Uploaded image for project: 'OpenIG'
  1. OpenIG
  2. OPENIG-291

Class cast exception when using SAML federation & policy agent together

    XMLWordPrintable

    Details

      Description

      When moving the federation tutorial configuration to use routing, I encountered a Class cast exception when using SAML federation & a Jetty policy agent together.

      The policy agent was set up in Jetty with the following filter configuration almost as described in the OpenIG chapter on password capture & replay, but with the filter-mapping > url-pattern set to /replay rather than * because I am moving to use routes:

      <filter>
        <filter-name>Agent</filter-name>
        <display-name>Agent</display-name>
        <description>OpenAM Policy Agent Filter</description>
        <filter-class&gt;com.sun.identity.agents.filter.AmAgentFilter</filter-class&gt;
      </filter>
       
      <filter-mapping>
        <filter-name>Agent</filter-name>
        <url-pattern>/replay</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>INCLUDE</dispatcher>
        <dispatcher>FORWARD</dispatcher>
        <dispatcher>ERROR</dispatcher>
      </filter-mapping>
      

      Here's the stack trace captured by the ConsoleLogSink in Jetty output:

      2014-08-26T15:19:47Z:SamlFederationHandler.started:STAT:Started
      java.lang.ClassCastException: com.sun.identity.configuration.FedSystemProperties cannot be cast to com.sun.identity.shared.configuration.ISystemProperties
      	at com.sun.identity.shared.configuration.SystemPropertiesManager.instantiateProvider(SystemPropertiesManager.java:102)
      	at com.sun.identity.shared.configuration.SystemPropertiesManager.<clinit>(SystemPropertiesManager.java:56)
      	at com.sun.identity.shared.debug.Debug.initialize(Debug.java:251)
      	at com.sun.identity.shared.debug.Debug.<clinit>(Debug.java:662)
      	at com.sun.identity.shared.locale.Locale.<clinit>(Locale.java:80)
      	at com.sun.identity.saml2.meta.SAML2MetaUtils.<clinit>(SAML2MetaUtils.java:84)
      	at com.sun.identity.saml2.meta.SAML2MetaManager.<clinit>(SAML2MetaManager.java:88)
      	at org.forgerock.openig.handler.saml.FederationServlet.serviceSPInitiatedSSO(FederationServlet.java:281)
      	at org.forgerock.openig.handler.saml.FederationServlet.service(FederationServlet.java:158)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      	at org.forgerock.openig.handler.saml.SamlFederationHandler.handle(SamlFederationHandler.java:53)
      	at org.forgerock.openig.handler.router.Route.handle(Route.java:169)
      	at org.forgerock.openig.handler.router.RouterHandler.handle(RouterHandler.java:247)
      	at org.forgerock.openig.filter.Chain$1.handle(Chain.java:88)
      	at org.forgerock.openig.filter.CaptureFilter.filter(CaptureFilter.java:171)
      	at org.forgerock.openig.filter.Chain$1.handle(Chain.java:86)
      	at org.forgerock.openig.filter.Chain.handle(Chain.java:94)
      	at org.forgerock.openig.handler.DispatchHandler.handle(DispatchHandler.java:90)
      	at org.forgerock.openig.servlet.GatewayServlet.service(GatewayServlet.java:257)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:503)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
      	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
      	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
      	at org.eclipse.jetty.server.Server.handle(Server.java:370)
      	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
      	at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)
      	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)
      	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
      	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
      	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
      	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
      	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
      	at java.lang.Thread.run(Thread.java:745)
      libSAML2:08/26/2014 05:19:47:395 PM CEST: Thread[qtp1757293506-14,5,main]
      SAML2MetaUtils.static: jaxbPackages = com.sun.identity.saml2.jaxb.xmlenc:com.sun.identity.saml2.jaxb.xmlsig:com.sun.identity.saml2.jaxb.assertion:com.sun.identity.saml2.jaxb.metadata:com.sun.identity.saml2.jaxb.metadataattr:com.sun.identity.saml2.jaxb.entityconfig:com.sun.identity.saml2.jaxb.schema
      2014-08-26T15:19:47Z:SamlFederationHandler.elapsed:STAT:Elapsed time: 65 ms:65 ms
      2014-08-26 17:19:47.437:WARN:oejs.ServletHandler:Error for /saml/SPInitiatedSSO
      java.lang.ExceptionInInitializerError
      	at org.forgerock.openig.handler.saml.FederationServlet.serviceSPInitiatedSSO(FederationServlet.java:281)
      	at org.forgerock.openig.handler.saml.FederationServlet.service(FederationServlet.java:158)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      	at org.forgerock.openig.handler.saml.SamlFederationHandler.handle(SamlFederationHandler.java:53)
      	at org.forgerock.openig.handler.router.Route.handle(Route.java:169)
      	at org.forgerock.openig.handler.router.RouterHandler.handle(RouterHandler.java:247)
      	at org.forgerock.openig.filter.Chain$1.handle(Chain.java:88)
      	at org.forgerock.openig.filter.CaptureFilter.filter(CaptureFilter.java:171)
      	at org.forgerock.openig.filter.Chain$1.handle(Chain.java:86)
      	at org.forgerock.openig.filter.Chain.handle(Chain.java:94)
      	at org.forgerock.openig.handler.DispatchHandler.handle(DispatchHandler.java:90)
      	at org.forgerock.openig.servlet.GatewayServlet.service(GatewayServlet.java:257)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:503)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
      	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
      	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
      	at org.eclipse.jetty.server.Server.handle(Server.java:370)
      	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
      	at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)
      	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)
      	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
      	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
      	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
      	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
      	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: 
      java.lang.NullPointerException
      	at java.lang.Class.forName0(Native Method)
      	at java.lang.Class.forName(Class.java:259)
      	at com.sun.identity.plugin.configuration.ConfigurationManager.getConfigurationInstance(ConfigurationManager.java:66)
      	at com.sun.identity.plugin.configuration.ConfigurationManager.getConfigurationInstance(ConfigurationManager.java:53)
      	at com.sun.identity.saml2.meta.SAML2MetaManager.<clinit>(SAML2MetaManager.java:104)
      	at org.forgerock.openig.handler.saml.FederationServlet.serviceSPInitiatedSSO(FederationServlet.java:281)
      	at org.forgerock.openig.handler.saml.FederationServlet.service(FederationServlet.java:158)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      	at org.forgerock.openig.handler.saml.SamlFederationHandler.handle(SamlFederationHandler.java:53)
      	at org.forgerock.openig.handler.router.Route.handle(Route.java:169)
      	at org.forgerock.openig.handler.router.RouterHandler.handle(RouterHandler.java:247)
      	at org.forgerock.openig.filter.Chain$1.handle(Chain.java:88)
      	at org.forgerock.openig.filter.CaptureFilter.filter(CaptureFilter.java:171)
      	at org.forgerock.openig.filter.Chain$1.handle(Chain.java:86)
      	at org.forgerock.openig.filter.Chain.handle(Chain.java:94)
      	at org.forgerock.openig.handler.DispatchHandler.handle(DispatchHandler.java:90)
      	at org.forgerock.openig.servlet.GatewayServlet.service(GatewayServlet.java:257)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:503)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
      	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
      	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
      	at org.eclipse.jetty.server.Server.handle(Server.java:370)
      	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
      	at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)
      	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)
      	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
      	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
      	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
      	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
      	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
      	at java.lang.Thread.run(Thread.java:745)
      
      
      

      See the attached configuration.

      See also the Federation Tutorial.

        Attachments

        1. 05-federate.json
          2 kB
        2. 05-saml.json
          0.6 kB
        3. config.json
          1 kB

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                Mark Mark Craig
              • Votes:
                1 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: