Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16567

SAML module Linking Chain does not work for Authentication Tree

    XMLWordPrintable

    Details

    • Rank:
      1|i010jf:r
    • Sprint:
      AM Sustaining Sprint 77
    • Story Points:
      5
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description, Yes but I used my own steps. (If so, please add them in a new comment)

      Description

      Bug description

      The documentation ([here|https://backstage.forgerock.com/docs/am/6.5/saml2-guide/#federate-with-linking-tree) mentioned that it is possible to link identities using a linking authentication tree. However, when using an authentication tree in Linking Authentication Chain field, it is unable to get Authentication Tree configuration.

      How to reproduce the issue

      1. Following the setup mentioned in knowledge based article ([How do I configure the SAML2 Authentication module for Local Account Linking in AM/OpenAM (All versions)?|https://backstage.forgerock.com/knowledge/kb/article/a37644949] )
      2. Set the Linking Authentication Chain field in SAML module to be ldapService and save changes
      3. Tigger the SAML module:
      http://am.example.com:8080/openam?module=saml
      

      Would direct to IdP for authentication followed by SP (am.example.com:8080) for credential. After successful authentication , would direct to profile page. (Expected)

      1. Set the Linking Authentication Chain field in SAML module to be Example and save changes
      2. Tigger the SAML module:
      http://am.example.com:8080/openam?module=saml

      Would direct to IdP for authentication and direct to SP

      Expected behaviour
      SP side (am.example.com:8080/openam) would asked for credential from the chain/tree specified in the SAML module
      Current behaviour
      Authentication Failed
      

      From Authentication log:

      amAuthConfig:07/29/2020 01:56:58:818 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      getAppConfigurationEntry[], new SERVICE=Example;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML
      amAuthConfig:07/29/2020 01:56:58:818 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      newConfig, name = SERVICE=Example;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML
      amAuthConfig:07/29/2020 01:56:58:818 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      indexType = 4
      indexName=Example
      orgDN=dc=openam,dc=forgerock,dc=org
      clientType=genericHTML
      amAuthConfig:07/29/2020 01:56:58:818 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      ServiceBasedConfig,  START dc=openam,dc=forgerock,dc=org|Example, name = SERVICE=Example;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML
      amAuthConfig:07/29/2020 01:56:58:819 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      getNamedConfig name=Example,org=dc=openam,dc=forgerock,dc=org
      amAuthConfig:07/29/2020 01:56:58:820 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      ERROR: getServiceBasedConfig Example|dc=openam,dc=forgerock,dc=org
      com.sun.identity.authentication.config.AMConfigurationException: Configuration not defined in iPlanetAMAuthConfiguration service
      	at com.sun.identity.authentication.config.AMAuthConfigUtils.getNamedConfig(AMAuthConfigUtils.java:574)
      	at com.sun.identity.authentication.config.AMConfiguration.getServiceBasedConfig(AMConfiguration.java:454)
      	at com.sun.identity.authentication.config.AMConfiguration.newConfiguration(AMConfiguration.java:175)
      	at com.sun.identity.authentication.config.AMConfiguration.getAppConfigurationEntry(AMConfiguration.java:640)
      	at org.forgerock.openam.authentication.service.JAASModuleDetector.isPureJAASModulePresent(JAASModuleDetector.java:49)
      	at com.sun.identity.authentication.service.AMLoginContext.executeLogin(AMLoginContext.java:411)
      	at com.sun.identity.authentication.server.AuthContextLocal.login(AuthContextLocal.java:427)
      	at com.sun.identity.authentication.server.AuthContextLocal.login(AuthContextLocal.java:338)
      	at com.sun.identity.authentication.AuthContext.runLogin(AuthContext.java:747)
      	at com.sun.identity.authentication.AuthContext.login(AuthContext.java:642)
      	at com.sun.identity.authentication.AuthContext.login(AuthContext.java:588)
      	at org.forgerock.openam.authentication.modules.saml2.SAML2.handleReturnFromRedirect(SAML2.java:361)
      	at org.forgerock.openam.authentication.modules.saml2.SAML2.process(SAML2.java:178)
      	at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:1091)
      	at com.sun.identity.authentication.spi.AMLoginModule.login(AMLoginModule.java:1289)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at com.sun.identity.authentication.jaas.LoginContext.invoke(LoginContext.java:218)
      	at com.sun.identity.authentication.jaas.LoginContext.login(LoginContext.java:126)
      	at com.sun.identity.authentication.service.AMLoginContext.runLogin(AMLoginContext.java:531)
      	at com.sun.identity.authentication.server.AuthContextLocal.submitRequirements(AuthContextLocal.java:588)
      	at org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper.submitRequirements(AuthContextLocalWrapper.java:108)
      	at org.forgerock.openam.core.rest.authn.core.LoginProcess.next(LoginProcess.java:168)
      	at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.processAuthentication(RestAuthenticationHandler.java:491)
      	at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:238)
      	at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:164)
      	at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:76)
      	at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:64)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:59)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.RealmRoutingFactory$ChfRealmRouter.handle(RealmRoutingFactory.java:140)
      	at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:179)
      	at org.forgerock.openam.rest.RealmRoutingFactory$HostnameFilter.filter(RealmRoutingFactory.java:117)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.CsrfFilter.filter(CsrfFilter.java:98)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:59)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:181)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:260)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:249)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
      	at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:51)
      	at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:87)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:139)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.OpenAMHttpApplication$1.filter(OpenAMHttpApplication.java:74)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:264)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.lambda$doFilter$0(DataStoreConsistencyFilter.java:46)
      	at org.forgerock.openam.service.datastore.ReentrantVolatileActionConsistencyController.safeExecute(ReentrantVolatileActionConsistencyController.java:37)
      	at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.doFilter(DataStoreConsistencyFilter.java:46)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.rest.ProtocolVersionFilter.doFilter(ProtocolVersionFilter.java:65)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:105)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:115)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:46)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
      	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
      	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
      	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
      	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
      	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:748)
      amAuthConfig:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      newConfig, config not defined SERVICE=Example;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      ERROR: JAAS module for config: SERVICE=Example;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML, No Configuration found|noConfig.jsp
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      AuthLoginException
      com.sun.identity.authentication.spi.AuthLoginException: No Configuration found|noConfig.jsp
      	at org.forgerock.openam.authentication.service.JAASModuleDetector.isPureJAASModulePresent(JAASModuleDetector.java:52)
      	at com.sun.identity.authentication.service.AMLoginContext.executeLogin(AMLoginContext.java:411)
      	at com.sun.identity.authentication.server.AuthContextLocal.login(AuthContextLocal.java:427)
      	at com.sun.identity.authentication.server.AuthContextLocal.login(AuthContextLocal.java:338)
      	at com.sun.identity.authentication.AuthContext.runLogin(AuthContext.java:747)
      	at com.sun.identity.authentication.AuthContext.login(AuthContext.java:642)
      	at com.sun.identity.authentication.AuthContext.login(AuthContext.java:588)
      	at org.forgerock.openam.authentication.modules.saml2.SAML2.handleReturnFromRedirect(SAML2.java:361)
      	at org.forgerock.openam.authentication.modules.saml2.SAML2.process(SAML2.java:178)
      	at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:1091)
      	at com.sun.identity.authentication.spi.AMLoginModule.login(AMLoginModule.java:1289)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at com.sun.identity.authentication.jaas.LoginContext.invoke(LoginContext.java:218)
      	at com.sun.identity.authentication.jaas.LoginContext.login(LoginContext.java:126)
      	at com.sun.identity.authentication.service.AMLoginContext.runLogin(AMLoginContext.java:531)
      	at com.sun.identity.authentication.server.AuthContextLocal.submitRequirements(AuthContextLocal.java:588)
      	at org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper.submitRequirements(AuthContextLocalWrapper.java:108)
      	at org.forgerock.openam.core.rest.authn.core.LoginProcess.next(LoginProcess.java:168)
      	at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.processAuthentication(RestAuthenticationHandler.java:491)
      	at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:238)
      	at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:164)
      	at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:76)
      	at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:64)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:59)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.RealmRoutingFactory$ChfRealmRouter.handle(RealmRoutingFactory.java:140)
      	at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:179)
      	at org.forgerock.openam.rest.RealmRoutingFactory$HostnameFilter.filter(RealmRoutingFactory.java:117)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.CsrfFilter.filter(CsrfFilter.java:98)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:59)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:181)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:260)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:249)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
      	at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:51)
      	at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:87)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:139)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.OpenAMHttpApplication$1.filter(OpenAMHttpApplication.java:74)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:264)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.lambda$doFilter$0(DataStoreConsistencyFilter.java:46)
      	at org.forgerock.openam.service.datastore.ReentrantVolatileActionConsistencyController.safeExecute(ReentrantVolatileActionConsistencyController.java:37)
      	at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.doFilter(DataStoreConsistencyFilter.java:46)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.rest.ProtocolVersionFilter.doFilter(ProtocolVersionFilter.java:65)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:105)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:115)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:46)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
      	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
      	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
      	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
      	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
      	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:748)
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      resProperty is.. :No Configuration found|noConfig.jsp
      amAuthClientUtils:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      errorCod='105', resProperty='No Configuration found|noConfig.jsp'
      amAuthClientUtils:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      errorCod='105', resProperty='No Configuration found|noConfig.jsp'
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      Error Message : No Configuration found
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      Error Template: noConfig.jsp
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      getUserDN: null
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      getUserDN: null
      amAuth:07/29/2020 01:56:58:821 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      getClient : servletRequest is : null
      amAuth:07/29/2020 01:57:03:826 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      Client is : 192.168.50.138
      amAuthContextLocal:07/29/2020 01:57:03:827 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      Exception in ac.login : com.sun.identity.authentication.spi.AuthLoginException: No Configuration found|noConfig.jsp
      amAuthContext:07/29/2020 01:57:03:827 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      ERROR: Failed to login to http://am.example.com:8080/openam/authservice
      amAuthContext:07/29/2020 01:57:03:827 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      Org Name : /
      amAuthContext:07/29/2020 01:57:03:827 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      ssoTokenID: null
      amAuthContext:07/29/2020 01:57:03:827 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      serviceURLs: [http://am.example.com:8080/openam/authservice]
      amAuthContext:07/29/2020 01:57:03:828 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[106acb23-7343-4a2e-8186-0c7b1ba231dd-103987]
      ERROR: Authentication failed.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              lawrence.yarham Lawrence Yarham
              Reporter:
              wanning.tan WanNing Tan
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: