我已经在wso2 esb页面中启用了SSO,它以前工作正常但是因为我们已经更改了IS和ESB中的认证。现在,当尝试通过IS登录ESB时,我得到:SAML断言的签名验证失败:签名无效。 我已经为wso2is和wso2esb密钥库添加了Esb和IS证书。 错误仍然存在。
2015-05-28 09:59:17,281 log_level=WARN thread=http-nio-9443-exec-24 logger=org.apache.xml.security.signature.XMLSignature [Signature verification failed.]
2015-05-28 09:59:17,281 log_level=WARN thread=http-nio-9443-exec-24 logger=org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil [Signature Validation Failed for the SAML Assertion : Signature is invalid.]
2015-05-28 09:59:17,281 log_level=DEBUG thread=http-nio-9443-exec-24 logger=org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil [org.wso2.carbon.identity.base.IdentityException: Signature Validation Failed for the SAML Assertion : Signature is invalid.]
2015-05-28 09:59:17,281 log_level=WARN thread=http-nio-9443-exec-24 logger=org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor [Signature validation for Authentication Request failed.]
2015-05-28 09:59:33,747 log_level=DEBUG thread=pool-29-thread-1 logger=org.wso2.carbon.identity.application.authentication.framework.store.SessionCleanUpService [Start running the Session Data cleanup task.]
2015-05-28 09:59:33,759 log_level=DEBUG thread=pool-29-thread-1 logger=org.wso2.carbon.identity.application.authentication.framework.store.SessionCleanUpService [Stop running the Session Data cleanup task.]
答案 0 :(得分:1)
如果更改了WSO2IS和WSO2ESB的密钥库,则需要导出WSO2IS的主密钥库的证书并将其导入WSO2ESB的主密钥库。然后,您需要指定用于将证书导入WSO2ESB主密钥库的alias名称。必须在/repository/conf/security/authenticators.xml文件中的以下属性下配置它。
<Parameter name="IdPCertAlias">wso2carbon</Parameter>