Skip to main content

How to debug SAML Assertions

1 reply [Last post]
mikbee
Offline
Joined: 2007-11-14
Points: 0

When implementing a web service using SAML assertions I get errors saying
"Signature verification failed". Is it possible to debug the service
framework in some way to find out what is really causing this? The server
log says the following:

[#|2010-12-02T18:12:26.255+0100|FINEST|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;ClassName=com.sun.xml.wss.impl.dsig.SignatureProcessor;MethodName=verify;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|Reference
URI #uuid_a2dc0c23-21ba-4869-bbc0-a14744eb07d2|#]

[#|2010-12-02T18:12:26.255+0100|FINEST|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;ClassName=com.sun.xml.wss.impl.dsig.SignatureProcessor;MethodName=verify;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|Reference[1]
validity status: false|#]

[#|2010-12-02T18:12:26.255+0100|SEVERE|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|WSS1315:
Signature Verification Failed|#]

[#|2010-12-02T18:12:26.256+0100|SEVERE|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|WSS1338:
Error occured in verifying the signature|#]

[#|2010-12-02T18:12:26.267+0100|FINE|sun-appserver2.1|javax.enterprise.system.core.security|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;ClassName=com.sun.enterprise.webservice.CommonServerSecurityPipe;MethodName=processRequest;javax.security.auth.message.AuthStatus@1e39a7c;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|ws.status_validate_request|#]

Regards
Mikael

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
kumarjayanti
Offline
Joined: 2003-12-10
Points: 0

https://xwss.dev.java.net/faq/FAQ.html
How do i turn on Debug Logs for a Signature Verification Failure or
any Signature related Failure in XWSS 2.0 ? : Add the entry
org.jcp.xml.dsig.internal.dom.level= FINEST in your
/jre/lib/logging.properties

On 02/12/10 10:47 PM, Mikael Beermann wrote:
> When implementing a web service using SAML assertions I get errors saying
> "Signature verification failed". Is it possible to debug the service
> framework in some way to find out what is really causing this? The server
> log says the following:
>
>
> [#|2010-12-02T18:12:26.255+0100|FINEST|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;ClassName=com.sun.xml.wss.impl.dsig.SignatureProcessor;MethodName=verify;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|Reference
> URI #uuid_a2dc0c23-21ba-4869-bbc0-a14744eb07d2|#]
>
> [#|2010-12-02T18:12:26.255+0100|FINEST|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;ClassName=com.sun.xml.wss.impl.dsig.SignatureProcessor;MethodName=verify;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|Reference[1]
> validity status: false|#]
>
> [#|2010-12-02T18:12:26.255+0100|SEVERE|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|WSS1315:
> Signature Verification Failed|#]
>
> [#|2010-12-02T18:12:26.256+0100|SEVERE|sun-appserver2.1|com.sun.xml.wss.logging.impl.dsig|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|WSS1338:
> Error occured in verifying the signature|#]
>
> [#|2010-12-02T18:12:26.267+0100|FINE|sun-appserver2.1|javax.enterprise.system.core.security|_ThreadID=43;_ThreadName=httpSSLWorkerThread-8080-0;ClassName=com.sun.enterprise.webservice.CommonServerSecurityPipe;MethodName=processRequest;javax.security.auth.message.AuthStatus@1e39a7c;_RequestID=bb12d060-c98a-4591-93bf-3c8ee66d170c;|ws.status_validate_request|#]
>
> Regards
> Mikael