[cas-user] Incorrect header check when importing keys

Tue, 13 Oct 2015 03:39:56 -0700 

Hi,
We're running CAS 4.1.0 and we also use Google Apps, so we're trying to configure SAML 2.0 for this. Following this [1] document, we've made the following steps: 


1) We did NOT generate a new private/public key pair, since we already 
have one from our previous CAS installation (3.5.x). We simply moved the 
public/private files to the new machine to the same path.


2) argumentExtractorsConfiguration.xml:

    <bean id="googleAccountsArgumentExtractor"

        
class="org.jasig.cas.support.saml.web.support.GoogleAccountsArgumentExtractor"

          c:servicesManager-ref="servicesManager"
          c:privateKey-ref="privateKeyFactoryBean"
          c:publicKey-ref="publicKeyFactoryBean" />


    <bean id="privateKeyFactoryBean" 
class="org.jasig.cas.util.PrivateKeyFactoryBean"

          p:location="classpath:private.p8"
          p:algorithm="RSA" />


    <bean 
id="publicKeyFactoryBean"	class="org.jasig.cas.util.PublicKeyFactoryBean"

          p:location="classpath:public.key"
          p:algorithm="RSA" />


3) Although not documented, we added <ref 
bean="googleAccountsArgumentExtractor" /> to the argumentExtractors 
list:


    <util:list id="argumentExtractors">
      <ref bean="casArgumentExtractor" />
      <ref bean="samlArgumentExtractor" />
      <ref bean="googleAccountsArgumentExtractor" />
    </util:list>

When built, the following exception is being thrown:


    GRAVE: El Servlet.service() para el servlet [cas] en el contexto con 
ruta [/cas] lanzó la excepción [Request processing failed; nested 
exception is     
org.springframework.webflow.execution.ActionExecutionException: 
Exception thrown executing 
org.jasig.cas.web.flow.InitialFlowSetupAction@1149cb40 in state 'null' 
of flow 'login' -- action      execution attributes were 'map[[empty]]'] 
con causa raíz

    java.util.zip.ZipException: incorrect header check

	at 
java.util.zip.InflaterOutputStream.write(InflaterOutputStream.java:273)

        at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1793)
        at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1769)
        at org.apache.commons.io.IOUtils.copy(IOUtils.java:1744)

	at 
org.jasig.cas.util.CompressionUtils.inflate_aroundBody0(CompressionUtils.java:66)
	at 
org.jasig.cas.util.CompressionUtils$AjcClosure1.run_aroundBody0(CompressionUtils.java:1)
	at 
org.jasig.cas.util.CompressionUtils$AjcClosure1$AjcClosure1.run_aroundBody0(CompressionUtils.java:1)
	at 
org.jasig.cas.util.CompressionUtils$AjcClosure1$AjcClosure1$AjcClosure1.run(CompressionUtils.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.util.CompressionUtils$AjcClosure1$AjcClosure1.run(CompressionUtils.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.util.CompressionUtils$AjcClosure1.run(CompressionUtils.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.util.CompressionUtils.inflate(CompressionUtils.java:63)
	at 
org.jasig.cas.support.saml.util.AbstractSaml20ObjectBuilder.decodeSamlAuthnRequest_aroundBody16(AbstractSaml20ObjectBuilder.java:262)
	at 
org.jasig.cas.support.saml.util.AbstractSaml20ObjectBuilder$AjcClosure17.run_aroundBody0(AbstractSaml20ObjectBuilder.java:1)
	at 
org.jasig.cas.support.saml.util.AbstractSaml20ObjectBuilder$AjcClosure17$AjcClosure1.run(AbstractSaml20ObjectBuilder.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.support.saml.util.AbstractSaml20ObjectBuilder$AjcClosure17.run(AbstractSaml20ObjectBuilder.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.support.saml.util.AbstractSaml20ObjectBuilder.decodeSamlAuthnRequest(AbstractSaml20ObjectBuilder.java:253)
	at 
org.jasig.cas.support.saml.authentication.principal.GoogleAccountsService.createServiceFrom_aroundBody0(GoogleAccountsService.java:133)
	at 
org.jasig.cas.support.saml.authentication.principal.GoogleAccountsService$AjcClosure1.run(GoogleAccountsService.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.support.saml.authentication.principal.GoogleAccountsService.createServiceFrom(GoogleAccountsService.java:131)
	at 
org.jasig.cas.support.saml.web.support.GoogleAccountsArgumentExtractor.extractServiceInternal_aroundBody0(GoogleAccountsArgumentExtractor.java:69)
	at 
org.jasig.cas.support.saml.web.support.GoogleAccountsArgumentExtractor$AjcClosure1.run_aroundBody0(GoogleAccountsArgumentExtractor.java:1)
	at 
org.jasig.cas.support.saml.web.support.GoogleAccountsArgumentExtractor$AjcClosure1$AjcClosure1.run(GoogleAccountsArgumentExtractor.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.support.saml.web.support.GoogleAccountsArgumentExtractor$AjcClosure1.run(GoogleAccountsArgumentExtractor.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.support.saml.web.support.GoogleAccountsArgumentExtractor.extractServiceInternal(GoogleAccountsArgumentExtractor.java:69)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor.extractService_aroundBody0(AbstractArgumentExtractor.java:43)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor$AjcClosure1.run_aroundBody0(AbstractArgumentExtractor.java:1)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor$AjcClosure1$AjcClosure1.run_aroundBody0(AbstractArgumentExtractor.java:1)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor$AjcClosure1$AjcClosure1$AjcClosure1.run(AbstractArgumentExtractor.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor$AjcClosure1$AjcClosure1.run(AbstractArgumentExtractor.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor$AjcClosure1.run(AbstractArgumentExtractor.java:1)
	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)
	at 
org.jasig.cas.web.support.AbstractArgumentExtractor.extractService(AbstractArgumentExtractor.java:43)
	at 
org.jasig.cas.web.support.WebUtils.getService_aroundBody4(WebUtils.java:97)

        at org.jasig.cas.web.support.WebUtils$AjcClosure5.run(WebUtils.java:1)

	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)

        at org.jasig.cas.web.support.WebUtils.getService(WebUtils.java:96)

	at 
org.jasig.cas.web.support.WebUtils.getService_aroundBody6(WebUtils.java:119)

        at org.jasig.cas.web.support.WebUtils$AjcClosure7.run(WebUtils.java:1)

	at 
org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
	at 
org.jasig.inspektr.aspect.TraceLogAspect.traceMethod(TraceLogAspect.java:44)

        at org.jasig.cas.web.support.WebUtils.getService(WebUtils.java:118)

	at 
org.jasig.cas.web.flow.InitialFlowSetupAction.doExecute(InitialFlowSetupAction.java:97)
	at 
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at 
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at 
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
	at 
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at 
org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
	at 
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at 
org.springframework.webflow.engine.ActionList.execute(ActionList.java:154)

        at org.springframework.webflow.engine.Flow.start(Flow.java:526)

	at 
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368)
	at 
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223)
	at 
org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140)
	at 
org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:238)
	at 
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
	at 
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
	at 
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)
	at 
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:857)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:620)

	at 
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)

	at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at 
org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:296)
	at 
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
	at 
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
	at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at 
org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)
	at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at 
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
	at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at 
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
	at 
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
	at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
	at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
	at 
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
	at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
	at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
	at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
	at 
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1041)
	at 
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
	at 
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313)
	at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

        at java.lang.Thread.run(Thread.java:745)
        Suppressed: java.util.zip.ZipException: incorrect header check

		at 
java.util.zip.InflaterOutputStream.flush(InflaterOutputStream.java:169)
		at 
java.util.zip.InflaterOutputStream.finish(InflaterOutputStream.java:186)
		at 
java.util.zip.InflaterOutputStream.close(InflaterOutputStream.java:129)
		at 
org.jasig.cas.util.CompressionUtils.inflate_aroundBody0(CompressionUtils.java:68)

                ... 107 more


What could be the reason of this? The md5 checksums of the moved files 
seem to match.


Thanks,

Nicolás


[1]: 
http://jasig.github.io/cas/4.1.x/integration/Google-Apps-Integration.html


--
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user






















					Reply via email to