Fatal编程技术网
  • wso2/
  • 使用Identity Server进行WSO2单点登录

使用Identity Server进行WSO2单点登录

wso2

使用Identity Server进行WSO2单点登录,wso2,wso2is,Wso2,Wso2is,我尝试使用identity server for wso2创建单点登录(SSO)。我遵循本教程:在我的例子中,我希望使用Identity Server(IS)登录DAS。我安装了DAS和IS,IS由端口9443使用https安装,DAS由端口9445使用https安装。当我尝试登录DAS时,系统将我重定向到IS登录表单,这是正确的,但当我写入用户和密码时,系统会发出此错误(查看图像) 这是wso2is中的日志错误(使用is:5.1.0,DAS:3.0.0): 您需要升级JCE,以便可以使用25

我尝试使用identity server for wso2创建单点登录(SSO)。我遵循本教程:在我的例子中,我希望使用Identity Server(IS)登录DAS。我安装了DAS和IS,IS由端口9443使用https安装,DAS由端口9445使用https安装。当我尝试登录DAS时,系统将我重定向到IS登录表单,这是正确的,但当我写入用户和密码时,系统会发出此错误(查看图像)

这是wso2is中的日志错误(使用is:5.1.0,DAS:3.0.0):

您需要升级JCE,以便可以使用256位或更多

Java 8的解决方案:

  • 从下载Java加密扩展(JCE)

  • 将jce_policy-8.zip中的文件复制到${java.home}/jre/lib/security/和任何其他java ublication

  • 重新启动你的机器

    • DAS或IS日志文件中的任何错误日志?由以下原因引起:java.security.InvalidKeyException:javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)的javax.crypto.Cipher.implInit(Cipher.java:801)的javax.crypto.Cipher.chooseProvider(Cipher.java:864)的javax.crypto.Cipher.init(Cipher.java:1249)在javax.crypto.Cipher.init(Cipher.java:1186)在org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1137)上…62更多您可以使用完整的错误日志更新问题吗?您使用的是哪个版本?我修改了问题并包括日志错误,我使用的是windows 8中的IS版本:5.1.0和DAS 3.0.0、JVM版本8、jre 1.8.066注意:如果您有SP运行Java,请不要忘记更新其JCE 
    [2016-01-05 08:58:18,866] ERROR {org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor} -  Error processing the authentication request
org.wso2.carbon.identity.base.IdentityException: Error while signing the SAML Response message.
        at org.wso2.carbon.identity.base.IdentityException.error(IdentityException.java:162)
        at org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil.setEncryptedAssertion(SAMLSSOUtil.java:676)
        at org.wso2.carbon.identity.sso.saml.builders.DefaultResponseBuilder.buildResponse(DefaultResponseBuilder.java:75)
        at org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor.process(SPInitSSOAuthnRequestProcessor.java:159)
        at org.wso2.carbon.identity.sso.saml.SAMLSSOService.authenticate(SAMLSSOService.java:164)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleAuthenticationReponseFromFramework(SAMLSSOProviderServlet.java:691)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleRequest(SAMLSSOProviderServlet.java:178)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.doGet(SAMLSSOProviderServlet.java:95)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.sendRequestToFramework(SAMLSSOProviderServlet.java:1025)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.sendToFrameworkForAuthentication(SAMLSSOProviderServlet.java:457)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleSPInitSSO(SAMLSSOProviderServlet.java:360)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleRequest(SAMLSSOProviderServlet.java:195)
        at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.doPost(SAMLSSOProviderServlet.java:107)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
        at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
        at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
        at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
        at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
        at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
        at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1739)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1698)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.wso2.carbon.identity.base.IdentityException: Error while Encrypting Assertion
        at org.wso2.carbon.identity.base.IdentityException.error(IdentityException.java:162)
        at org.wso2.carbon.identity.sso.saml.builders.encryption.DefaultSSOEncrypter.doEncryptedAssertion(DefaultSSOEncrypter.java:58)
        at org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil.setEncryptedAssertion(SAMLSSOUtil.java:665)
        ... 56 more
Caused by: org.opensaml.xml.encryption.EncryptionException: Error encrypting XMLObject
        at org.opensaml.xml.encryption.Encrypter.encryptElement(Encrypter.java:453)
        at org.opensaml.saml2.encryption.Encrypter.encrypt(Encrypter.java:343)
        at org.opensaml.saml2.encryption.Encrypter.encrypt(Encrypter.java:257)
        at org.wso2.carbon.identity.sso.saml.builders.encryption.DefaultSSOEncrypter.doEncryptedAssertion(DefaultSSOEncrypter.java:55)
        ... 57 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
        at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1140)
        at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1083)
        at org.opensaml.xml.encryption.Encrypter.encryptElement(Encrypter.java:450)
        ... 60 more
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)
        at javax.crypto.Cipher.implInit(Cipher.java:801)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1249)
        at javax.crypto.Cipher.init(Cipher.java:1186)
        at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1137)
        ... 62 more
[2016-01-05 09:21:48,120]  INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  'admin@carbon.super [-1234]' logged in at [2016-01-05 09:21:48,119-0500]