spring-boot - Spring Security SAML 正在抛出响应没有任何可以通过主题验证的有效断言
问题描述
尝试使用 IssueInstant 的未来日期测试 Spring Security SAML 响应失败,因为 Response 没有任何可以通过主题验证的有效断言。更新了 setSkewResponse、setMaxAuthenticationAge、setMaxAssertionTime 和 IDP 签名和加密密钥的 WebSSOProfileConsumerImpl 在 /saml/idp 中更新并通过类路径分配它。有人遇到过这个问题吗?
Response>;org.opensaml.common.SAMLException: Response doesn't have any valid assertion which would pass subject validation
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:265)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:88)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:92)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:186)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:74)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
解决方案
推荐阅读
- python - 如何在不中断先前播放的情况下在 gstreamer 中执行重新触发/重新启动示例
- javascript - React UseEffect 在页面刷新时不起作用
- javascript - 无法使用 Axios.put 从前端到后端获取变量
- qt - 从服务器 php 脚本返回西班牙语字符时出现 Qt 编码错误
- python - Python df 按日期添加行,因此每个组在同一日期结束。填充剩余的行
- python - 在 macbook pro 10.13.6 上安装 Matplotlib
- vscode-settings - 我可以将 VSCode 终端图标更改为原始图标吗?
- swiftui - SwiftUI View 读取过时的 ObservableObject 属性值
- python - 如何使用 PyPDF2 从 PDF 中以正确的顺序提取文本?
- wordpress - 使用远程数据开发本地 WP 站点 - 无法连接?