Problem
Using external authentication method with SAML protocol fails when returning back to Ubisecure SSO IDP with the following error message in Tomcat logs.
java.lang.NullPointerException
at com.ubisecure.externals.apache.xml.security.algorithms.JCEMapper.getJCEKeyAlgorithmFromURI(JCEMapper.java:127)
Solution
This error is usually caused by the algorithm used to encrypt the authentication response not being supported by SSO. Ubisecure SSO for now uses XMLSec version 1.4.5, and the external authenticator service must be configured to send the response using one of the supported algorithms.
For block encryption SSO supports the following: http://www.w3.org/2001/04/xmlenc#tripledes-cbc http://www.w3.org/2001/04/xmlenc#aes128-cbc http://www.w3.org/2001/04/xmlenc#aes192-cbc http://www.w3.org/2001/04/xmlenc#aes256-cbc
For key encryption SSO supports the following: http://www.w3.org/2001/04/xmlenc#rsa-1_5 http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
See the following for more detailed information https://github.com/apache/santuario-java/blob/1.4.5/src/org/apache/xml/security/resource/config.xml