Leaving aside the errors in the code that may exist, it is normal, I am a newbie with saml security. I have a problem with a "try/catch" block that doesn't seem to be executed, at least I don't see a trace in the log. This is my code:
Credential credential = null;
final MetadataCredentialResolver metadataCredentialResolver = new MetadataCredentialResolver();
logger.info("Creando key resolver");
final KeyInfoCredentialResolver keyResolver = DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver();
RoleDescriptorResolver roleDescriptorResolver = null;
logger.info("Reciviendo metadatos");
//This try is not working
try {
File metadataFile = new File(getClass().getClassLoader().getResource("IDPMetadata.xml").toURI());
logger.info("Metadata recividos");
final FilesystemMetadataResolver metadataResolver = new FilesystemMetadataResolver(metadataFile);
roleDescriptorResolver = new BasicRoleDescriptorResolver(metadataResolver);
logger.info("Metadata resolver creado");
metadataResolver.setId(metadataResolver.getClass().getCanonicalName());
logger.info("Asignada la id");
metadataResolver.setParserPool(OpenSAMLUtils.getParserPool());
logger.info("Parse Pool asignado");
metadataResolver.initialize();
}catch(Exception e){
}
logger.info("metadata resueltos");
metadataCredentialResolver.setKeyInfoCredentialResolver(keyResolver);
metadataCredentialResolver.setRoleDescriptorResolver(roleDescriptorResolver);
try {
metadataCredentialResolver.initialize();
}catch(ComponentInitializationException e){
logger.info(e.getMessage());
}
logger.info("Credenciales adquiridas");
CriteriaSet criteriaSet = new CriteriaSet();
criteriaSet.add(new UsageCriterion(UsageType.SIGNING));
criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
criteriaSet.add(new ProtocolCriterion(SAMLConstants.SAML20P_NS));
criteriaSet.add(new EntityIdCriterion(SPConstants.SP_ENTITY_ID));
logger.info("Generando credenciales");
try {
credential = metadataCredentialResolver.resolveSingle(criteriaSet);
}catch(ResolverException e){
logger.info(e.getMessage());
}
logger.info("Credenciales creadas");
return credential;
}
And this is my log:
10:57:58,689 INFO [es.caib.accfor.api.SAML.SAMLConsumer] (default task-1) Verificando firma
10:57:58,690 INFO [es.caib.accfor.api.SAML.SAMLConsumer] (default task-1) adquiriendo firma
10:57:58,693 INFO [es.caib.accfor.api.SAML.SAMLConsumer] (default task-1) org.opensaml.xmlsec.signature.impl.SignatureImpl@4cdd2a52
10:57:58,695 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) Creando key resolver
10:57:58,697 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) Reciviendo metadatos
10:57:58,698 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) metadata resueltos
10:57:58,698 INFO [org.opensaml.saml.security.impl.MetadataCredentialResolver] (default task-1) RoleDescriptorResolver was not supplied, credentials may only be resolved via RoleDescriptorCriterion
10:57:58,698 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) Credenciales adquiridas
10:57:58,700 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) Generando credenciales
10:57:58,700 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) EntityID and role input were supplied but no RoleDescriptorResolver is configured
10:57:58,700 INFO [es.caib.accfor.api.util.IDPCredentials] (default task-1) Credenciales creadas
10:57:58,702 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /ucm/accfor-api/receiverPage: net.shibboleth.utilities.java.support.logic.ConstraintViolationException: Validation credential cannot be null
The question is why i dont see any trace in the log of this block?
Thanks in advance for your help.
Are you sure the code matches the deployed version of your code? If you can, launch the application locally and set a debug breakpoint in your IDE. I would also recommend to log in the catch block. I assume the culprit is the first line in the try body that throws an exception and the catch block silently captures it.
try {
File metadataFile = new File(getClass().getClassLoader().getResource("IDPMetadata.xml").toURI());
}catch(Exception e){
// log the exception
}
Since the log statement after that line is not present but the log statement after the try block is, it is evident that the File access fails.