Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17204

NPE thrown when loading invalid SAML2 metadata on the console

    XMLWordPrintable

    Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 6.5.2
    • None
    • console, SAML
    • Rank:
      1|i034o7:

      Description

      Bug description

      AM allows invalid metadata to be loaded to an entity. When accessing the same entity through the console, the user is redirected to https://am.example.com:8443/openam/console/base/AMUncaughtException and a 'Not Found' message is displayed on a blank page.

      The debug logs print the following:

      amConsole:10/10/2020 12:51:37:120 AM HKT: Thread[default task-29,5,main]: TransactionId[88a802ec-4a96-4aa3-bc00-8734a8742ff0-1565422]
      ERROR: ConsoleServletBase.onUncaughtException
      com.iplanet.jato.NavigationException: Exception encountered during forward
      Root cause = [java.lang.NullPointerException]
      	at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
      	at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
      	at com.sun.identity.console.base.AMViewBeanBase.forwardTo(AMViewBeanBase.java:155)
      
      Root cause: 
      java.lang.NullPointerException
      	at com.sun.identity.console.federation.model.SAMLv2ModelImpl.getStandardServiceProviderAttributes(SAMLv2ModelImpl.java:785)
      	at com.sun.identity.console.federation.SAMLv2SPAssertionContentViewBean.getStandardValues(SAMLv2SPAssertionContentViewBean.java:226)
      	at com.sun.identity.console.federation.SAMLv2SPAssertionContentViewBean.beginDisplay(SAMLv2SPAssertionContentViewBean.java:94)
      	. . .
       

      How to reproduce the issue

      1. Deploy vanilla AM 6.5.2
      2. Create a SAML entity provider
      3. Provide metadata with an empty SingleLogoutService object and an AssertionConsumerService object with no index (see attachment)
      4. In the AM console, browse to the entity in question - you won't be able to see its details
      Expected behaviour
      - AM validates the metadata and either prevents the user from uploading it, or informs the user the metadata is incomplete
      
      Current behaviour
      - 'Not Found Error' in the console and NullPointerException in the debug logs

       

        Attachments

          Activity

            People

            Unassigned Unassigned
            sergio.bettiol Sergio Bettiol
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: