Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11304

Federation SLO results in NullPointerException on AWS

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 13.5.0, 14.0.0, 14.1.1, 14.5.0
    • Fix Version/s: None
    • Component/s: SAML
    • Labels:
    • Environment:
      AWS Linux: Linux ip-172-31-11-147 4.9.27-14.31.amzn1.x86_64 #1 SMP Wed May 10 01:58:40 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
      java version "1.7.0_141"

      Description

      SSO succeeds:

      http://ec2-54-201-156-233.us-west-2.compute.amazonaws.com:8080/openam/idpssoinit?metaAlias=/idp&spEntityID=http%3A%2F%2Fec2-34-211-55-227.us-west-2.compute.amazonaws.com%3A8080%2Fopenam
      

      Federation Termination succeeds:

      http://ec2-54-201-156-233.us-west-2.compute.amazonaws.com:8080/openam/IDPMniInit?spEntityID=http%3A%2F%2Fec2-34-211-55-227.us-west-2.compute.amazonaws.com%3A8080%2Fopenam&metaAlias=/idp&requestType=Terminate
      

      SLO succeeds BUT with NullPointerException:

      http://ec2-54-201-156-233.us-west-2.compute.amazonaws.com:8080/openam/IDPSloInit?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
      http://ec2-34-211-55-227.us-west-2.compute.amazonaws.com:8080/openam/IDPSloInit?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
      

      Federation Debug:

      libSAML2:06/20/2017 03:32:12:099 PM UTC: Thread[http-nio-8080-exec-4,5,main]: TransactionId[2dbd5045-ce99-41e7-a8f4-ab84ede4e95e-227]
      ERROR: KeyUtil.getDecryptionKeys: alias was empty.
      libSAML2:06/20/2017 03:32:42:082 PM UTC: Thread[http-nio-8080-exec-10,5,main]: TransactionId[2dbd5045-ce99-41e7-a8f4-ab84ede4e95e-253]
      ERROR: Error processing Request 
      java.lang.NullPointerException
      	at org.apache.catalina.core.ApplicationMapping.getServletMapping(ApplicationMapping.java:62)
      	at org.apache.catalina.connector.Request.getServletMapping(Request.java:2210)
      	at org.apache.catalina.connector.RequestFacade.getServletMapping(RequestFacade.java:1127)
      	at org.apache.catalina.core.ApplicationHttpRequest.setRequest(ApplicationHttpRequest.java:710)
      	at org.apache.catalina.core.ApplicationHttpRequest.<init>(ApplicationHttpRequest.java:107)
      	at org.apache.catalina.core.ApplicationDispatcher.wrapRequest(ApplicationDispatcher.java:933)
      	at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:357)
      	at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:311)
      	at org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:742)
      	at org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:712)
      	at org.apache.jsp.saml2.jsp.idpSingleLogoutInit_jsp._jspService(idpSingleLogoutInit_jsp.java:219)
      	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
      	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:443)
      	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
      	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
      	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:36)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
      	at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
      	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:111)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
      	at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:43)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)
      	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341)
      	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
      	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
      	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1441)
      	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:748)
      

      CoreSystem Debug:

      tokenDataLayer:06/20/2017 03:32:30:553 PM UTC: Thread[LdapQuery-3,5,main]: TransactionId[9999c4ae-2b5f-4888-8932-8d8aa0606eb4-78]
      ERROR: Exception occurred while calling objectChanged
      java.lang.UnsupportedOperationException
      	at com.sun.identity.plugin.session.impl.FMSessionNotification$StoredTokenProperties.getTokenID(FMSessionNotification.java:305)
      	at com.sun.identity.plugin.session.impl.FMSessionProvider.getSessionID(FMSessionProvider.java:423)
      	at com.sun.identity.saml2.profile.IDPSessionListener.sessionInvalidated(IDPSessionListener.java:234)
      	at com.sun.identity.plugin.session.impl.FMSessionNotification.notifyListeners(FMSessionNotification.java:159)
      	at com.sun.identity.plugin.session.impl.FMSessionNotification.access$000(FMSessionNotification.java:57)
      	at com.sun.identity.plugin.session.impl.FMSessionNotification$1.sessionDeleted(FMSessionNotification.java:68)
      	at com.iplanet.dpro.session.watchers.SessionDeletionWatcher.objectChanged(SessionDeletionWatcher.java:55)
      	at org.forgerock.openam.sm.datalayer.impl.ldap.CTSDJLDAPv3PersistentSearch$QueueEntry.run(CTSDJLDAPv3PersistentSearch.java:170)
      	at org.forgerock.openam.audit.context.AuditRequestContextPropagatingRunnable.run(AuditRequestContextPropagatingRunnable.java:34)
      	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:473)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
      	at java.lang.Thread.run(Thread.java:748)
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              AndrewVinall Andrew Vinall
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated: