You are currently reviewing an older revision of this page.

DRAFT KB-XXXX Adding SAML Identity Provider fails because of org.bouncycastle class overrides final method

Symptoms

While configuring SAML from the Admin Console, the user sees the following error when attempting to upload the PEM file: 

Following corresponding errors are printed in the application server log:

INFO [ajp-nio-8009-exec-7] org.apache.catalina.core.StandardWrapperValve.invoke 2018-10-24 19:31:22,329 [ajp-nio-8009-exec-7] ERROR com.appiancorp.security.cors.CorsFilter - CORS request rejected; invalid request from <IP Address> to / 
...
Caused by: java.lang.VerifyError: class org.bouncycastle.asn1.ASN1Primitive overrides final method equals.(Ljava/lang/Object;)Z

For JBoss, server.log is located in <JBOSS_HOME>/standalone/log directory, for tomcat tomcat-stdOut.log file is located in <APPIAN_HOME>/log directory.  

Cause

This issue presents itself when a copy of the bouncy castle JAR causes classpath conflicts with Appian's bouncy castle JAR implementation.

Action

Ensure that there is no classpath conflict between the two copies of the bouncy castle JAR files.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: October 2018