Why did upgrading to Java 1.7u25 (or later) break our PicketLink applications?
Issue
Why did upgrading to Java 1.7u25 break our PicketLink applications?
2013-09-18 14:24:33,147 ERROR [org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor] (http-192.168.1.2-8080-1) Processing Exception:
org.picketlink.identity.federation.core.exceptions.ProcessingException: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_bad4f787-fa7d-428c-a97b-a8fc9b8bec92
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:230)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler.sign(SAML2SignatureGenerationHandler.java:111)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler.generateSAMLRequest(SAML2SignatureGenerationHandler.java:68)
at org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor.process(ServiceProviderBaseProcessor.java:171)
at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.generalUserRequest(SPRedirectFormAuthenticator.java:371)
at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.authenticate(SPRedirectFormAuthenticator.java:148)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:95)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.internalProcess(ActiveRequestResponseCacheValve.java:74)
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:47)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:599)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:451)
at java.lang.Thread.run(Thread.java:724)
Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_bad4f787-fa7d-428c-a97b-a8fc9b8bec92
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:412)
at org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:338)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:471)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:367)
at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:296)
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:160)
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.signSAMLDocument(SAML2Signature.java:226)
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 5.1.2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.