HTTP ERROR 500 Problem accessing /sso/saml2/login. Reason: Server Error
search cancel

HTTP ERROR 500 Problem accessing /sso/saml2/login. Reason: Server Error

book

Article ID: 125508

calendar_today

Updated On:

Products

CA Infrastructure Management CA Performance Management

Issue/Introduction

HTTP ERROR 500 Problem accessing /sso/saml2/login. Reason: Server Error Caused by: java.lang.RuntimeException: Unable to marshall the protocol message for request: org.opensaml.saml2.core.impl.AuthnRequestImpl@6f9face8 at common.saml2.MessageEncoder.generateRedirectURL(MessageEncoder.java:64) at common.saml2.AuthenticationRequest.generateRedirectURL(AuthenticationRequest.java:80) at common.sso.saml2.SAML2Login.saml2Login(SAML2Login.java:165) at common.sso.saml2.SAML2Login.doGet(SAML2Login.java:62) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:821) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1685) at com.ca.im.portal.common.web.security.RequestFilter.doFilter(RequestFilter.java:26) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119) at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:318) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119) at org.eclipse.jetty.server.Server.handle(Server.java:517) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:192) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572) at java.lang.Thread.run(Thread.java:748) Caused by: org.opensaml.ws.message.encoder.MessageEncodingException: The signing credential's algorithm URI could not be derived at org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder.getSignatureAlgorithmURI(HTTPRedirectDeflateEncoder.java:222) at org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder.buildRedirectURL(HTTPRedirectDeflateEncoder.java:187) at common.saml2.MessageEncoder.generateRedirectURL(MessageEncoder.java:57) ... 37 more Caused by: org.opensaml.ws.message.encoder.MessageEncodingException: The signing credential's algorithm URI could not be derived at

Environment

CA Performance Management

Cause

Currently, there can only be one certificate in the SAML2 keystore referenced from the saml2.properties file.

When listing the keystore you should only see one key pair.

Resolution

Make sure the SAML keystore only contains the one key pair.

The root and any intermediates are imported into the Java cacerts keystore per the documentation.

Powered by Wolken Software