[英]How to resolve java.security.InvalidKeyException while configuring MFA in WSO2 identity server 5.5.0
我正在使用wso2is-5.5.0 。 我正在尝试为Identity Server启用多因素身份验证。 我通过点击此链接https://docs.wso2.com/display/IS530/Configuring+Multi-factor+Authentication+for+WSO2+IS来完成此操作。 登录到管理控制台后重新启动后,它将重定向到显示
SAML 2.0 based Single Sign-On
Error when processing authentication request!
Please try login again!
在控制台中
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default pa
rameters
Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1140)
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1083)
at org.opensaml.xml.encryption.Encrypter.encryptElement(Encrypter.java:452)
... 66 more
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)
at javax.crypto.Cipher.implInit(Cipher.java:801)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1249)
at javax.crypto.Cipher.init(Cipher.java:1186)
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1137)
... 68 more
我已经下载了Java 8的JCE jar,并将其放在C:\\ Program Files \\ Java \\ jre1.8.0_171 \\ lib \\ security中仍然存在问题。
引发此异常,不是由于Identity Server的问题。 出现此问题的原因可能是,JCE文件未正确安装到您的JRE中。 但是,当您添加/替换了local_policy.jar和US_export_policy.jar文件时,请运行以下测试代码以检查其是否正确应用。
public class JCETest {
public static void main(String args[]) {
int maxKeyLen = 0;
try {
maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
} catch (NoSuchAlgorithmException e) {
Assert.fail();
}
Assert.assertEquals(2147483647, maxKeyLen);
System.out.println(maxKeyLen);
}
}
如果成功安装了JCE,您应该获得以下输出:
AES key size should be equal to the 2147483647 if JCE files has been installed successfully.
有关更多信息,请参见http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.