Hi Sajith, This issue was identified in [1] and we have fixed the issue with [2]. This issue can be resolve by using the new opensaml orbit. We are planning to release identity repositories (~50) on top of kernel 4.4.6, after fixing the security vulnerabilities as stated in [3]. You can refer [4] to get the latest updates on IS 5.2.0 GA release.
Thanks, Kasun. [1] https://wso2.org/jira/browse/IDENTITY-4680 [2] [Engineering] Request to merge and release opensaml 2.6.4.wso2v3 orbit [3] [Engineering] Security Hackathon to start from tomorrow [4] [Engineering] IS 5.2.0 GA Update On Fri, Jun 24, 2016 at 10:10 AM, Sajith Abeywardhana <saji...@wso2.com> wrote: > Hi IS Team, > > AppM has been updated to the carbon kernel 4.4.6, and also I updated the > IS version to 5.1.1-SNAPSHOT. When I try to login to the publisher jaggery > app I got below exception[1]. > > The root cause is for this is, opensaml_2.6.4.wso2v2 haven't properly > imported the required bouncy castle version which is version > 1.52.0.wso2v1(packed > with kernel 4.4.6), and currently, it's [1.49.0,1.50.0)[2]. > > Then I found that there is an opensaml_2.6.4.wso2v3 orbit bundle in the > git repo with the required bouncy castle version[3]. So when you are > planning to release the IS version, which bundles the opensaml_2.6.4.wso2v3 > into a feature? Currently, we are blocking due to this issue. > > > [1]. osgi> [2016-06-24 00:18:46,052] ERROR - StandardWrapperValve > Servlet.service() for servlet [bridgeservlet] in context with path [/] > threw exception [Servlet execution threw an exception] with root cause > java.lang.ClassNotFoundException: org.bouncycastle.util.encoders.Hex > cannot be found by opensaml_2.6.4.wso2v2 > at > org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:501) > at > org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:421) > at > org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:412) > at > org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107) > at java.lang.ClassLoader.loadClass(ClassLoader.java:358) > at > org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:63) > at > org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:56) > at > org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil.createID(SAMLSSOUtil.java:726) > at > org.wso2.carbon.identity.sso.saml.builders.DefaultResponseBuilder.buildResponse(DefaultResponseBuilder.java:57) > at > org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor.process(SPInitSSOAuthnRequestProcessor.java:160) > at > org.wso2.carbon.identity.sso.saml.SAMLSSOService.authenticate(SAMLSSOService.java:164) > at > org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleAuthenticationReponseFromFramework(SAMLSSOProviderServlet.java:702) > at > org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleRequest(SAMLSSOProviderServlet.java:178) > at > org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.doGet(SAMLSSOProviderServlet.java:95) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > at > org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) > at > org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) > at > org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) > at > org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > at > org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:61) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) > at > org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) > at > org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) > at > org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) > at > org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) > at > org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) > at > org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) > at > org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749) > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Thread.java:745) > > [2]. > https://github.com/wso2/orbit/blob/master/opensaml/2.6.4.wso2v2/pom.xml#L322 > > [3]. > https://github.com/wso2/orbit/blob/master/opensaml/2.6.4.wso2v3/pom.xml#L342 > > Regards, > Sajith. > > -- > *Sajith Abeywardhana* | Software Engineer > WSO2, Inc | lean. enterprise. middleware. > #20, Palm Grove, Colombo 03, Sri Lanka. > Mobile: +94772260485 > Email: saji...@wso2.com | Web: www.wso2.com > -- Kasun Bandara *Software Engineer* Mobile : +94 (0) 718 338 360 <%2B94%20%280%29%20773%20451194> kas...@wso2.com <thili...@wso2.com>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
