After updating to Java 8 we are seeing the following messages appearing in stdout.log when using SAML authentication.
Error: URI=null Line=1: Document is invalid: no grammar found.
Error: URI=null Line=1: Document root element "samlp:Response", must match DOCTYPE root "null".
Warning: validation was turned on but an org.xml.sax.ErrorHandler was not set, which is probably not what is desired. Parser will use a default ErrorHandler to print the first 0 errors. Please call the setErrorHandler method to fix this.
We have validated the response contents and do not see anything different or unusual. Asking the community here if anyone else has seen this or knows of a fix?
AEM 6.1 sp2, Java 8u103
Solved! Go to Solution.
Views
Replies
Total Likes
Hi Bob,
You can ignore the error. It needs product code change to turn off validation Or have implement EntityResolver due to changes in XML parsing at platform level. The functionality will continue to work but log is annoying. You can ask official support request to fix the same but you can safely ignore that message & will not have any side affects.
Thanks,
Views
Replies
Total Likes
Hi Bob,
You can ignore the error. It needs product code change to turn off validation Or have implement EntityResolver due to changes in XML parsing at platform level. The functionality will continue to work but log is annoying. You can ask official support request to fix the same but you can safely ignore that message & will not have any side affects.
Thanks,
Views
Replies
Total Likes
I am getting similar error on AEM 6.3.0 during Sngle Sign-On and login fails and using jdk1.8.0_152. Any help will be appreciated.
13.11.2017 20:09:57.314 *ERROR* [qtp483534205-45475] com.adobe.granite.auth.saml.util.SamlReader Document is invalid: no grammar found.
13.11.2017 20:09:57.314 *ERROR* [qtp483534205-45475] com.adobe.granite.auth.saml.util.SamlReader Document root element "samlp:Response", must match DOCTYPE root "null".
13.11.2017 20:09:57.317 *INFO* [qtp483534205-45475] com.adobe.granite.auth.saml.SamlAuthenticationHandler Login failed. SAML token invalid.
13.11.2017 20:09:57.318 *INFO* [qtp483534205-45475] com.adobe.granite.auth.saml.SamlAuthenticationHandler SAML error with reason: invalid_token detected, redirect user to: /libs/granite/core/content/login.error.html?j_reason=invalid_token
13.11.2017 20:09:57.318 *ERROR* [qtp483534205-45475] org.apache.sling.auth.core.impl.SlingAuthenticator doLogin: Cannot login: Response already committed
13.11.2017 20:09:58.132 *INFO* [qtp483534205-41605] org.apache.sling.auth.core.impl.SlingAuthenticator getAnonymousResolver: Anonymous access not allowed by configuration - requesting credentials
Views
Replies
Total Likes
This is your SAML token is not configured correctly. However you configured the SAML OSGi configuration is not right. The first two lines are the same as my original post, which are okay to ignore, but the third line says your token is not right. That is a bit too detailed and far down for any advice from myself. Check your SAML configuration settings and try other tweaks and settings according to documentation, otherwise you will need to request support.
Views
Replies
Total Likes
Have a look at SAML 2.0 Authentication Handler
There's a section about creating a saml logger. Debug entries should tell what's wrong.
Views
Replies
Total Likes
I think your idp certs are not installed correctly
You need to install certs in trust store
ex certalias = certalias___1509993429769
Close dialogue and save user configurations
update the certalias in SAML authentication handler
Views
Replies
Total Likes
Hi bob ,
*ERROR* [qtp786583214-108] com.adobe.granite.auth.saml.util.SamlReader Document is invalid: no grammar found.
*ERROR* [qtp786583214-108] com.adobe.granite.auth.saml.util.SamlReader Document root element "samlp:Response", must match DOCTYPE root "null".
I am dealing with there two errors in saml integration and I am not able access my login page . I have all urls and all certificates corrent in AEM but when I am hitting my LOGIN URL I am not able to LOGIN .
Please help me with this, thanks in advance .
Sai Kiran.
Views
Replies
Total Likes
Were you able to resolve this issue? I am facing the same error and login fails
Views
Replies
Total Likes
Hi Anushap ,
*ERROR* [qtp786583214-108] com.adobe.granite.auth.saml.util.SamlReader Document is invalid: no grammar found.
*ERROR* [qtp786583214-108] com.adobe.granite.auth.saml.util.SamlReader Document root element "samlp:Response", must match DOCTYPE root "null"
AS SAID ABOVE :-
You can ignore the error. It needs product code change to turn off validation Or have implement EntityResolver due to changes in XML parsing at platform level.
Even though if you see this errors in the log, the SAML still works and those errors could be ignored .
If you still face any error from SAML side I can help you .
Thanks ,
Sai Kiran .
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies