SAML_SSO: Unable to validate Response, see SAMLRequest overview for detailed response. Error: Failed to decrypt EncryptedData

0
After configuration of SAML20 a user tries to login but we see the following error in the application log: Jan 4 15:00:53.475 - ERROR - SAML_SSO: Unable to validate Response, see SAMLRequest overview for detailed response. Error: org.opensaml.xml.validation.ValidationException: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:53.477 - ERROR - SAML_SSO: (1/88) org.opensaml.common.SAMLException: org.opensaml.xml.validation.ValidationException: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:53.477 - ERROR - SAML_SSO: (2/88) #011at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:175) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (3/88) #011at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:33) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (4/88) #011at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:172) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (5/88) #011at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:40) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (6/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:70) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (7/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:67) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (8/88) #011at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:33) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (9/88) #011at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (10/88) #011at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.java:873) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (11/88) #011at com.mendix.m2ee.appcontainer.server.handler.RuntimeHandler.handle(RuntimeHandler.java:41) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (12/88) #011at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (13/88) #011at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (14/88) #011at org.eclipse.jetty.server.Server.handle(Server.java:368) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (15/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (16/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:953) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (17/88) #011at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1014) Jan 4 15:00:53.477 - ERROR - SAML_SSO: (18/88) #011at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:861) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (19/88) #011at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (20/88) #011at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (21/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (22/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (23/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (24/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (25/88) #011at java.lang.Thread.run(Thread.java:748) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (26/88) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (27/88) Caused by: org.opensaml.xml.validation.ValidationException: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:53.478 - ERROR - SAML_SSO: (28/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:71) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (29/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:35) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (30/88) #011at saml20.implementation.wrapper.MxSAMLResponse.getAssertion(MxSAMLResponse.java:206) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (31/88) #011at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:58) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (32/88) #011at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:33) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (33/88) #011at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:172) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (34/88) #011at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:40) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (35/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:70) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (36/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:67) Jan 4 15:00:53.478 - ERROR - SAML_SSO: (37/88) #011at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:33) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (38/88) #011at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (39/88) #011at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.java:873) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (40/88) #011at com.mendix.m2ee.appcontainer.server.handler.RuntimeHandler.handle(RuntimeHandler.java:41) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (41/88) #011at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (42/88) #011at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (43/88) #011at org.eclipse.jetty.server.Server.handle(Server.java:368) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (44/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (45/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:953) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (46/88) #011at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1014) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (47/88) #011at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:861) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (48/88) #011at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (49/88) #011at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (50/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (51/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (52/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (53/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (54/88) #011at java.lang.Thread.run(Thread.java:748) Jan 4 15:00:53.479 - ERROR - SAML_SSO: (55/88) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (56/88) Caused by: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:53.480 - ERROR - SAML_SSO: (57/88) #011at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:535) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (58/88) #011at org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:442) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (59/88) #011at org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:403) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (60/88) #011at org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:141) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (61/88) #011at org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:69) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (62/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:61) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (63/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:35) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (64/88) #011at saml20.implementation.wrapper.MxSAMLResponse.getAssertion(MxSAMLResponse.java:206) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (65/88) #011at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:58) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (66/88) #011at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:33) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (67/88) #011at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:172) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (68/88) #011at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:40) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (69/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:70) Jan 4 15:00:53.480 - ERROR - SAML_SSO: (70/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:67) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (71/88) #011at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:33) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (72/88) #011at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (73/88) #011at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.java:873) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (74/88) #011at com.mendix.m2ee.appcontainer.server.handler.RuntimeHandler.handle(RuntimeHandler.java:41) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (75/88) #011at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (76/88) #011at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (77/88) #011at org.eclipse.jetty.server.Server.handle(Server.java:368) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (78/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (79/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:953) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (80/88) #011at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1014) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (81/88) #011at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:861) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (82/88) #011at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (83/88) #011at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (84/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (85/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (86/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (87/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) Jan 4 15:00:53.481 - ERROR - SAML_SSO: (88/88) #011at java.lang.Thread.run(Thread.java:748) Jan 4 15:00:57.704 - ERROR - SAML_SSO: Unable to validate Response, see SAMLRequest overview for detailed response. Error: org.opensaml.xml.validation.ValidationException: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:57.706 - ERROR - SAML_SSO: (1/88) org.opensaml.common.SAMLException: org.opensaml.xml.validation.ValidationException: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:57.706 - ERROR - SAML_SSO: (2/88) #011at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:175) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (3/88) #011at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:33) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (4/88) #011at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:172) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (5/88) #011at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:40) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (6/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:70) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (7/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:67) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (8/88) #011at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:33) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (9/88) #011at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (10/88) #011at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.java:873) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (11/88) #011at com.mendix.m2ee.appcontainer.server.handler.RuntimeHandler.handle(RuntimeHandler.java:41) Jan 4 15:00:57.706 - ERROR - SAML_SSO: (12/88) #011at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (13/88) #011at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (14/88) #011at org.eclipse.jetty.server.Server.handle(Server.java:368) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (15/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (16/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:953) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (17/88) #011at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1014) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (18/88) #011at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:861) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (19/88) #011at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (20/88) #011at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (21/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (22/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (23/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (24/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (25/88) #011at java.lang.Thread.run(Thread.java:748) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (26/88) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (27/88) Caused by: org.opensaml.xml.validation.ValidationException: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:57.707 - ERROR - SAML_SSO: (28/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:71) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (29/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:35) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (30/88) #011at saml20.implementation.wrapper.MxSAMLResponse.getAssertion(MxSAMLResponse.java:206) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (31/88) #011at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:58) Jan 4 15:00:57.707 - ERROR - SAML_SSO: (32/88) #011at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:33) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (33/88) #011at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:172) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (34/88) #011at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:40) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (35/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:70) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (36/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:67) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (37/88) #011at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:33) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (38/88) #011at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (39/88) #011at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.java:873) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (40/88) #011at com.mendix.m2ee.appcontainer.server.handler.RuntimeHandler.handle(RuntimeHandler.java:41) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (41/88) #011at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (42/88) #011at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (43/88) #011at org.eclipse.jetty.server.Server.handle(Server.java:368) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (44/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (45/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:953) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (46/88) #011at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1014) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (47/88) #011at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:861) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (48/88) #011at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (49/88) #011at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (50/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (51/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) Jan 4 15:00:57.708 - ERROR - SAML_SSO: (52/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (53/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (54/88) #011at java.lang.Thread.run(Thread.java:748) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (55/88) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (56/88) Caused by: org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData Jan 4 15:00:57.709 - ERROR - SAML_SSO: (57/88) #011at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:535) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (58/88) #011at org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:442) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (59/88) #011at org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:403) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (60/88) #011at org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:141) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (61/88) #011at org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:69) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (62/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:61) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (63/88) #011at saml20.implementation.wrapper.MxSAMLEncryptedAssertion.decryptAssertion(MxSAMLEncryptedAssertion.java:35) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (64/88) #011at saml20.implementation.wrapper.MxSAMLResponse.getAssertion(MxSAMLResponse.java:206) Jan 4 15:00:57.709 - ERROR - SAML_SSO: (65/88) #011at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:58) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (66/88) #011at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:33) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (67/88) #011at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:172) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (68/88) #011at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:40) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (69/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:70) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (70/88) #011at com.mendix.external.connector.MxRuntimeConnector$1.execute(MxRuntimeConnector.java:67) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (71/88) #011at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:33) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (72/88) #011at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (73/88) #011at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.java:873) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (74/88) #011at com.mendix.m2ee.appcontainer.server.handler.RuntimeHandler.handle(RuntimeHandler.java:41) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (75/88) #011at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52) Jan 4 15:00:57.710 - ERROR - SAML_SSO: (76/88) #011at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (77/88) #011at org.eclipse.jetty.server.Server.handle(Server.java:368) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (78/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (79/88) #011at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:953) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (80/88) #011at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1014) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (81/88) #011at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:861) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (82/88) #011at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (83/88) #011at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (84/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (85/88) #011at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (86/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (87/88) #011at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) Jan 4 15:00:57.711 - ERROR - SAML_SSO: (88/88) #011at java.lang.Thread.run(Thread.java:748) The situation is as follows: The SAML Configuration worked in the acceptance environment; We restored the production database to the acceptance environment (Only the DB); We configured the SAML configuration again After configuration we get the error as mentioned above   When we restore the complete acceptance environment the SSO is working again. What can be the cause this error?
asked
3 answers
1

From the log it looks like that there is something going wrong in the decryption of the message. I would advise to use SAML tracer (a Firefox plugin) to see all the SAML messages. It might give you a clue why it can not decrypt the messages. Another option would be to use Wireshark but that gets very technical.

Regards,

Ronald

 

answered
1

Hi Theo,

It seems like the configuration has not been set correctly. In the SAML module, there is a the SAMLConfiguration_Overview snippet. When you navigate there on your application, you see the specific request that the user has sent. It is easier to debug from that information there.

You can send your request to your IdP and discuss with them what certificate they've been set to receive.

answered
1

I had this before when the encryption from the IDP and SP side where not aligned. For me both had to be configured useing SHA256.

answered