Search code examples
javajettykeystorespring-samlokta-api

Jetty: Error initializing keystore

For starters, I have already refereed these questions on stackoverflow and they didn't solve my problem, therefore creating a new one:

java.io.IOException: Invalid Keystore format

tomcat 7 ssl invalid keystore format

Problem:

While integrating SAML with my Jetty web app(by following the tutorial at: https://developer.okta.com/blog/2017/03/16/spring-boot-saml), I get following error:

org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.RuntimeException: Error initializing keystore

I have tried creating the keystore from multiple versions of JDK but for all files, I get the same error.

Also I am not using maven.

EDIT:

Exception trace:

unavailable Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.RuntimeException: Error initializing keystore
FAILED o.e.j.s.ServletContextHandler@550dbc7a{/api,null,STARTING}: javax.servlet.ServletException: org.springframework.web.servlet.DispatcherServlet-7b2bbc3@bef2d67e==org.springframework.web.servlet.DispatcherServlet,-1,false org.springframework.web.servlet.DispatcherServlet-7b2bbc3@bef2d67e==org.springframework.web.servlet.DispatcherServlet,-1,false
FAILED  
Error Details:
     org.springframework.web.servlet.DispatcherServlet-7b2bbc3@bef2d67e==org.springframework.web.servlet.DispatcherServlet,-1,false
Server exiting.
Solution

  • So after downloading the source and debugging for a while, I found out the problem.

    Turns out, this line from source was causing the problem(the link i mentioned in my question uses this code): Spring Security with SAML

    I changed the following line:

    DefaultResourceLoader loader = new DefaultResourceLoader();
Resource storeFile = loader.getResource(keyStore.getStoreFilePath());

    to 

    Resource storeFile = new FileSystemResource(keyStore.getStoreFilePath());

    and it works perfectly. The only change I did was using FileSystemResource instead of DefaultResourceLoader

    Although, In a different application, no change was needed, I am not sure why it fails to read the same file in 1 application and fails in another. More debugging is required. However, I am sharing the solution, in case someone stumbles upon the same problem.