java.io.IOException: Invalid keystore format Spring Security SAML Extension
Solution 1
I had a similar issue; I figured Maven was filtering out my resources and adding this solved the problem:
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>**/*.jks</exclude>
</excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
<includes>
<include>**/*.jks</include>
</includes>
</resource>
Solution 2
I had the same issue. Maven was copying the binary file incorrectly.
I had to add the following to my maven-resources-plugin:
<nonFilteredFileExtensions>
<nonFilteredFileExtension>jks</nonFilteredFileExtension>
</nonFilteredFileExtensions>
You can test this by running the command in your target directory:
keytool -list -keystore ~/<your_project_target_directory>/security/samlKeystore.jks
When my maven was copying the file incorrectly I was getting:
keytool error: java.io.IOException: Invalid keystore format
Once I added the nonFilteredFileExtension I was immediately prompted for the password.
NuAlphaMan
Updated on June 13, 2022Comments
-
NuAlphaMan almost 2 years
I have successfully gotten the Spring Security SAML Extension sample application to run. Now, I'm trying to integrate it into my main application. Before I tried to integrate with my application, I created a sample application to integrate it with and it works fine. In my sample application, I used the keystore from downloaded sample application. Now, I'm trying to use the same keystore and I'm getting the following error:
Caused by: org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.saml.metadata.MetadataGenerator.setKeyManager(org.springframework.security.saml.key.KeyManager); nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'keyManager' defined in ServletContext resource [/WEB-INF/spring/securityContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.security.saml.key.JKSKeyManager]: Constructor threw exception; nested exception is java.lang.RuntimeException: Error initializing keystore at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:596) at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87) at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:289) ... 89 more Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'keyManager' defined in ServletContext resource [/WEB-INF/spring/securityContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.security.saml.key.JKSKeyManager]: Constructor threw exception; nested exception is java.lang.RuntimeException: Error initializing keystore at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:278) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1114) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1017) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:475) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:298) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193) at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:1017) at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:960) at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:858) at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:553) ... 91 more Caused by: org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.security.saml.key.JKSKeyManager]: Constructor threw exception; nested exception is java.lang.RuntimeException: Error initializing keystore at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:164) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:125) at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:270) ... 103 more Caused by: java.lang.RuntimeException: Error initializing keystore at org.springframework.security.saml.key.JKSKeyManager.initialize(JKSKeyManager.java:121) at org.springframework.security.saml.key.JKSKeyManager.(JKSKeyManager.java:79) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:526) at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:148) ... 105 more Caused by: java.io.IOException: Invalid keystore format at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) at java.security.KeyStore.load(KeyStore.java:1214) at org.springframework.security.saml.key.JKSKeyManager.initialize(JKSKeyManager.java:117) ... 111 more
Here is the bean configuration for the JKSKeyManager:
<bean id="keyManager" class="org.springframework.security.saml.key.JKSKeyManager"> <constructor-arg value="classpath:security/samlKeystore.jks" /> <constructor-arg type="java.lang.String" value="nalle123" /> <constructor-arg> <map> <entry key="apollo" value="nalle123" /> </map> </constructor-arg> <constructor-arg type="java.lang.String" value="apollo" /> </bean>
Can anyone help me with what's causing this error?
-
NuAlphaMan over 9 yearsIt is under the
resources
folder. I just have it under the same security folder as the sample. Which Spring SAML sources are you referring to? -
Vladimír Schäfer over 9 yearsI was referring to this file github.com/spring-projects/spring-security-saml/blob/master/…
-
NuAlphaMan over 9 yearsI replaced the keystore as you suggested and I'm still getting the error. We are using Maven, but as I said earlier, it's under the resources folder. Any other suggestions?
-
NuAlphaMan over 9 yearsAny other suggestions?
-
Vladimír Schäfer over 9 yearsUnfortunately not without a possibility to reproduce it. It's like shooting in the dark.
-
Grégoire C over 8 yearsIt solved the issue! One oddity is that at first I wanted to put the keystore in
src/main/resources/properties/security/saml
, and Maven resources filtering was breaking the keystore. It began to work when I movedsamlKeystore.jks
tosrc/main/resources/security/
. I wonder if the**/*.jks
filter is fully recursive or only works with first-level folders.