连接到客户端Okta IDP帐户时,我在Spring SAML应用程序中遇到以下错误 . 我可以正确地从我的开发Okta帐户连接 . 可能是什么潜在的问题?
org.springframework.security.authentication.AuthenticationServiceException:org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:97)org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter上的传入SAML消息无效(在org.springframework的org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)的org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)中的AbstractAuthenticationProcessingFilter.java:195) .security.web.FilterChainProxy.doFilter(FilterChainProxy.java:166)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)在org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter (SecurityContextPersistenceFilter.java:87)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.jav)一:342)在org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)在org.springframework org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)中的.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java) :346)在org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)在org.apache.catalina.core . ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)在org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)在org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)在组织.apache.catali na.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)在org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)在org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java: 92)在org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)在org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)在org.apache.catalina.connector.CoyoteAdapter . 服务(CoyoteAdapter.java:343)在org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)在org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)在org.apache . coyote.AbstractProtocol $ ConnectionHandler.process(AbstractProtocol.java:791)在org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1417)在org.apache.tomcat.util.net.SocketProcessorBase . 在java.util.con上的java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)上运行(SocketProcessorBase.java:49) current.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)在org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)在java.lang.Thread.run(Thread.java: 748)
引起:
org.opensaml.ws.security.SecurityPolicyException:协议消息签名的验证在org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule上的org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.doEvaluate(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:138)失败.evaluate(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:107)org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51)org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132) )在org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83)在org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70)在org.springframework.security . saml.processor.SAMLProcessorImpl.retrieveMessage(SAMLProcessorImpl.java:105)在org.springframework.security.saml.processor.SAMLProcessorImpl.retrieveMessag E(SAMLProcessorImpl.java:172)在org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:77)... 32更