Databases
StackOverflow2013
Postsdbo
POOpenAM HTTP Status 500
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POOpenAM HTTP Status 500
    primarykey
    data
    text
    <p>I need some help :)</p> <p>I am currently setting up partners for our SSO.</p> <p>We are using OpenAm . So we are the hosted service provider, and I set up the Identity provider - our partner.</p> <p>We have successful configuration but for this one I am running into a wall :/</p> <p>It is SAML2.0, Agent is installed on tomcat 7 and the communication seems fine.</p> <p>When our partner is sending us a request he gets :</p> <pre><code> HTTP 500 Exception: javax.servlet.ServletException : AMSetupFilter.doFilter com.sun.identify.setup.AMSetupFilter.doFilter(AMSetupFilter.java 121) Root cause: java.lang.NullPointerException com.sun.identity.saml2.profile.SPACSUtils.processResponse(SPACSUtils.java:1158) org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp) ..... com.sun.identify.setup.AMSetupFilter.doFilter(AMSetupFilter) </code></pre> <p>In the log I have : <strong>For SSO server catalina.out :</strong></p> <pre><code> Nov 26, 2013 4:52:22 PM com.sun.org.apache.xml.internal.security.signature.Reference verify INFO: Verification successful for URI "#_6cf47d3b-f425-4a10-aeb1-fa20cf763387" org.apache.jasper.JasperException: java.lang.NullPointerException at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:522) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:416) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:662) Caused by: java.lang.NullPointerException at com.sun.identity.saml2.profile.SPACSUtils.processResponse(SPACSUtils.java:1158) at org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp.java:224) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374) ... 21 more </code></pre> <p><strong>In the Session log of openAm:</strong></p> <pre><code> CookieMode is:true SessionID(HttpServletRequest) : is forward = null getSidFromQuery: request =org.apache.catalina.connector.RequestFacade@b1a7a0 getSidFromQuery: sid =null before decoding getSidFromURL:sidString=null after decoding: getSidFromURL:sidString=null could not create SSOToken from HttpRequest com.iplanet.dpro.session.SessionException: Invalid session ID. at com.iplanet.dpro.session.Session.getSession(Session.java:1089) at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:92) at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:241) at com.sun.identity.plugin.session.impl.FMSessionProvider.getSession(FMSessionProvider.java:408) at org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp.java:202) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) ... </code></pre> <p><strong>And probably the most interesting, the Federation log:</strong></p> <pre><code>SPACSUtils.getResponse: got response= (give me a proper xml response) **FMSessionProvider.getSession: Could not get the session from the HTTP request: Invalid session ID. spAssertionConsumer.jsp: Token is null.Invalid session ID.** SPACSUtils.processResponse: Response : com.sun.identity.saml2.protocol.impl.ResponseImpl@1262e43 SAML2Utils.getSPAdapterClass: get SPAdapter for *** getAttributeValueFromSSOConfig : realm - /*** getAttributeValueFromSSOConfig : hostEntityId - *** getAttributeValueFromSSOConfig : entityRole - SPRole getAttributeValueFromSSOConfig : attrName - spAdapter getAllAttributeValueFromSSOConfig : realm - /*** getAllAttributeValueFromSSOConfig : hostEntityId -*** getAllAttributeValueFromSSOConfig : entityRole - SPRole getAllAttributeValueFromSSOConfig : attrName - spAdapter SAML2MetaCache.getEntityConfig: cacheKey = ***, found = true SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: *** getAttributeValueFromSSOConfig: values=com.sun.xml.bind.util.ListImpl@1f SAML2Utils.getSPAdapterClass: get SPAdapter class SAML2MetaCache.getEntityConfig: cacheKey = /***, found = true SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: *** ConfigurationInstanceImpl.getAllConfigurationNames: realm = /***, componentName = LIBCOT CircleOfDescriptorCache:getCircleOfTrust:cacheKey = ***, found = true SAML2MetaCache.getEntityConfig: cacheKey = ***, found = true SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: *** SAML2MetaCache.getEntityDescriptor: cacheKey = ***, found = true SAML2MetaManager.getEntityDescriptor: got descriptor from SAML2MetaCache *** SAML2Utils:getWantPOSTResponseSigned : realm - /*** SAML2Utils:getWantPOSTResponseSigned : hostEntityId - *** SAML2Utils:getWantPOSTResponseSigned : entityRole - SPRole getAttributeValueFromSSOConfig : realm - /*** getAttributeValueFromSSOConfig : hostEntityId -*** getAttributeValueFromSSOConfig : entityRole - SPRole getAttributeValueFromSSOConfig : attrName - wantPOSTResponseSigned getAllAttributeValueFromSSOConfig : realm - /*** getAllAttributeValueFromSSOConfig : hostEntityId - *** getAllAttributeValueFromSSOConfig : entityRole - SPRole getAllAttributeValueFromSSOConfig : attrName - wantPOSTResponseSigned SAML2MetaCache.getEntityConfig: cacheKey = ***, found = true SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: *** getAttributeValueFromSSOConfig: values=com.sun.xml.bind.util.ListImpl@5cb1942 SAML2Utils.verifyResponse:binding is :urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST SAML2MetaCache.getEntityConfig: cacheKey = ***, found = true SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: *** ConfigurationInstanceImpl.getAllConfigurationNames: realm = /***, componentName = LIBCOT CircleOfDescriptorCache:getCircleOfTrust:cacheKey = ***, found = true SAML2MetaCache.getEntityDescriptor: cacheKey = ***, found = true SAML2MetaManager.getEntityDescriptor: got descriptor from SAML2MetaCache *** FMSigProvider.verify: The cert contained in the document is the same as the one being passed in. validateCertificate : CRL check is not configured. Just return it is good. FMSigProvider.verify: Signature verification successful. SAML2Utils.isBearerSubjectConfirmation:timeskew = 300 AuthContext Class Name is :com.sun.identity.saml2.plugins.DefaultSPAuthnContextMapper getAllAttributeValueFromSSOConfig : realm - /*** getAllAttributeValueFromSSOConfig : hostEntityId - *** getAllAttributeValueFromSSOConfig : entityRole - SPRole getAllAttributeValueFromSSOConfig : attrName - spAuthncontextClassrefMapping SAML2MetaCache.getEntityConfig: cacheKey = ***, found = true SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: *** DefaultSPAuthnContextMapper: List:com.sun.xml.bind.util.ListImpl@8d71dc68 DefaultSPAuthnContextMapper.getAuthnCtxFromSPConfig: AuthLevel is 0 DefaultSPAuthnContextMapper:hostEntityID:*** DefaultSPAuthnContextMapper:realm:/*** DefaultSPAuthnContextMapper:MAP:{default=0, urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport=0, defaultClassRef=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport} DefaultSPAuthnContextMapper:HASH:{***={default=0, urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport=0, defaultClassRef=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}} DefaultSPAuthnContextMapper:authnClRef:urn:federation:authentication:windows DefaultSPAuthnContextMapper:authLevel :0 SAML2Utils.fillMap: Found valid authentication assertion. SPACSUtils.processResponse: Assertions : [com.sun.identity.saml2.assertion.impl.AssertionImpl@1f2c081] SAML2MetaManager.getEntityConfig: got entity config from SAML2MetaCache: DefaultAccountMapper.constructor: DefaultLibrarySPAccountMapper.constructor: DefaultSPAccountMapper.constructor: SPACSUtils.getSPAccountMapper: mapper = com.sun.identity.saml2.plugins.DefaultSPAccountMapper DefaultSPAttributeMapper.constructor SAML2MetaCache.getEntityDescriptor: cacheKey =, found = true </code></pre>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USjulien
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. COWhen providing stacktraces it is usually beneficial to also provide product version, so people can actually match it up with the code.
      singulars
      1. POOpenAM HTTP Status 500
      1. USPeter Major
    2. COThank you for the reminder :) . OpenAM 10.1.0-Xpress. We identified that this error is most likely from an error of our partner request (trimmed too much information !). I am trying to see if there is any way of send a request manually (be the idp ) rather than waiting on our partner to send us request so we can test our sso configuration. I tried with : `<form id="theform" action="https://ssotest/sp/saml2/jsp/idpSSOInit.jsp" method="post"> ...` But it does not seem to work ! I get an authentication error (null pointer)
      singulars
      1. POOpenAM HTTP Status 500
      1. USjulien
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload