[cas-user] Re: CAS6.4.x, common-codec error with SAML delegated AuthN

[Yan Zhou]

I looked at the code. it seems that either 1.15 or 1.16.0, both should 
work.    Not sure why we get NoSuchMethod error.

    /** Encoder used to produce chunked output. */
    @Nonnull private static final Base64 CHUNKED_ENCODER = new Base64(76, 
new byte[] { '\n' },
            false, CodecPolicy.STRICT);

     * @since 1.15
     */
    public Base64(final int lineLength, final byte[] lineSeparator, final 
boolean urlSafe,
                  final CodecPolicy decodingPolicy) {

On Thursday, November 2, 2023 at 1:40:43 PM UTC-4 Yan Zhou wrote:

> Hi there,
>
> CAS 6.4.6.6 overlay, using CAS for SAML delegated authN, getting this 
> error when go to /cas/login page, while it is generating CAS sp-metadata.xml
>
> CAS comes with commons-codec-1.15.jar,  one some RHEL, I had success with 
> replacing it with commons-codec-1.16.0.jar, but it still fails on other 
> RHEL. I suppose it is more than just commons-codec version?
>
> Thanks,
>
> cas.authn.pac4j.saml[0].keystorePath=/opt/jboss/ssoconf/samlsp/samlkeystore
> cas.authn.pac4j.saml[0].keystorePassword=changeit
> cas.authn.pac4j.saml[0].keystoreAlias=cas-samlsp
> cas.authn.pac4j.saml[0].privateKeyPassword=changeit
> cas.authn.pac4j.saml[0].serviceProviderEntityId=https://....../cas/samlsp
> cas.authn.pac4j.saml[0].clientName=Okta
>
> ^[[1;31m2023-11-02 17:19:38,864 ERROR [https-jsse-nio-8543-exec-14] 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
> <Forwarding to error page from request [/login] due to exception 
> [org.apache.commons.codec.binary.Base64.<init>(I[BZLorg/apache/commons/codec/CodecPolicy;)V]>
> ^[[m java.lang.NoSuchMethodError: 
> org.apache.commons.codec.binary.Base64.<init>(I[BZLorg/apache/commons/codec/CodecPolicy;)V
>         at 
> net.shibboleth.utilities.java.support.codec.Base64Support.<clinit>(Base64Support.java:46)
>  
> ~[java-support-8.2.1.jar:?]
>         at 
> org.opensaml.xmlsec.keyinfo.KeyInfoSupport.buildX509Certificate(KeyInfoSupport.java:380)
>  
> ~[opensaml-xmlsec-api-4.1.1.jar:?]
>         at 
> org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator.processEntityCertificate(X509KeyInfoGeneratorFactory.java:475)
>  
> ~[opensaml-xmlsec-impl-4.1.1.jar:?]
>         at 
> org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator.generate(X509KeyInfoGeneratorFactory.java:437)
>  
> ~[opensaml-xmlsec-impl-4.1.1.jar:?]
>         at 
> org.pac4j.saml.crypto.KeyStoreCredentialProvider.generateKeyInfoForCredential(KeyStoreCredentialProvider.java:128)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.crypto.KeyStoreCredentialProvider.getKeyInfo(KeyStoreCredentialProvider.java:94)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.metadata.BaseSAML2MetadataGenerator.buildSPSSODescriptor(BaseSAML2MetadataGenerator.java:240)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.metadata.BaseSAML2MetadataGenerator.buildEntityDescriptor(BaseSAML2MetadataGenerator.java:157)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.metadata.SAML2ServiceProviderMetadataResolver.prepareServiceProviderMetadata(SAML2ServiceProviderMetadataResolver.java:42)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.metadata.SAML2ServiceProviderMetadataResolver.<init>(SAML2ServiceProviderMetadataResolver.java:27)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.client.SAML2Client.initServiceProviderMetadataResolver(SAML2Client.java:201)
>  
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.saml.client.SAML2Client.internalInit(SAML2Client.java:113) 
> ~[pac4j-saml-5.3.1.jar:?]
>         at 
> org.pac4j.core.util.InitializableObject.init(InitializableObject.java:56) 
> ~[pac4j-core-5.3.1.jar:?]
>         at 
> org.pac4j.core.util.InitializableObject.init(InitializableObject.java:33) 
> ~[pac4j-core-5.3.1.jar:?]
>         at 
> org.apereo.cas.web.flow.DefaultDelegatedClientIdentityProviderConfigurationProducer.produce(DefaultDelegatedClientIdentityProviderConfigurationProducer.java:101)
>  
> ~[cas-server-support-pac4j-webflow-6.4.6.6.jar:6.4.6.6]
>         at 
> org.apereo.cas.web.flow.DefaultDelegatedClientIdentityProviderConfigurationProducer.lambda$produce$3(DefaultDelegatedClientIdentityProviderConfigurationProducer.java:70)
>  
> ~[cas-server-support-pac4j-webflow-6.4.6.6.jar:6.4.6.6]
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d2ab698-8307-4c07-b15f-de6894942997n%40apereo.org.