我目前正在开发一个应用程序,该应用程序使用 Spring SAML ( http://projects.spring.io/spring-security-saml/ ) 项目作为我们身份验证的一部分。我知道它仍在 RC 中,但我们正在开发的应用程序也是如此。当部署到 Tomcat7 时,我们已经集成了库并且功能齐全,但在部署到 Weblogic 12c (12.0.1.2) 时遇到了问题。在不抛出任何错误的 Weblogic 上,断言值将被解密为空无错误。
问题似乎出在 Xerces 库中。据我所知,Spring SAML(由于 OpenSAML)需要 2.10.0,但 Weblogic 提供了 2.8.0 的 Xerces 库。我试图通过在项目 WEB-INF/lib 文件夹。这修复了 Spring SAML 的解密问题,但破坏了 Weblogics 解析 JSP 页面的能力。我在下面包含了未升级和升级的 Xerces 异常的部分堆栈跟踪。如果有人知道如何正确解决此问题,以便 Spring SAML 可以在不破坏默认功能的情况下运行 Weblogic,我将不胜感激。
这是更新 Xerces 之前的堆栈跟踪
2014-07-31 10:43:37,675 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.apache.xml.security.algorithms.JCEMapper - Request for U
RI http://www.w3.org/2001/04/xmlenc#aes256-cbc
2014-07-31 10:43:37,675 [[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.apache.xml.security.encryption.XMLCipher - JCE Algorithm
= AES/CBC/ISO10126Padding
<Jul 31, 2014 10:43:37 AM EDT> <Error> <HTTP> <BEA-101020> <[ServletContext@1538876008[app:intranet module:intranet.war path:null spec-version:3.0]] Servlet failed with an
Exception
java.lang.NumberFormatException: For input string: ""
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.lang.Integer.parseInt(Integer.java:504)
at java.lang.Integer.valueOf(Integer.java:582)
at org.opensaml.common.SAMLVersion.valueOf(SAMLVersion.java:89)
at org.opensaml.saml2.core.impl.AssertionUnmarshaller.processAttribute(AssertionUnmarshaller.java:71)
at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallAttribute(AbstractXMLObjectUnmarshaller.java:254)
at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:113)
at org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:479)
at org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:403)
at org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:141)
at org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:69)
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:190)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:84)
这是将 Xerces 更新到 2.10.0 后的堆栈跟踪。
weblogic.servlet.jsp.CompilationException: Failed to compile JSP /WEB- INF/jsp/errors/500.jsp
500.jsp:1:1: The validator class: "org.apache.taglibs.standard.tlv.JstlCoreTLV" has failed with the following exception: "java.lang.ClassCastException: weblogic.xml.jaxp.Re
gistrySAXParserFactory cannot be cast to javax.xml.parsers.SAXParserFactory".
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
^-------------------------------------------------------------^
500.jsp:2:5: No tag library could be found with this URI. Possible causes could be that the URI is incorrect, or that there were errors during parsing of the .tld file.
<%@ taglib prefix="int" uri="intranet"%>
^----^
500.jsp:2:5: No tag library could be found with this URI. Possible causes could be that the URI is incorrect, or that there were errors during parsing of the .tld file.
<%@ taglib prefix="int" uri="intranet"%>
^----^
500.jsp:6:3: This tag can only appear as a subelement of a standard or custom action. Exceptions are: jsp:body, jsp:attribute, jsp:expression, jsp:scriptlet, and jsp:declaration.
<jsp:attribute name="minifiedJs">
^-----------^
500.jsp:8:3: This tag can only appear as a subelement of a standard or custom action. Exceptions are: jsp:body, jsp:attribute, jsp:expression, jsp:scriptlet, and jsp:declaration.
<jsp:attribute name="nonMinifiedJs">
^-----------^
500.jsp:11:3: This tag can only appear as a subelement of a standard or custom action. Exceptions are: jsp:body, jsp:attribute, jsp:expression, jsp:scriptlet, and jsp:declaration.
<jsp:body>
^------^
at weblogic.servlet.jsp.JavelinxJSPStub.reportCompilationErrorIfNeccessary(JavelinxJSPStub.java:243)
at weblogic.servlet.jsp.JavelinxJSPStub.compilePage0(JavelinxJSPStub.java:179)
at weblogic.servlet.jsp.JavelinxJSPStub.access$000(JavelinxJSPStub.java:50)
at weblogic.servlet.jsp.JavelinxJSPStub$1.run(JavelinxJSPStub.java:108)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.servlet.jsp.JavelinxJSPStub.compilePage(JavelinxJSPStub.java:105)
at weblogic.servlet.jsp.JspStub.prepareServlet(JspStub.java:247)
at weblogic.servlet.jsp.JspStub.prepareServlet(JspStub.java:200)
at weblogic.servlet.internal.ServletStubImpl.getServlet(ServletStubImpl.java:403)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:295)
at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:478)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:367)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:25)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:79)
...
最佳答案
对于以后遇到此问题的任何人。我最终通过更新到 xercesImpl 版本 2.9.0 解决了这个问题。这似乎是这个问题的最佳版本,尽管它比 OpenSAML 要求的要少,但它修复了这个问题,同时不会导致 Weblogic 出现任何其他问题(就我目前遇到的而言)。 Xerces 2.10.0 需要更新版本的 xml-apis 才能运行,这导致了 Weblogic 的问题(2.9.0 似乎可以与 Weblogic 中包含的 xml-apis 版本一起使用)。
关于java - Weblogic 12c 上的 Spring SAML,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25061918/