-
Type:
Bug
-
Status: Resolved
-
Priority:
Blocker
-
Resolution: Fixed
-
Affects Version/s: None
-
Component/s: Digital Signature, Distribution / Installers, PDF Utils, SAML
-
Sprint:nxcore 10.1.3
-
Story Points:2
There's a mismatch between our version of OpenSAML and the old version of BouncyCastle that we ship. OpenSAML's xmltooling-1.4.4 depends on bcprov 1.51 but we ship 1.45 which seems to be missing the method seen in the stack trace below.
ERROR [HTTPMetadataProvider] Error retrieving metadata from https://dev-123123.oktapreview.com/app/xyz123xyz123/sso/saml/metadata javax.net.ssl.SSLException: Error in hostname verification at org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.verifyHostname(TLSProtocolSocketFactory.java:241) at org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.createSocket(TLSProtocolSocketFactory.java:194) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.opensaml.saml2.metadata.provider.HTTPMetadataProvider.fetchMetadata(HTTPMetadataProvider.java:250) at org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider.refresh(AbstractReloadingMetadataProvider.java:255) at org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider.doInitialization(AbstractReloadingMetadataProvider.java:236) at org.opensaml.saml2.metadata.provider.AbstractMetadataProvider.initialize(AbstractMetadataProvider.java:407) at org.nuxeo.ecm.platform.auth.saml.SAMLAuthenticationProvider.initializeMetadataProvider(SAMLAuthenticationProvider.java:271) at org.nuxeo.ecm.platform.auth.saml.SAMLAuthenticationProvider.initPlugin(SAMLAuthenticationProvider.java:193) at org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService.registerContribution(PluggableAuthenticationService.java:145) at org.nuxeo.runtime.model.DefaultComponent.registerExtension(DefaultComponent.java:53) at org.nuxeo.runtime.model.impl.ComponentInstanceImpl.registerExtension(ComponentInstanceImpl.java:209) at org.nuxeo.runtime.model.impl.ComponentManagerImpl.registerExtension(ComponentManagerImpl.java:413) at org.nuxeo.runtime.model.impl.RegistrationInfoImpl.activate(RegistrationInfoImpl.java:439) at org.nuxeo.runtime.model.impl.ComponentManagerImpl.activateComponent(ComponentManagerImpl.java:547) at org.nuxeo.runtime.model.impl.ComponentManagerImpl.activateComponents(ComponentManagerImpl.java:524) at org.nuxeo.runtime.model.impl.ComponentManagerImpl.start(ComponentManagerImpl.java:787) at org.nuxeo.runtime.osgi.OSGiRuntimeService.startComponents(OSGiRuntimeService.java:460) at org.nuxeo.runtime.osgi.OSGiRuntimeService.frameworkEvent(OSGiRuntimeService.java:475) at org.nuxeo.osgi.OSGiAdapter.fireFrameworkEvent(OSGiAdapter.java:223) at org.nuxeo.osgi.application.loader.FrameworkLoader.doStart(FrameworkLoader.java:226) at org.nuxeo.osgi.application.loader.FrameworkLoader.start(FrameworkLoader.java:125) at org.nuxeo.runtime.deployment.NuxeoStarter.start(NuxeoStarter.java:120) at org.nuxeo.runtime.deployment.NuxeoStarter.contextInitialized(NuxeoStarter.java:93) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4745) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5207) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:630) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1842) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.NoSuchMethodError: org.bouncycastle.asn1.ASN1InputStream.readObject()Lorg/bouncycastle/asn1/ASN1Primitive; at org.opensaml.xml.security.x509.X509Util.getCommonNames(X509Util.java:162) at org.opensaml.xml.security.x509.tls.StrictHostnameVerifier.check(StrictHostnameVerifier.java:47) at org.apache.commons.ssl.HostnameVerifier$AbstractVerifier.verify(HostnameVerifier.java:244) at org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.verifyHostname(TLSProtocolSocketFactory.java:232) ... 40 more
