2 Replies Latest reply on Mar 20, 2007 10:50 AM by scwhyte

SAML token SAXParseException attempting to use test app with

scwhyte Mar 20, 2007 7:47 AM

Hi,

I'm currently using:

Windows XP
JDK 1.5.0_11
JBoss 4.0.5 GA
JBoss Federated SSO 1.0 CR1

Using the 'getting started' guide
http://labs.jboss.com/portal/index.html?ctrl:cmd=render&ctrl:window=default.wiki.WikiPortletWindow&page=StartFedSSO&language=EN

I'm attempting to get the federated SSO test application up and running by simulating two domains by following the steps in the getting started guide. I'm using the DemoLoginProvider packaged with the test app.

I've got:

One local installation of JBoss 4.0.5
Two default server instances called default and default2 deployed
Each instance has the sso SAR and the federation server deployed
Each instance has the test app deployed

I've amended the windows hosts file as suggested in order to simulate two domains.
I've started each instance with "run -c default -b node1.jboss.com" and "run -c default2 -b node1.jboss.org" respectively.

I am then able to access the application, and login successfully with the credentials user1:password, on the first instance using the URL:
http://node1.jboss.com:8080/test

However, when I then attempt to click on the "Cross Domain Get Tester" link, I get the following exception on the second instance (default2):

2007-03-20 11:00:10,977 DEBUG [httpclient.wire.header] >> "GET /federate/partners HTTP/1.1[\r][\n]"
2007-03-20 11:00:11,008 DEBUG [httpclient.wire.header] >> "User-Agent: Jakarta Commons-HttpClient/2.0.2[\r][\n]"
2007-03-20 11:00:11,008 DEBUG [httpclient.wire.header] >> "Host: node1.jboss.org:8080[\r][\n]"
2007-03-20 11:00:11,008 DEBUG [httpclient.wire.header] >> "[\r][\n]"
2007-03-20 11:00:12,118 DEBUG [httpclient.wire.header] << "HTTP/1.1 200 OK[\r][\n]"
2007-03-20 11:00:12,118 DEBUG [httpclient.wire.header] << "Server: Apache-Coyote/1.1[\r][\n]"
2007-03-20 11:00:12,118 DEBUG [httpclient.wire.header] << "X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5[\r][\n]"
2007-03-20 11:00:12,118 DEBUG [httpclient.wire.header] << "Transfer-Encoding: chunked[\r][\n]"
2007-03-20 11:00:12,196 DEBUG [httpclient.wire.header] << "Date: Tue, 20 Mar 2007 11:00:12 GMT[\r][\n]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "2"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "7"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "9"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\r]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\n]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "<AttributeStatement xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><Subject><NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">jbosssso:partnerInfo</NameIdentifier></Subject><Attribute AttributeName="jboss.org" AttributeNamespace="jbosssso:partner"><AttributeValue>http://node1.jboss.org:8080/federate</AttributeValue></Attribute><Attribute AttributeName="jboss.com" AttributeNamespace="jbosssso:partner"><AttributeValue>http://node1.jboss.com:8080/federate</AttributeValue></Attribute></AttributeStatement>"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\r]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\n]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "0"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\r]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\n]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\r]"
2007-03-20 11:00:12,227 DEBUG [httpclient.wire.content] << "[\n]"
2007-03-20 11:00:14,711 ERROR [org.opensaml.SAMLObject] caught an exception while parsing a stream:
XML document structures must start and end within the same entity.
2007-03-20 11:00:14,727 ERROR [org.jboss.security.federation.servlet.SSOFederationServer] org.jboss.security.federation.servlet.SSOFederationServer@126f304
org.jboss.security.saml.SSOException: org.xml.sax.SAXParseException: XML document structures must start and end within the same entity.
 at org.jboss.security.saml.JBossSingleSignOn.parseAuthResponse(JBossSingleSignOn.java:343)
 at org.jboss.security.sso.util.SSOUtil.getUsername(SSOUtil.java:119)
 at org.jboss.security.federation.servlet.SSOFederationServer.doPost(SSOFederationServer.java:158)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
 at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
 at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
 at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
 at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
 at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
 at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
 at java.lang.Thread.run(Thread.java:595)
Caused by: org.xml.sax.SAXParseException: XML document structures must start and end within the same entity.
 at org.opensaml.SAMLObject.fromStream(Unknown Source)
 at org.opensaml.SAMLResponse.<init>(Unknown Source)
 at org.jboss.security.saml.JBossSingleSignOn.parseAuthResponse(JBossSingleSignOn.java:281)
 ... 23 more
Caused by: org.xml.sax.SAXParseException: XML document structures must start and end within the same entity.
 at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
 at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
 at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
 at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
 at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.endEntity(Unknown Source)
 at org.apache.xerces.impl.XMLDocumentScannerImpl.endEntity(Unknown Source)
 at org.apache.xerces.impl.XMLEntityManager.endEntity(Unknown Source)
 at org.apache.xerces.impl.XMLEntityScanner.load(Unknown Source)
 at org.apache.xerces.impl.XMLEntityScanner.skipSpaces(Unknown Source)
 at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanAttribute(Unknown Source)
 at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown Source)
 at org.apache.xerces.impl.XMLNSDocumentScannerImpl$NSContentDispatcher.scanRootElementHook(Unknown Source)
 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
 at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
 at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
 at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
 at org.opensaml.XML$ParserPool.parse(Unknown Source)
 at org.opensaml.XML$ParserPool.parse(Unknown Source)
 ... 26 more

Whenever I then try to access any URL on this web app on this first instance, it throws the same exception.

Would anyone be able to spot if I'm doing something obviously wrong, or if there are any ideas I can try to solve this?

Many thanks in advance,
Shaun.

1. Re: SAML token SAXParseException attempting to use test app

soshah Mar 20, 2007 10:46 AM (in response to scwhyte)

Shaun-

looks like you need to patch the tomcat that ships with jboss-4.0.5. There is a cookie processing bug in tomcat if the cookie is in xml format.

Try this:
For JBoss-4.0.5:

Copy patches/jboss-4.0.5/tomcat-util.jar to the tomcat sar file in your application server both under the default and default2 server configurations

Thanks
Actions
2. Re: SAML token SAXParseException attempting to use test app

scwhyte Mar 20, 2007 10:50 AM (in response to scwhyte)

Hi Sohil

Many thanks for the response, I should have read the Readme included in the SSO bundle, but I think it might be worth adding it to that wiki Getting Started page as well.

All works fine now.

Thanks again,
Shaun.
Actions

Go to original post