1 2 3 4 5 Previous Next 61 Replies Latest reply on Feb 28, 2013 12:29 PM by meetoblivion Go to original post
      • 45. Re: PicketLink 2.0.2.Final is released
        mazzag

        Anil, I have a coworker who would really like to try out the PL PDP service, I see two possible alternatives while SECURITY-653 is open:

        1.) Would you know of the most recent PL and JBoss AS server versions whose PDP service will work?

        2.) (preferable) SECURITY-653 (actually the bug it references) suggests that if I keep the policy configuration *outside* of the WAR (say in the configuration folder), that things should work.  Is that the case?  If so, do you or anyone else know how I can configure the PDP to read its policy information outside of the WAR (say in the standalone/configuration folder)?  This is what within-WAR configuration looks like:  https://community.jboss.org/wiki/XACMLCachingForPerformance#Case_1__Use_the_Decision_Caching_System_As_Is, but I am not sure how to configure it to look out-of-war.

        Thanks,

        Glen

        • 46. Re: PicketLink 2.0.2.Final is released
          anil.saldhana

          Glen Mazza wrote:

           

          Anil, I have a coworker who would really like to try out the PL PDP service, I see two possible alternatives while SECURITY-653 is open:

          1.) Would you know of the most recent PL and JBoss AS server versions whose PDP service will work?

          2.) (preferable) SECURITY-653 (actually the bug it references) suggests that if I keep the policy configuration *outside* of the WAR (say in the configuration folder), that things should work.  Is that the case?  If so, do you or anyone else know how I can configure the PDP to read its policy information outside of the WAR (say in the standalone/configuration folder)?  This is what within-WAR configuration looks like:  https://community.jboss.org/wiki/XACMLCachingForPerformance#Case_1__Use_the_Decision_Caching_System_As_Is, but I am not sure how to configure it to look out-of-war.

          Thanks,

          Glen

          1)  We have tested in AS5 and 6 at the moment.  We will soon get to 7.1.x

          2) The bug is caused by the url being a vfs url while the JDK File construct needs file:/

          Regarding placing the config file in the standalone/configuration directory, there is a system property available ${jboss.server.config.dir},  but I am unsure if it will work without trying.

          The bug fix is pretty simple but I need to find a few minutes to code it in.

           

          Glen, has Talend given a thought on having committers in the PicketLink umbrella of oss projects?

          • 47. Re: PicketLink 2.0.2.Final is released
            mazzag

            Thanks--I'll try doing the config outside-of-WAR to see if that's a workable bandaid for the time being.  As for Talend, for possible partnerships you'd need to chat offline with my manager Dan Kulp.  :)   But personally speaking, I don't think I have time to be committing things (maybe that could change in a few months), I'm just trying to see how things work and give you feedback where your documentation notes could use improvement.  I want to test the PL STS with a CXF WSC and CXF WSP to check interoperability, also my coworker Colm is doing something with XACML support in CXF right now and so a working PDP is useful for his testing.

            • 48. Re: PicketLink 2.0.2.Final is released
              karencoulter

              I've made these changes to the module.xml file for both the sun.jdk and org.picketlink, but I'm still having classpath issues.  I'm using Picketlink 2.0.2.Final in JBoss AS 7.1.1.Final in standalone.  The only change I made to the sample war files was to change the SPPostSignatureFormAuthenticator to an SPRedirectSignatureForAuthenticator in the sales-post-sig.war.  Here's the stack trace:

               

              13:13:59,678 ERROR [org.apache.catalina.connector.CoyoteAdapter] (http--127.0.0.1-8080-1) An exception or error occurred in the container during the request processing: java.lang.NoClassDefFoundError: javax/xml/crypto/dsig/dom/DOMSignContext

                  at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:266) [picketlink-fed-2.0.2.Final.jar:]

                  at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:160) [picketlink-fed-2.0.2.Final.jar:]

                  at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:140) [picketlink-fed-2.0.2.Final.jar:]

                  at org.picketlink.identity.federation.web.util.IDPWebRequestUtil.getErrorResponse(IDPWebRequestUtil.java:384) [picketlink-fed-2.0.2.Final.jar:]

                  at org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve.invoke(IDPWebBrowserSSOValve.java:351) [picketlink-bindings-2.0.2.Final.jar:]

                  at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

                  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

                  at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

                  at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_29]

               

              Here's my module.xml for sun.jdk:

              <module xmlns="urn:jboss:module:1.1" name="sun.jdk">

                  <resources>

                      <!-- currently jboss modules has not way of importing services from

                      classes.jar so we duplicate them here -->

                      <resource-root path="service-loader-resources"/>

                  </resources>

                  <dependencies>

                      <system export="true">

                          <paths>

                              <path name="com/sun/script/javascript"/>

                              <path name="com/sun/jndi/dns"/>

                              <path name="com/sun/jndi/ldap"/>

                              <path name="com/sun/jndi/url"/>

                              <path name="com/sun/jndi/url/dns"/>

                              <path name="com/sun/security/auth"/>

                              <path name="com/sun/security/auth/login"/>

                              <path name="com/sun/security/auth/module"/>

                              <path name="sun/misc"/>

                              <path name="sun/io"/>

                              <path name="sun/nio"/>

                              <path name="sun/nio/ch"/>

                              <path name="sun/security"/>

                              <path name="sun/security/krb5"/>

                              <path name="sun/util"/>

                              <path name="sun/util/calendar"/>

                              <path name="sun/util/locale"/>

                              <path name="sun/security/provider"/>

                             <path name="javax/xml/crypto/dsig"/>

                              <path name="javax/xml/crypto"/>

                              <path name="org/jcp/xml/dsig/internal/dom"/>

                              <path name="META-INF/services"/>

                          </paths>

                          <exports>

                              <include-set>

                                  <path name="META-INF/services"/>

                              </include-set>

                          </exports>

                      </system>

                  </dependencies>

              </module>

               

              And here's my module.xml for org.picketlink:

              <module xmlns="urn:jboss:module:1.1" name="org.picketlink">

                  <resources>

                      <resource-root path="picketlink-fed-2.0.2.Final.jar"/>

                      <resource-root path="picketlink-bindings-2.0.2.Final.jar"/>

                      <resource-root path="picketlink-bindings-jboss-2.0.2.Final.jar"/>

                      <!-- Insert resources here -->

                  </resources>

               

                  <dependencies>

                      <module name="javax.api"/>

                      <module name="javax.security.auth.message.api"/>

                      <module name="javax.security.jacc.api"/>

                      <module name="javax.transaction.api"/>

                      <module name="javax.xml.bind.api"/>

                      <module name="javax.xml.stream.api"/>

                      <module name="javax.servlet.api"/>

                      <module name="org.jboss.common-core"/>

                      <module name="org.jboss.logging"/>

                      <module name="org.jboss.as.web"/>

                      <module name="org.jboss.security.xacml"/>

                      <module name="org.picketbox"/>

                      <module name="javax.xml.ws.api"/>

                      <module name="org.apache.log4j"/>

                     <!--module name="org.apache.santuario.xmlsec"/-->

                      <module name="sun.jdk"/>

                  </dependencies>

              </module>

              • 49. Re: PicketLink 2.0.2.Final is released
                pcraveiro

                Hi Karen,

                 

                    Try do add the following path in the module.xml of the sun.jdk module:

                 

                       <path name="javax/xml/crypto/dsig/dom"/>

                 

                Regards.

                Pedro Igor

                • 50. Re: PicketLink 2.0.2.Final is released
                  karencoulter

                  Unfortunately, that just starts spewing all sorts of other classpath errors:

                   

                  14:49:04,218 SEVERE [com.sun.org.apache.xml.internal.security.Init] (http--127.0.0.1-8080-1) Bad: : java.lang.RuntimeException: java.lang.ClassNotFoundException: com.sun.org.apache.xml.internal.security.transforms.implementations.TransformBase64Decode from [Module "deployment.idp-sig.war:main" from Service Module Loader]

                      at com.sun.org.apache.xml.internal.security.transforms.Transform.register(Transform.java:280) [rt.jar:1.6.0_29]

                      at com.sun.org.apache.xml.internal.security.Init.init(Init.java:235) [rt.jar:1.6.0_29]

                      at org.jcp.xml.dsig.internal.dom.ApacheTransform.<clinit>(ApacheTransform.java:37) [rt.jar:1.6.0_29]

                      at java.lang.Class.forName0(Native Method) [rt.jar:1.6.0_29]

                      at java.lang.Class.forName(Class.java:169) [rt.jar:1.6.0_29]

                      at java.security.Provider$Service.getImplClass(Provider.java:1260) [rt.jar:1.6.0_29]

                      at java.security.Provider$Service.newInstance(Provider.java:1220) [rt.jar:1.6.0_29]

                      at sun.security.jca.GetInstance.getInstance(GetInstance.java:220) [rt.jar:1.6.0_29]

                      at javax.xml.crypto.dsig.TransformService.getInstance(TransformService.java:145) [xmlsec-1.5.1.jar:1.5.1]

                      at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.newTransform(DOMXMLSignatureFactory.java:233) [rt.jar:1.6.0_29]

                      at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:270) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:160) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:140) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.web.util.IDPWebRequestUtil.getErrorResponse(IDPWebRequestUtil.java:384) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve.invoke(IDPWebBrowserSSOValve.java:351) [picketlink-bindings-2.0.2.final-updated.jar:]

                      at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

                      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

                      at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_29]

                  Caused by: java.lang.ClassNotFoundException: com.sun.org.apache.xml.internal.security.transforms.implementations.TransformBase64Decode from [Module "deployment.idp-sig.war:main" from Service Module Loader]

                      at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:423)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)

                      at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120)

                      at java.lang.Class.forName0(Native Method) [rt.jar:1.6.0_29]

                      at java.lang.Class.forName(Class.java:247) [rt.jar:1.6.0_29]

                      at com.sun.org.apache.xml.internal.security.transforms.Transform.register(Transform.java:277) [rt.jar:1.6.0_29]

                      ... 24 more

                   

                  14:49:04,287 ERROR [stderr] (http--127.0.0.1-8080-1) java.lang.RuntimeException: java.lang.ClassNotFoundException: com.sun.org.apache.xml.internal.security.transforms.implementations.TransformBase64Decode from [Module "deployment.idp-sig.war:main" from Service Module Loader]

                   

                  14:49:04,290 ERROR [stderr] (http--127.0.0.1-8080-1)     at com.sun.org.apache.xml.internal.security.transforms.Transform.register(Transform.java:280)

                   

                  14:49:04,292 ERROR [stderr] (http--127.0.0.1-8080-1)     at com.sun.org.apache.xml.internal.security.Init.init(Init.java:235)

                   

                  14:49:04,294 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jcp.xml.dsig.internal.dom.ApacheTransform.<clinit>(ApacheTransform.java:37)

                   

                  14:49:04,296 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.lang.Class.forName0(Native Method)

                   

                  14:49:04,297 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.lang.Class.forName(Class.java:169)

                   

                  14:49:04,298 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.security.Provider$Service.getImplClass(Provider.java:1260)

                   

                  14:49:04,299 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.security.Provider$Service.newInstance(Provider.java:1220)

                   

                  14:49:04,301 ERROR [stderr] (http--127.0.0.1-8080-1)     at sun.security.jca.GetInstance.getInstance(GetInstance.java:220)

                   

                  14:49:04,302 ERROR [stderr] (http--127.0.0.1-8080-1)     at javax.xml.crypto.dsig.TransformService.getInstance(TransformService.java:145)

                   

                  14:49:04,304 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.newTransform(DOMXMLSignatureFactory.java:233)

                   

                  14:49:04,305 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:270)

                   

                  14:49:04,307 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:160)

                   

                  14:49:04,309 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:140)

                   

                  14:49:04,310 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.picketlink.identity.federation.web.util.IDPWebRequestUtil.getErrorResponse(IDPWebRequestUtil.java:384)

                   

                  14:49:04,312 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve.invoke(IDPWebBrowserSSOValve.java:351)

                   

                  14:49:04,314 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)

                   

                  14:49:04,316 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)

                   

                  14:49:04,317 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

                   

                  14:49:04,319 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)

                   

                  14:49:04,320 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

                   

                  14:49:04,322 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)

                   

                  14:49:04,323 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)

                   

                  14:49:04,324 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)

                   

                  14:49:04,326 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)

                   

                  14:49:04,328 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.lang.Thread.run(Thread.java:662)

                   

                  14:49:04,329 ERROR [stderr] (http--127.0.0.1-8080-1) Caused by: java.lang.ClassNotFoundException: com.sun.org.apache.xml.internal.security.transforms.implementations.TransformBase64Decode from [Module "deployment.idp-sig.war:main" from Service Module Loader]

                   

                  14:49:04,331 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190)

                   

                  14:49:04,333 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468)

                   

                  14:49:04,334 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456)

                   

                  14:49:04,336 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:423)

                   

                  14:49:04,338 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)

                   

                  14:49:04,339 ERROR [stderr] (http--127.0.0.1-8080-1)     at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120)

                   

                  14:49:04,341 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.lang.Class.forName0(Native Method)

                   

                  14:49:04,342 ERROR [stderr] (http--127.0.0.1-8080-1)     at java.lang.Class.forName(Class.java:247)

                   

                  14:49:04,343 ERROR [stderr] (http--127.0.0.1-8080-1)     at com.sun.org.apache.xml.internal.security.transforms.Transform.register(Transform.java:277)

                   

                  14:49:04,345 ERROR [stderr] (http--127.0.0.1-8080-1)     ... 24 more

                   

                  14:49:04,355 ERROR [org.apache.catalina.connector.CoyoteAdapter] (http--127.0.0.1-8080-1) An exception or error occurred in the container during the request processing: java.lang.NoClassDefFoundError: javax/xml/crypto/dsig/keyinfo/KeyInfoFactory

                      at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XMLSignatureUtil.java:287) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:160) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sign(SAML2Signature.java:140) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.web.util.IDPWebRequestUtil.getErrorResponse(IDPWebRequestUtil.java:384) [picketlink-fed-2.0.2.final-updated.jar:]

                      at org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve.invoke(IDPWebBrowserSSOValve.java:351) [picketlink-bindings-2.0.2.final-updated.jar:]

                      at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

                      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

                      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

                      at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_29]

                  Caused by: java.lang.ClassNotFoundException: javax.xml.crypto.dsig.keyinfo.KeyInfoFactory from [Module "org.picketlink:main" from local module loader @3f64b09c (roots: C:\jboss\jboss-as-7.1.1.Final\modules)]

                      at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:423)

                      at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)

                      at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120)

                      ... 15 more

                  • 51. Re: PicketLink 2.0.2.Final is released
                    pcraveiro

                    Hi Karen,

                     

                        I'll take a look at this more deeply.

                     

                    Thanks.

                    Pedro Igor

                    • 52. Re: PicketLink 2.0.2.Final is released
                      anil.saldhana

                      Pedro, why not just zip up your AS instance and give it to Karen.

                      • 53. Re: PicketLink 2.0.2.Final is released
                        karencoulter

                        It's not an emergency or anything.  I'm in the process of reverting back to 7.1.0.Final but with the Picketlink 2.0.2 jars.  I'll let you know if that works.

                        • 54. Re: PicketLink 2.0.2.Final is released
                          karencoulter

                          Picketlink 2.0.2 works just fine with JBoss 7.1.0.Final.  Both with certs and without.  Both Post and Redirects.

                           

                          I'd like to have the latest 7.1.1, so it would be good to get the classpath issues sorted out, but I'm ok for now.

                          • 55. Re: PicketLink 2.0.2.Final is released
                            pcraveiro

                            Karen,

                             

                                Try to replace your module.xml of the sun.jdk module with the one I have attached (module-sun-jdk.xml).

                             

                                I have also attached the module.xml of the org.picketlink module (module-picketlink.xml). Please replace it too.

                             

                               When using the SP examples with signature support, make sure the keystore is located inside the WAR in WEB-INF/classes/jbid_test_keystore.jks. You can copy this file from the idp-sig.war.

                             

                                Please let me know if everything worked as expected. Otherwise I'll share my AS 7.1.1.Final installation with you.

                             

                            Thanks.

                            Pedro Igor

                            • 56. Re: PicketLink 2.0.2.Final is released
                              pcraveiro

                              Anil,

                               

                                  I've created a new article about updating JBoss AS 7.1.1.Final to 2.0.2 version of PL.

                               

                                   https://community.jboss.org/wiki/HowToConfigurePicketLink202WithJBossAS711

                               

                              Regards.

                              Pedro Igor

                              • 57. Re: PicketLink 2.0.2.Final is released
                                karencoulter

                                That's working great!  Thanks.

                                • 58. Re: PicketLink 2.0.2.Final is released
                                  anil.saldhana
                                  • 59. Re: PicketLink 2.0.2.Final is released

                                    Found this thread while I tried to get SAML authentication to work with JBoss 7.1.1 (and the included picketlink version 2.0.2).

                                     

                                    I followed the workaround/solution by chaning the module definitions for picketlink and sun jdk but when the SAML authentication is invoked it still throws this exception:

                                     

                                    Caused by: java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory cannot be cast to javax.xml.crypto.dsig.XMLSignatureFactory

                                              at javax.xml.crypto.dsig.XMLSignatureFactory.findInstance(XMLSignatureFactory.java:202) [xmlsec-1.5.1.jar:1.5.1]

                                              at javax.xml.crypto.dsig.XMLSignatureFactory.getInstance(XMLSignatureFactory.java:250) [xmlsec-1.5.1.jar:1.5.1]

                                              at org.jboss.seam.security.external.saml.SamlSignatureUtilForPostBinding.getXMLSignatureFactory(SamlSignatureUtilForPostBinding.java:71) [seam-security-external-3.1.0.Final.jar:3.1.0.Final]

                                              at org.jboss.seam.security.external.saml.SamlSignatureUtilForPostBinding.init(SamlSignatureUtilForPostBinding.java:56) [seam-security-external-3.1.0.Final.jar:3.1.0.Final]

                                     

                                    I am using the seam-security-external module (version 3.1.0.Final) which is based on picketlink to do the saml authentication. Does anyone have an idea on what could (still) be wrong?