Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-312

Cannot resolve element with ID error when signing SAML Assertion element with ID attribute

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Not A Problem
    • Affects Version/s: Java 1.5.1
    • Fix Version/s: None
    • Component/s: None
    • Security Level: Public (Public issues, viewable by everyone)
    • Labels:
      None

      Description

      When trying to sign a SAML 2.0 Assertion XML element using the Apache XML Security provider (org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI), the below error is thrown and operation fails. This is seen in xmlsec 1.5.1 (java).

      However, using this provider (which is part of Java 6 and also was part of xmlsec 1.4.5) - org.jcp.xml.dsig.internal.dom.XMLDSigRI does not result in any error.

      Please see attached test code to repro the problem.

      ------- Unit test output ----------
      XMLSignatureFactory class = org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory

      javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
      at org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:419)
      at org.apache.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:347)
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:471)
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:370)
      at example.xmlseclib.TestSignAssertion.testSign(TestSignAssertion.java:117)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
      at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
      at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
      at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
      at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
      at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
      at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
      at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
      at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
      at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
      at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
      at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
      at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
      at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
      at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
      at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
      at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:76)
      at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:182)
      at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:62)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
      Caused by: javax.xml.crypto.URIReferenceException: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
      at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:122)
      at org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:413)
      ... 32 more
      Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
      at org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(ResolverFragment.java:86)
      at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:279)
      at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:115)
      ... 33 more
      javax.xml.crypto.URIReferenceException: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
      at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:122)
      at org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:413)
      at org.apache.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:347)
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:471)
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:370)
      at example.xmlseclib.TestSignAssertion.testSign(TestSignAssertion.java:117)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
      at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
      at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
      at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
      at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
      at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
      at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
      at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
      at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
      at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
      at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
      at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
      at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
      at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
      at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
      at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
      at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:76)
      at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:182)
      at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:62)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
      Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID ID_b528ce76-71e5-4012-aabb-daa952e14603
      at org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(ResolverFragment.java:86)
      at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:279)
      at org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:115)
      ... 33 more

      Process finished with exit code 255

        Attachments

        1. TestSignAssertion.java
          5 kB
          Murali Gunasekaran
        2. client.jks
          6 kB
          Murali Gunasekaran
        3. assertion.xml
          2 kB
          Murali Gunasekaran

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              murakris Murali Gunasekaran
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: