Why did upgrading to Java 1.7u25 (or later) break our PicketLink applications?
Issue
Why did upgrading to Java 1.7u25 break our PicketLink applications?
2013-09-18 14:24:33,147 ERROR [org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor] (http-192.168.1.2-8080-1) Processing Exception:
org.picketlink.identity.federation.core.exceptions.ProcessingException: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_bad4f787-fa7d-428c-a97b-a8fc9b8bec92
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:230)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler.sign(SAML2SignatureGenerationHandler.java:111)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler.generateSAMLRequest(SAML2SignatureGenerationHandler.java:68)
at org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor.process(ServiceProviderBaseProcessor.java:171)
at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.generalUserRequest(SPRedirectFormAuthenticator.java:371)
at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.authenticate(SPRedirectFormAuthenticator.java:148)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:95)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.internalProcess(ActiveRequestResponseCacheValve.java:74)
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:47)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:599)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:451)
at java.lang.Thread.run(Thread.java:724)
Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_bad4f787-fa7d-428c-a97b-a8fc9b8bec92
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:412)
at org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:338)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:471)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:367)
at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:296)
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:160)
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:226)
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 5.1.2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
