WSO2 Identity Server. Error when processing request

Question

getting the following error accessing a tomcat app that is linked to a WSO2 Identity Server

TID[-1234] [IS] [2014-02-12 11:43:34,386] ERROR
{org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Error when processing the authentication request! org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil.unmarshall(SAMLSSOUtil.java:193) org.wso2.carbon.identity.sso.saml.SAMLSSOService.validateSPInitSSORequest(SAMLSSOService.java:67) org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleSPInitSSO(SAMLSSOProviderServlet.java:236) org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleRequest(SAMLSSOProviderServlet.java:132) org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.doPost(SAMLSSOProviderServlet.java:81) javax.servlet.http.HttpServlet.service(HttpServlet.java:755) javax.servlet.http.HttpServlet.service(HttpServlet.java:848) org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) javax.servlet.http.HttpServlet.service(HttpServlet.java:848) org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:744)

Answer 1

I guess you are using SSO web application with WSO2IS. According to the error, It seems to be that SAML Request that is send from the SSO web application is not valid. Could you give some more details about the WSO2IS version and the download location of the web application that you tried out. However for more detail, you can enable debug logs in the SAML compoent by adding following entry in to log4j.prorperties file at /repository/conf

log4j.logger.org.wso2.carbon.identity.sso.saml=DEBUG

Answer 2

I was having the same problem and fixed it by unchecking "Enable Signature Validation" and "Enable Assertion Encryption".