Uploaded image for project: 'OpenICF'
  1. OpenICF
  2. OPENICF-1333

SCIM Connector: Unable to use authenticationMethod of TOKEN

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: scim-connector-1.5.6.0
    • Fix Version/s: scim-connector-1.5.7.0
    • Component/s: SCIM Connector
    • Labels:
      None

      Description

      When setting the authenticationMethod to TOKEN, the following error is thrown:

      org.forgerock.openidm.servlet.internal.ServletConnectionFactory$3 lambda$handleRequestWithLogging$8
      WARNING: Resource exception: 500 Internal Server Error: "Operation QUERY failed with ConnectorException on system object"
      org.forgerock.json.resource.InternalServerErrorException: Operation QUERY failed with ConnectorException on system object
      	at org.forgerock.openidm.provisioner.openicf.impl.ExceptionHelper.adaptConnectorException(ExceptionHelper.java:159)
      	at org.forgerock.openidm.provisioner.openicf.impl.ObjectClassResourceProvider.handleQuery(ObjectClassResourceProvider.java:519)
      	at org.forgerock.openidm.provisioner.openicf.impl.ObjectClassRequestHandler.handleQuery(ObjectClassRequestHandler.java:132)
      	at org.forgerock.json.resource.Router.handleQuery(Router.java:317)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:95)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:84)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:82)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:84)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.openidm.authz.DelegatedAdminFilter.lambda$filterQuery$7(DelegatedAdminFilter.java:237)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:260)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:224)
      	at org.forgerock.openidm.authz.DelegatedAdminFilter.filterQuery(DelegatedAdminFilter.java:237)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:82)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.openidm.audit.filter.AuditFilter.lambda$filterQuery$4(AuditFilter.java:143)
      	at org.forgerock.openidm.audit.filter.AuditFilter.logAuditAccessEntry(AuditFilter.java:175)
      	at org.forgerock.openidm.audit.filter.AuditFilter.filterQuery(AuditFilter.java:143)
      	at org.forgerock.openidm.router.filter.MutableFilterDecorator.filterQuery(MutableFilterDecorator.java:90)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:82)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.openidm.servlet.internal.ServletConnectionFactory$3.lambda$filterQuery$4(ServletConnectionFactory.java:406)
      	at org.forgerock.openidm.servlet.internal.ServletConnectionFactory$3.handleRequestWithLogging(ServletConnectionFactory.java:434)
      	at org.forgerock.openidm.servlet.internal.ServletConnectionFactory$3.filterQuery(ServletConnectionFactory.java:406)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.openidm.router.filter.PassthroughFilter.filterQuery(PassthroughFilter.java:66)
      	at org.forgerock.openidm.router.filter.MutableFilterDecorator.filterQuery(MutableFilterDecorator.java:90)
      	at org.forgerock.openidm.router.filter.MutableFilterDecorator.filterQuery(MutableFilterDecorator.java:90)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.openidm.router.filter.PassthroughFilter.filterQuery(PassthroughFilter.java:66)
      	at org.forgerock.openidm.router.filter.MutableFilterDecorator.filterQuery(MutableFilterDecorator.java:90)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:82)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.openidm.servlet.internal.ResourceFilters$1.filterQuery(ResourceFilters.java:73)
      	at org.forgerock.json.resource.Filters$ConditionalFilter.filterQuery(Filters.java:82)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleQuery(FilterChain.java:93)
      	at org.forgerock.json.resource.FilterChain.handleQuery(FilterChain.java:250)
      	at org.forgerock.json.resource.InternalConnection.queryAsync(InternalConnection.java:74)
      	at org.forgerock.json.resource.AbstractConnectionWrapper.queryAsync(AbstractConnectionWrapper.java:185)
      	at org.forgerock.openidm.servlet.internal.ServletConnectionFactory$InternalConnectionWrapper.lambda$queryAsync$13(ServletConnectionFactory.java:373)
      	at org.forgerock.openidm.metrics.MetricsCollector.time(MetricsCollector.java:112)
      	at org.forgerock.openidm.servlet.internal.ServletConnectionFactory$InternalConnectionWrapper.time(ServletConnectionFactory.java:295)
      	at org.forgerock.openidm.servlet.internal.ServletConnectionFactory$InternalConnectionWrapper.queryAsync(ServletConnectionFactory.java:372)
      	at org.forgerock.json.resource.http.RequestRunner.visitQueryRequest(RequestRunner.java:220)
      	at org.forgerock.json.resource.http.RequestRunner.visitQueryRequest(RequestRunner.java:82)
      	at org.forgerock.json.resource.Requests$QueryRequestImpl.accept(Requests.java:444)
      	at org.forgerock.json.resource.http.RequestRunner.handleResult(RequestRunner.java:128)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:260)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:249)
      	at org.forgerock.json.resource.http.HttpAdapter.doRequest(HttpAdapter.java:718)
      	at org.forgerock.json.resource.http.HttpAdapter.doQuery(HttpAdapter.java:477)
      	at org.forgerock.json.resource.http.HttpAdapter.handle(HttpAdapter.java:286)
      	at org.forgerock.http.handler.Handlers$HandlerDescribableAsDescribableHandler.handle(Handlers.java:146)
      	at org.forgerock.http.filter.OptionsFilter.filter(OptionsFilter.java:69)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openidm.auth.ProfileEnhancementCheckFilter.filter(ProfileEnhancementCheckFilter.java:146)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openidm.auth.LoginCountFilter.filter(LoginCountFilter.java:63)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:181)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:260)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:249)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
      	at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
      	at org.forgerock.openidm.auth.AuthFilterWrapper.filter(AuthFilterWrapper.java:87)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:264)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:865)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1655)
      	at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:311)
      	at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:265)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:309)
      	at com.sun.proxy.$Proxy65.doFilter(Unknown Source)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.forgerock.openidm.jetty.LargePayloadServletFilter.doFilter(LargePayloadServletFilter.java:64)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:309)
      	at com.sun.proxy.$Proxy65.doFilter(Unknown Source)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
      	at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1340)
      	at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:293)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1242)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
      	at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
      	at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:740)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.Server.handle(Server.java:503)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:364)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
      	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
      	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: org.identityconnectors.framework.common.exceptions.ConnectorException: Error: 400
      {"Errors":{"description":"missing_authentication","code":400}}
      	at org.forgerock.openicf.connectors.scim.client.ScimClient.query(ScimClient.java:439)
      	at org.forgerock.openicf.connectors.scim.ScimConnector.executeQuery(ScimConnector.java:340)
      	at org.forgerock.openicf.connectors.scim.ScimConnector.executeQuery(ScimConnector.java:1)
      	at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:162)
      	at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.search(SearchImpl.java:118)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:104)
      	at com.sun.proxy.$Proxy70.search(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)
      	at com.sun.proxy.$Proxy70.search(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsProxy.java:157) 

      When using SCIM Connector v1.5.5.0, this error does not occur. I've attached a sample provisioner file which can be used to demonstrate this behaviour with the v1.5.6.0 connector.

      To reproduce:

      1. Install IDM 6.5.x
      2. Copy the attached provisioner to the /conf directory
      3. Start IDM
      4. Run GET http://localhost:8080/openidm/system/scim/account?_queryFilter=true

      Error will be observed within the IDM console.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              gael Gael Allioux
              Reporter:
              tom.wood Tom Wood
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: