Hi there,
I'm stuck trying to integrate SharePoint with Siteminder using WS-Federation.
Some details:
## PolicyServer ##
Version=12.51
Update=00.08
Label=1542
Crypto=128
SO: RHEL 6.8 (Santiago)
## Siteminder Agent for SharePoint ##
FullVersion=12.52.100.499
Version=12.52
Update=100
Build Number=499
SO: SunOS
## Directory ##
DXserver r12.0.16 (build 11032)
OS: Solaris/DXgrid 64-Bit
What is done until now:
SharePoint Agent installed and proxy rules configured
Application is created to protect the affwebservices/redirectjsp/redirectjsp
Using Forms in AuthenticationSchemes
WSFED Token signing certificate imported to WAM UI
WSFED Token signing exported and inported to SharePoint Agent and SharePoint trust.
TIP created after running SPConnectionWizard
WebApplication and site collection created and assigned to TIP
Now, when trying to access the SharePoint application im redirect to login page. After login, the SMSESSION cookie is created and get this error: HTTP Status 500 - Internal Error occured while trying to process the request. Transaction ID: 8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8 failed. in https://login.gcd.net/affwebservices/public/wsfedsso/?SMASSERTIONREF=QUERY&wa=wsignin1.0&wtrealm=urn%3asharepoint%3acq-icat.grupocgd.net&wctx=http%3a%2f%2fcq-icat.grupocgd.net%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&wreply=http%3a%2f%2fcq-icat.grupocgd.net%2f_trust%2fdefault.aspx&SAMLTRANSACTIONID=26747ac2-5621ae4a-2948286f-7ce1342f-1c0093f4-c6
In the smtracedefault.log i get this exception:
[03/28/2017][16:59:09.845][16:59:09][6154][4025670512][SignInProtocol.java][processRequest][8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8][][][][][][][][][][][][][][][][][][][][RETURNING RESPONSE:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSecurityTokenResponse xmlns="http://schemas.xmlsoap.org/ws/2005/02/trust">
<RequestedSecurityToken>
<ns1:Assertion MinorVersion="1" MajorVersion="1" Issuer="SP-ACC-urn:sharepoint:cq-icat.grupocgd.net" IssueInstant="2017-03-28T15:59:09.841Z" AssertionID="SM29e81a61b6f3bf06c766a20676868349802f119dfa" xmlns:ns1="urn:oasis:names:tc:SAML:1.0:assertion">
<ns1:Conditions NotOnOrAfter="2017-03-28T16:09:19.840Z" NotBefore="2017-03-28T15:58:59.840Z">
<ns1:AudienceRestrictionCondition>
<ns1:Audience>urn:sharepoint:cq-icat.grupocgd.net</ns1:Audience>
</ns1:AudienceRestrictionCondition>
</ns1:Conditions>
<ns1:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:classes:password" AuthenticationInstant="2017-03-28T15:59:09.000Z">
<ns1:Subject>
<ns1:NameIdentifier NameQualifier="" Format="http://schemas.xmlsoap.org/claims/UPN">3115681</ns1:NameIdentifier>
</ns1:Subject>
</ns1:AuthenticationStatement>
<ns1:AttributeStatement>
<ns1:Subject>
<ns1:NameIdentifier NameQualifier="" Format="http://schemas.xmlsoap.org/claims/UPN">3115681</ns1:NameIdentifier>
</ns1:Subject>
<ns1:Attribute AttributeNamespace="http://schemas.xmlsoap.org/claims" AttributeName="useridentifier">
<ns1:AttributeValue>3115681</ns1:AttributeValue>
</ns1:Attribute>
</ns1:AttributeStatement>
</ns1:Assertion>
</RequestedSecurityToken>
</RequestSecurityTokenResponse>
][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[03/28/2017][16:59:09.846][16:59:09][6154][4025670512][AssertionGenerator.java][invoke][8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8][][][][][][][][][][][][][][][][][][][][AssertionHandler process() succeeds, it returns:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSecurityTokenResponse xmlns="http://schemas.xmlsoap.org/ws/2005/02/trust">
<RequestedSecurityToken>
<ns1:Assertion MinorVersion="1" MajorVersion="1" Issuer="SP-ACC-urn:sharepoint:cq-icat.grupocgd.net" IssueInstant="2017-03-28T15:59:09.841Z" AssertionID="SM29e81a61b6f3bf06c766a20676868349802f119dfa" xmlns:ns1="urn:oasis:names:tc:SAML:1.0:assertion">
<ns1:Conditions NotOnOrAfter="2017-03-28T16:09:19.840Z" NotBefore="2017-03-28T15:58:59.840Z">
<ns1:AudienceRestrictionCondition>
<ns1:Audience>urn:sharepoint:cq-icat.grupocgd.net</ns1:Audience>
</ns1:AudienceRestrictionCondition>
</ns1:Conditions>
<ns1:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:classes:password" AuthenticationInstant="2017-03-28T15:59:09.000Z">
<ns1:Subject>
<ns1:NameIdentifier NameQualifier="" Format="http://schemas.xmlsoap.org/claims/UPN">3115681</ns1:NameIdentifier>
</ns1:Subject>
</ns1:AuthenticationStatement>
<ns1:AttributeStatement>
<ns1:Subject>
<ns1:NameIdentifier NameQualifier="" Format="http://schemas.xmlsoap.org/claims/UPN">3115681</ns1:NameIdentifier>
</ns1:Subject>
<ns1:Attribute AttributeNamespace="http://schemas.xmlsoap.org/claims" AttributeName="useridentifier">
<ns1:AttributeValue>3115681</ns1:AttributeValue>
</ns1:Attribute>
</ns1:AttributeStatement>
</ns1:Assertion>
</RequestedSecurityToken>
</RequestSecurityTokenResponse>
][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[03/28/2017][16:59:09.846][16:59:09][6154][4025670512][AssertionGenerator.java][invoke][8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8][][][][][][][][][][][][][][][][][][][][No Plugin callout is configured.][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[03/28/2017][16:59:09.846][16:59:09][6154][4025670512][AssertionHandlerWSFED10.java][postProcess][8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8][][][][][][][][][][][][][][][][][][][][Start to wrap-up the WSFED response.][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[03/28/2017][16:59:09.848][16:59:09][6154][4025670512][SignInProtocol.java][closeupProcess][8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8][][][][][][][][][][][][][][][][][][][][Error while signing Assertion! Exception:
com.ca.siteminder.ws.WSWrapperException: An error occurred while unmarshalling the response.
at com.ca.siteminder.ws.WSRequestSecurityTokenResponseWrapper.unmarshal(WSRequestSecurityTokenResponseWrapper.java:915)
at com.ca.siteminder.ws.WSRequestSecurityTokenResponseWrapper.getSAMLAssertionAsDOM(WSRequestSecurityTokenResponseWrapper.java:487)
at com.netegrity.assertiongenerator.wsfed.SignInProtocol.closeupProcess(SignInProtocol.java:887)
at com.netegrity.assertiongenerator.wsfed.AssertionHandlerWSFED10.postProcess(AssertionHandlerWSFED10.java:275)
at com.netegrity.assertiongenerator.AssertionGenerator.invoke(AssertionGenerator.java:380)
at com.netegrity.policyserver.smapi.ActiveExpressionContext.invoke(ActiveExpressionContext.java:286)
Caused by: java.lang.NoSuchMethodError: javax.xml.parsers.DocumentBuilderFactory.setFeature(Ljava/lang/String;Z)V
at com.sun.xml.bind.v2.util.XmlFactory.createDocumentBuilderFactory(XmlFactory.java:176)
at com.sun.xml.bind.marshaller.SAX2DOMEx.<init>(SAX2DOMEx.java:116)
at com.ca.siteminder.wsgen.impl.runtime.W3CDOMUnmarshallingEventHandler.<init>(W3CDOMUnmarshallingEventHandler.java:52)
at com.ca.siteminder.wsgen.impl.RequestedSecurityTokenTypeDOMImpl$Unmarshaller.enterElement(RequestedSecurityTokenTypeDOMImpl.java:147)
at com.ca.siteminder.wsgen.impl.runtime.AbstractUnmarshallingEventHandlerImpl.spawnHandlerFromEnterElement(AbstractUnmarshallingEventHandlerImpl.java:300)
at com.ca.siteminder.wsgen.impl.RequestedSecurityTokenImpl$Unmarshaller.enterElement(RequestedSecurityTokenImpl.java:170)
at com.ca.siteminder.wsgen.impl.runtime.SAXUnmarshallerHandlerImpl.startElement(SAXUnmarshallerHandlerImpl.java:147)
at org.xml.sax.helpers.XMLFilterImpl.startElement(Unknown Source)
at com.sun.xml.bind.unmarshaller.InterningXMLReader.startElement(InterningXMLReader.java:106)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:244)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
at com.sun.xml.bind.unmarshaller.DOMScanner.parse(DOMScanner.java:154)
at com.ca.siteminder.wsgen.impl.runtime.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:190)
at com.ca.siteminder.ws.WSRequestSecurityTokenResponseWrapper.unmarshal(WSRequestSecurityTokenResponseWrapper.java:876)
... 5 more
][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[03/28/2017][16:59:09.848][16:59:09][6154][4025670512][AssertionGenerator.java][invoke][8b7a61ee-b7492294-41625457-3533e36d-324f3b23-a8][][][][][][][][][][][][][][][][][][][][Error happens in running Assertionhandler postProcess(). Leaving Assertion Generator Framework. Exception:
com.netegrity.assertiongenerator.AssertionGeneratorException: Error while signing Assertion! Exception:
com.ca.siteminder.ws.WSWrapperException: An error occurred while unmarshalling the response.
at com.ca.siteminder.ws.WSRequestSecurityTokenResponseWrapper.unmarshal(WSRequestSecurityTokenResponseWrapper.java:915)
at com.ca.siteminder.ws.WSRequestSecurityTokenResponseWrapper.getSAMLAssertionAsDOM(WSRequestSecurityTokenResponseWrapper.java:487)
at com.netegrity.assertiongenerator.wsfed.SignInProtocol.closeupProcess(SignInProtocol.java:887)
at com.netegrity.assertiongenerator.wsfed.AssertionHandlerWSFED10.postProcess(AssertionHandlerWSFED10.java:275)
at com.netegrity.assertiongenerator.AssertionGenerator.invoke(AssertionGenerator.java:380)
at com.netegrity.policyserver.smapi.ActiveExpressionContext.invoke(ActiveExpressionContext.java:286)
Caused by: java.lang.NoSuchMethodError: javax.xml.parsers.DocumentBuilderFactory.setFeature(Ljava/lang/String;Z)V
at com.sun.xml.bind.v2.util.XmlFactory.createDocumentBuilderFactory(XmlFactory.java:176)
at com.sun.xml.bind.marshaller.SAX2DOMEx.<init>(SAX2DOMEx.java:116)
at com.ca.siteminder.wsgen.impl.runtime.W3CDOMUnmarshallingEventHandler.<init>(W3CDOMUnmarshallingEventHandler.java:52)
at com.ca.siteminder.wsgen.impl.RequestedSecurityTokenTypeDOMImpl$Unmarshaller.enterElement(RequestedSecurityTokenTypeDOMImpl.java:147)
at com.ca.siteminder.wsgen.impl.runtime.AbstractUnmarshallingEventHandlerImpl.spawnHandlerFromEnterElement(AbstractUnmarshallingEventHandlerImpl.java:300)
at com.ca.siteminder.wsgen.impl.RequestedSecurityTokenImpl$Unmarshaller.enterElement(RequestedSecurityTokenImpl.java:170)
at com.ca.siteminder.wsgen.impl.runtime.SAXUnmarshallerHandlerImpl.startElement(SAXUnmarshallerHandlerImpl.java:147)
at org.xml.sax.helpers.XMLFilterImpl.startElement(Unknown Source)
at com.sun.xml.bind.unmarshaller.InterningXMLReader.startElement(InterningXMLReader.java:106)
at com.sun.xml.bind.unmarsha
ller.DOMScanner.visit(DOMScanner.java:244)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
at com.sun.xml.bind.unmarshaller.DOMScanner.parse(DOMScanner.java:154)
at com.ca.siteminder.wsgen.impl.runtime.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:190)
at com.ca.siteminder.ws.WSRequestSecurityTokenResponseWrapper.unmarshal(WSRequestSecurityTokenResponseWrapper.java:876)
... 5 more
at com.netegrity.assertiongenerator.wsfed.SignInProtocol.closeupProcess(SignInProtocol.java:906)
at com.netegrity.assertiongenerator.wsfed.AssertionHandlerWSFED10.postProcess(AssertionHandlerWSFED10.java:275)
at com.netegrity.assertiongenerator.AssertionGenerator.invoke(AssertionGenerator.java:380)
at com.netegrity.policyserver.smapi.ActiveExpressionContext.invoke(ActiveExpressionContext.java:286)
][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
What im doing wrong? Any clue?
Thanks,
TP