) 位于org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:166) 位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 位于org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) 位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 位于org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87) 位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 位于org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) 位于org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)Java Spring SAML单点登录ADFS响应失败,因为状态消息为空,java,spring-security,single-sign-on,saml-2.0,adfs2.0,Java,Spring Security,Single Sign On,Saml 2.0,Adfs2.0,我正试图在SpringSAML扩展和ADFS服务器的帮助下集成我的web应用程序的单点登录,3个月前,我在SpringSAML示例应用程序的帮助下集成了该应用程序,当时它工作得很好,但现在它给了我以下例外 AuthNRequest;SUCCESS;111.11.11.111;https://my.domain.com:443/app/saml/metadata;http://myfedservicesserver.com/trustme;;; AuthNResponse;FAILURE;111
我浏览了上面的链接,但它对我不起作用,我在ADFS服务器中更改并尝试将数字签名SHA-256改为SHA-1,但问题没有解决。经过几天的努力,我发现我的应用程序在internet上运行良好,但在intranet环境下无法运行,我检查了ADFS服务器日志,然后发现以下异常
Microsoft.IdentityServer.Service.SecurityTokenService.RevocationValidationException: MSIS7098: The certificate identified by thumbprint '2312312213BKHDIIDHD783j3bsd' is not valid. It might indicate that the certificate has been revoked, has expired, or that the certificate chain is not trusted.
urn:oasis:names:tc:SAML:2.0:status:Responder