WSO2身份服务器 - SAML SSO - 被动STS示例无法正常工作-Java 学习之路

我指的是以下文章：http://wso2.org/library/articles/2010/07/saml2-web-browser-based-sso-wso2-identity-server

此示例适用于身份服务器4.0.0，但不适用于身份服务器4.1.0 ...

使用4.1.0 - 返回SAML响应，但依赖方应用程序在尝试反序列化消息时抛出异常 . 是否可以更新此示例以使用更高版本的IS？

这是依赖方应用程序的堆栈跟踪：

SEVERE: Servlet.service() for servlet [SAML2ConsumerServlet] in context with path [/saml2.demo] threw exception
java.lang.NullPointerException
    at org.wso2.identity.saml2.demo.SamlConsumerManager.getResult(SamlConsumerManager.java:278)
    at org.wso2.identity.saml2.demo.SamlConsumerManager.processResponseMessage(SamlConsumerManager.java:252)
    at org.wso2.identity.saml2.demo.SAML2ConsumerServlet.doPost(SAML2ConsumerServlet.java:77)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

来自依赖方申请的源代码：https://svn.wso2.org/repos/wso2/people/suresh/saml2/saml2-demo/src-dist

1 回答

似乎解码器操作尚未实现，并且IS 4.0.0以后响应是使用Base64编码的，因此您可能不需要在SamlConsumerManager.java中执行转换器

private String samlDecoder（String messsage）throws Exception {

// Base64 decode

//byte[] xmlBytes = messsage.getBytes("UTF-8");
byte[] base64DecodedByteArray = Base64.decode(messsage);

// Inflate (uncompress) the AuthnRequest data
// First attempt to unzip the byte array according to DEFLATE (rfc 1951)

Inflater inflater = new Inflater(true);
inflater.setInput(base64DecodedByteArray);
// since we are decompressing, it's impossible to know how much space we
// might need; hopefully this number is suitably big
byte[] xmlMessageBytes = new byte[5000];
int resultLength = inflater.inflate(xmlMessageBytes);

if (!inflater.finished()) {
    throw new RuntimeException("didn't allocate enough space to hold "
            + "decompressed data");
}

inflater.end();

String decodedResponse = new String(xmlMessageBytes, 0, resultLength,
        "UTF-8");

return decodedResponse;

}

public Map<String, String> processResponseMessage(String responseMessage) {

XMLObject responseXmlObj = null;

try {
    **responseXmlObj = unmarshall(samlDecoder(responseMessage));**

希望答案对你有所帮助，因为我在应用了以下内容后能够得到这个东西

回复于 2024-04-29T16:07:41+08:00

WSO2身份服务器 - SAML SSO - 被动STS示例无法正常工作

1 回答

相关问题