[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [] in the SAML assertion is not valid.
[ERROR ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:151)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:131)
at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:452)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
at org.junit.rules.RunRules.evaluate(RunRules.java:18)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:60)
at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:52)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:574)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at jdk.proxy1/jdk.proxy1.$Proxy2.processTestClass(Unknown Source)
at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:176)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:129)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:100)
at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:60)
at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:113)
at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:65)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [SubjectConfirmationData] element. A [SubjectConfirmationData] element is required.
[ERROR ] CWWKS5051E: The SAML assertion contains a SubjectConfirmationData element with a NotBefore attribute. This condition is not allowed.
[ERROR ] CWWKS5052E: The [NotOnOrAfter] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5053E: The NotOnOrAfter attribute [1024-06-19T12:23:34.200Z] in the SubjectConfirmationData element is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5052E: The [Recipient] attribute on the [SubjectConfirmationData] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5055E: The Recipient [recipient_does_not_match] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKS5055E: The Recipient [http://bogusmachine.ibm.com] in the SAML assertion does not match the AssertionConsumerService (ACS) URL: [http://mx-gdl:8010/ibm/saml20/edu/acs].
[ERROR ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported. The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element. A [AudienceRestriction] element is required.
[ERROR ] CWWKS5057E: The NotBefore attribute [3024-06-19T12:23:34.249Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5058E: The NotOnOrAfter condition [1024-06-19T12:23:34.256Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 minutes.
[ERROR ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty. This condition is not allowed.
[ERROR ] CWWKS5062E: The SessionNotOnOrAfter attribute [2024-06-19T12:20:34.306Z] is out of range. The current time is [6/19/24, 12:23 PM]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success. Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR ] CWWKS5011E: The IssueInstant [3024-06-19T12:23:34.398Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.399Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:23:34.416Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.417Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:21:34.436Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.437Z]. The current clock skew setting is 60 seconds.
[ERROR ] CWWKS5011E: The IssueInstant [2024-06-19T12:25:34.443Z] in the SAML response is out of range. The current time is [2024-06-19T12:23:34.444Z]. The current clock skew setting is 0 seconds.
[ERROR ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:212)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:198)
com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:171)
com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:612)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR ] Cannot process the request because SAML Response from the IdP is missing
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:367)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
....
].
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [Subject] element. A [Subject] element is required.
[ERROR ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element. A [AuthnStatement] element is required.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot throw exception because "lastException" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:144)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_EmptyListAssertion(WebSSOConsumerTest.java:428)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:461)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:574)
....
].
[ERROR ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.IllegalStateException]. Cause:[tried to return a java.lang.String from a method that can only return a org.opensaml.saml.saml2.core.Assertion], StackTrace: [
org.jmock.api.Invocation.reportTypeError(Invocation.java:151)
org.jmock.api.Invocation.checkReturnTypeCompatibility(Invocation.java:119)
org.jmock.internal.InvocationExpectation.invoke(InvocationExpectation.java:115)
org.jmock.internal.InvocationDispatcher.dispatch(InvocationDispatcher.java:52)
org.jmock.Mockery.dispatch(Mockery.java:218)
org.jmock.Mockery.access$000(Mockery.java:43)
....
].