Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11225

idpSingleLogoutRedirect throws 500 error SLO

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.4, 13.5.0, 14.0.0, 6.0.0
    • Fix Version/s: 6.0.0.5, 6.5.0, 6.0.1, 5.5.2
    • Component/s: SAML
    • Labels:
    • Sprint:
      AM Sustaining Sprint 55
    • Story Points:
      5
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      With recent changes (like OPENAM-5096)  the file saml2/jsp/idpSingleLogoutRedirect.jsp when this is called say thru SLO is done thru "<url>/openam/IDPSloRedirect/metaAlias/proxyidp?SAMLResponse=...."
      the following error happens

      HTTP Status 500 - AMSetupFilter.doFilter
      
      type Exception report
      
      message AMSetupFilter.doFilter
      
      description The server encountered an internal error that prevented it from fulfilling this request.
      
      exception
      
      javax.servlet.ServletException: AMSetupFilter.doFilter
      	com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:136)
      root cause
      
      org.apache.jasper.JasperException: An exception occurred processing JSP page /saml2/jsp/idpSingleLogoutRedirect.jsp at line 130
      
      127:                 }
      128:             } else {
      129:                 %>
      130:                 <jsp:forward page="/saml2/jsp/default.jsp?message=idpSloSuccess" />
      131:                 <%
      132:             }    
      133:         }
      
      
      Stacktrace:
      	org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:574)
      	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:471)
      	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396)
      	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
      	javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
      	org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      	com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:98)
      root cause
      
      java.lang.IllegalStateException: Cannot forward after response has been committed
      	org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:742)
      	org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:712)
      	org.apache.jsp.saml2.jsp.idpSingleLogoutRedirect_jsp._jspService(idpSingleLogoutRedirect_jsp.java:215)
      	org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
      	javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
      	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:438)
      	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396)
      	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
      	javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
      	org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      	com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:98)
      

      To reproduce:

      Deploy 4 OpenAM instances (IdP, proxy and two SPs)
      Follow the instructions provided here: https://wikis.forgerock.org/confluence/display/openam/SAMLv2+IDP+Proxy+Part+1.+Setting+up+a+simple+Proxy+scenario
      Initiate SSO from SP1 (you would be asked to log in to IdP)
      Initiate SSO from SP2 (you would not be asked to log in)
      Initiate IDP Proxy SLO

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sfraser Sam Fraser
                Reporter:
                chee-weng.chea C-Weng C
              • Votes:
                2 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: