个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
27
4
在 Spring SAML 中,我从 IDP 获得成功响应,但在验证 SAML 响应时,我收到异常Signature Reference URI '#JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ' did not resolve to the expected parent Element。我没有得到响应中的问题是因为响应还是在 spring SAML 中我是否需要进行任何配置。请找到以下异常和 SAML 响应。
2021-07-13 20:38:22,661 DEBUG [BaseSAMLSimpleSignatureSecurityPolicyRule] HTTP request was not signed via simple signature mechanism, skipping
2021-07-13 20:38:22,661 ERROR [SAMLSignatureProfileValidator] Signature Reference URI '#JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ' did not resolve to the expected parent Element
2021-07-13 20:38:22,663 DEBUG [SAMLProtocolMessageXMLSignatureSecurityPolicyRule] Protocol message signature failed signature pre-validation
org.opensaml.xml.validation.ValidationException: Signature Reference URI did not resolve to the expected parent Element
at org.opensaml.security.SAMLSignatureProfileValidator.validateReferenceURI(SAMLSignatureProfileValidator.java:159)
at org.opensaml.security.SAMLSignatureProfileValidator.validateSignatureImpl(SAMLSignatureProfileValidator.java:84)
at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:56)
at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:42)
at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.performPreValidation(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:164)
at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:105)
at org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51)
at org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132)
at org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83)
at org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70)
at org.springframework.security.saml.processor.SAMLProcessorImpl.retrieveMessage(SAMLProcessorImpl.java:105)
at org.springframework.security.saml.processor.SAMLProcessorImpl.retrieveMessage(SAMLProcessorImpl.java:172)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:80)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:186)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:615)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1627)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
2021-07-13 20:38:22,670 DEBUG [SAMLProcessingFilter] Incoming SAML message is invalid
org.opensaml.ws.security.SecurityPolicyException: Protocol message signature failed signature pre-validation
at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.performPreValidation(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:167)
at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:105)
at org.opensaml.ws.security.provider.BasicSecurityPolicy.evaluate(BasicSecurityPolicy.java:51)
at org.opensaml.ws.message.decoder.BaseMessageDecoder.processSecurityPolicy(BaseMessageDecoder.java:132)
at org.opensaml.ws.message.decoder.BaseMessageDecoder.decode(BaseMessageDecoder.java:83)
at org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:70)
at org.springframework.security.saml.processor.SAMLProcessorImpl.retrieveMessage(SAMLProcessorImpl.java:105)
at org.springframework.security.saml.processor.SAMLProcessorImpl.retrieveMessage(SAMLProcessorImpl.java:172)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:80)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:186)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:615)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1627)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.opensaml.xml.validation.ValidationException: Signature Reference URI did not resolve to the expected parent Element
at org.opensaml.security.SAMLSignatureProfileValidator.validateReferenceURI(SAMLSignatureProfileValidator.java:159)
at org.opensaml.security.SAMLSignatureProfileValidator.validateSignatureImpl(SAMLSignatureProfileValidator.java:84)
at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:56)
at org.opensaml.security.SAMLSignatureProfileValidator.validate(SAMLSignatureProfileValidator.java:42)
at org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule.performPreValidation(SAMLProtocolMessageXMLSignatureSecurityPolicyRule.java:164)
... 49 more
收到的 SAML 响应是:
<?xml version="1.0" encoding="UTF-8"?><saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://10.11.4.96:8071/testapp/saml/SSO" ID="JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ" InResponseTo="testapp" IssueInstant="2021-07-13T15:08:21.831Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>zTgjwhpc8z+68RkAkrX0CS0kQXA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>JeiDJJRN0P+FnHOPqmpVjX50+/GwAJcTsqXQ3KTmveOpiW7RZKVpuGFTeO/bPredy/6imXBCM8vHtiVEnsre5C3qkS1QawGq7Da2SIEtn6pFxe8nDvl/F1mecEu/JtyPf+lwIAgp0r74fA+12MrTS/v7sUBA473gCtVdCQUFxXcpSRTCXdKWwZrPDyht/8RHkfWiKmq6Xr+VzxgjPP/X/sXl0AKnaCBQafOYyrbeTltCseUtvPP2rDkgTp7Shiw/mWLoynAJhQ0TmJBPsx+gDkyB5xPLB4ozyjuRfElhe3yWr1rGX0VkN/O5VgL1BB5Y8ECpFHiVPotlsb72/7nQlg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIF8DCCBNqgAwIBAgIEAPhxijALBgkqhkiG9w0BAQswgY4xCzAJBgNVBAYTAklOMSowKAYDVQQKEyFlTXVkaHJhIENvbnN1bWVyIFNlcnZpY2VzIExpbWl0ZWQxHTAbBgNVBAsTFENlcnRpZnlpbmcgQXV0aG9yaXR5MTQwMgYDVQQDEytlLU11ZGhyYSBTdWIgQ0EgZm9yIENsYXNzIDEgSW5kaXZpZHVhbCAyMDE0MB4XDTE5MDEzMTA5MTQzNFoXDTIyMDEzMDA5MTQzNFowgdgxCzAJBgNVBAYTAklOMRgwFgYDVQQKEw9lTXVkaHJhIExpbWl0ZWQxHTAbBgNVBAsTFENlcnRpZnlpbmcgQXV0aG9yaXR5MQ8wDQYDVQQREwY1NjAxMDMxEjAQBgNVBAgTCUthcm5hdGFrYTFJMEcGA1UEBRNAODFkN2NjNjlkNTdhOGU4ZWNmZjg3MDRmMTNhMWE0NjUwMjYwZjNlYzRhYTI1ZDAzNTU2ZTQ3M2I0ZTAzMzMzZDEgMB4GA1UEAhdfhgsafdhfsahfdhsgfhdsatBgZggmRkAgEwIzAhBggrBgEFBQcCAjAVGhNDbGFzcyAxIENlcnRpZmljYXRlMFAGB2CCZGQBCAIwRTBDBggrBgEFBQcCARY3aHR0cDovL3d3dy5lLW11ZGhyYS5jb20vcmVwb3NpdG9yeS9jcHMvZS1NdWRocmFfQ1BTLnBkZjB6BggrBgEFBQcBAQRuMGwwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmUtbXVkaHJhLmNvbTBEBggrBgEFBQcwAoY4aHR0cDovL3d3dy5lLW11ZGhyYS5jb20vcmVwb3NpdG9yeS9jYWNlcnRzL0MxU0NBMjAxNC5jcnQwRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL3d3dy5lLW11ZGhyYS5jb20vcmVwb3NpdG9yeS9jcmxzL0MxU0NBMjAxNC5jcmwwCwYJKoZIhvcNAQELA4IBAQAnIl1Un14pCfR0xv0iimPl1CFS8WocyDsp7Kbkofq5nTDgnYHyY+s+cjIIp5V0Yo1IEMK3abtl5HryjczRZ6yNtdcJsRmFz2s4wpA4PrjhOw8h8d8MRVc3AfmKGLRi0Y37RtGCieAcDSsZFrDn0SGphzkKmE4otbJhXwdioSiNWFh84bykzUtrr8YFGN+idjrFf5OiMeSCoN31ThAr3X70A1mc5x2c3k91WJQKuIQswwz+LtLKq2kLLQ4syRI0jlqcz+P+qfJWn7py7jU09txey2AuSndBNVWNhD+dNoRvKXnj6YW1uTBvVDFI5nnsoRqroLqaxbx4Ek4umXxwmK3D</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
<saml2p:StatusMessage>accessGranted</saml2p:StatusMessage>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ" IssueInstant="2021-07-13T15:08:21.831Z" Version="2.0">
<saml2:Issuer>IDP01</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">admin</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData InResponseTo="testapp" NotOnOrAfter="2021-07-13T15:23:21.831Z" Recipient="testapp"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotOnOrAfter="2021-07-13T15:23:21.831Z">
<saml2:AudienceRestriction>
<saml2:Audience>testapp</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2021-07-13T15:08:21.831Z" SessionIndex="JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ" SessionNotOnOrAfter="2021-07-13T15:23:21.831Z">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef/>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute Name="app_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">testapp</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">admin.m@test.com</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="access_mode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">write</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="user_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">admin</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
</saml2p:Response>
最佳答案
您在验证 xml 签名的引用 URI 时遇到异常。验证规则是,如果引用 uri 不为空(在您的情况下不为空 - #JJl4B32SXAqLfdR2R0mkYN-yLimsrLWVGHmHIvEcpuQ那么它必须是对本地文档片段的引用,并通过后者的 ID 属性值指向 SAMLObject 父级
如果您可以附加调试器,那么您可以在 SAMLSignatureProfileValidator 类的以下方法中看到它失败的原因。您的应用在此方法的最后一个代码块处失败。
当我使用 SSO Circle 作为 SAML IdP 测试我的本地设置时 - 它成功通过了验证(请参阅调试器屏幕截图)。两个对象引用相同(id=531)
protected void validateReferenceURI(String uri, SignableSAMLObject signableObject) throws ValidationException {
String id = signableObject.getSignatureReferenceID();
validateReferenceURI(uri, id);
if (DatatypeHelper.isEmpty(uri)) {
return;
}
String uriID = uri.substring(1);
Element expected = signableObject.getDOM();
if (expected == null) {
log.error("SignableSAMLObject does not have a cached DOM Element.");
throw new ValidationException("SignableSAMLObject does not have a cached DOM Element.");
}
Document doc = expected.getOwnerDocument();
Element resolved = IdResolver.getElementById(doc, uriID);
if (resolved == null) {
log.error("Apache xmlsec IdResolver could not resolve the Element for id reference: {}", uriID);
throw new ValidationException("Apache xmlsec IdResolver could not resolve the Element for id reference: "
+ uriID);
}
if (!expected.isSameNode(resolved)) {
log.error("Signature Reference URI '{}' did not resolve to the expected parent Element", uri);
throw new ValidationException("Signature Reference URI did not resolve to the expected parent Element");
}
}
关于spring - 获取签名引用 URI 的 SAML 未解析为预期的父元素,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68366103/
27
4
0
这个问题在这里已经有了答案: 关闭 10 年前。 Possible Duplicate: template pass by value or const reference or…? 以下对于将函数
我用相同的参数列表重载了一个运算符两次。但返回类型不同: T& operator()(par_list){blablabla} const T& operator()(par_list){bla
假设我有实现接口(interface) I 的 Activity A。我的 ViewModel 类 (VM) 持有对实现接口(interface) I 的对象的引用: class A extends
PHP 如何解释 &$this ?为什么允许? 我遇到了以下问题,这看起来像是 PHP 7.1 和 7.2 中的错误。它与 &$this 引用和跨命名空间调用以及 call_user_func_arr
谁能解释一下下面“&”的作用: class TEST { } $abc =& new TEST(); 我知道这是引用。但是有人可以说明我为什么以及什么时候需要这样的东西吗?或者给我指向一个对此有很好解
引用变量是一个别名,也就是说,它是某个已存在变量的另一个名字。一旦把引用初始化为某个变量,就可以使用该引用名称或变量名称来指向变量。 C++ 引用 vs 指针 引用很容易与指针混淆,它们之间有三
目录 引言 背景 结论 引言 我选择写C++中的引用是因为我感觉大多数人误解了引用。而我之所以有这个感受是因为我主持过很多C++的面试,并且我很少
Perl 中的引用是指一个标量类型可以指向变量、数组、哈希表(也叫关联数组)甚至函数,可以应用在程序的任何地方 创建引用 定义变量的时候,在变量名前面加个 \,就得到了这个变量的一个引用 $sc
我编写了一个将从主脚本加载的 Perl 模块。该模块使用在主脚本中定义的子程序(我不是维护者)。 对于主脚本中的一个子例程,需要扩展,但我不想修补主脚本。相反,我想覆盖我的模块中的函数并保存对原始子例
我花了几个小时试图掌握 F# Quotations,但我遇到了一些障碍。我的要求是从可区分的联合类型中取出简单的函数(只是整数、+、-、/、*)并生成一个表达式树,最终将用于生成 C 代码。我知道使用
很多时候,问题(尤其是那些标记为 regex 的问题)询问验证密码的方法。似乎用户通常会寻求密码验证方法,包括确保密码包含特定字符、匹配特定模式和/或遵守最少字符数。这篇文章旨在帮助用户找到合适的密码
我想通过 MIN 函数内的地址(例如,C800)引用包含文本的最后一个单元格。你能帮忙吗? Sub Set_Formula() ' ----------------------------- Dim
使用常规的 for 循环,我可以做类似的事情: for (let i = 0; i < objects.length; i++) { delete objects[i]; } 常规的 for-
在 Cucumber 中,您定义了定义 BDD 语法的步骤;例如,您的测试可能有: When I navigate to step 3 然后你可以定义一个步骤: When /^I navigate t
这是什么UnaryExpression的目的,以及应该怎样使用? 最佳答案 它需要一个 Expression对象并用另一个 Expression 包裹它.例如,如果您有一个用于 lambda 的表达式
给出以下内容 $("#identifier div:first, #idetifier2").fadeOut(300,function() { // I need to reference jus
我不知道我要找的东西的正确术语,但我要找的是一个完整的引用,可以放在双引号之间的语句,比如 *, node()、@* 以及所有列出的 here加上任何其他存在的。 我链接到的答案提供了一些细节,但还
This question's answers are a community effort。编辑现有答案以改善此职位。它当前不接受新的答案或互动。 这是什么? 这是常见问答的集合。这也是一个社区Wi
Closed. This question does not meet Stack Overflow guidelines。它当前不接受答案。 想改善这个问题吗?更新问题,以便将其作为on-topic
考虑下一个代码: fn get_ref(slice: &'a Vec, f: fn(&'a Vec) -> R) -> R where R: 'a, { f(slice) } fn m
我是一名优秀的程序员,十分优秀!