[keycloak-user] AssertionConsumerServiceURL Requirement in AuthnRequest

Jacob D'Onofrio jacob.donofrio at gmail.com
Fri Feb 6 14:42:34 EST 2015 

Hi,

I am experimenting with using keycloak (1.1.0.Final) running on wildfly
8.2.0.Final as an IDP for a service which is running on WebLogic 10.3.6.
When WebLogic sends the request to keycloak, I get a NullPointerException
like so:

Caused by: java.lang.NullPointerException
        at
org.keycloak.protocol.saml.SamlService$BindingProtocol.loginRequest(SamlService.java:195)
[keycloak-saml-protocol-1.1.0.Final.jar:1.1.0.Final]
        at
org.keycloak.protocol.saml.SamlService$BindingProtocol.handleSamlRequest(SamlService.java:175)
[keycloak-saml-protocol-1.1.0.Final.jar:1.1.0.Final]
        at
org.keycloak.protocol.saml.SamlService$PostBindingProtocol.execute(SamlService.java:320)
[keycloak-saml-protocol-1.1.0.Final.jar:1.1.0.Final]
        at
org.keycloak.protocol.saml.SamlService.postBinding(SamlService.java:413)
[keycloak-saml-protocol-1.1.0.Final.jar:1.1.0.Final]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[rt.jar:1.7.0_65]
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
[rt.jar:1.7.0_65]
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_65]
        at java.lang.reflect.Method.invoke(Method.java:606)
[rt.jar:1.7.0_65]
        at
org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137)
[resteasy-jaxrs-3.0.10.Final.jar:]
        at
org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296)
[resteasy-jaxrs-3.0.10.Final.jar:]
        at
org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250)
[resteasy-jaxrs-3.0.10.Final.jar:]
        at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:140)
[resteasy-jaxrs-3.0.10.Final.jar:]
        at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:103)
[resteasy-jaxrs-3.0.10.Final.jar:]
        at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356)
[resteasy-jaxrs-3.0.10.Final.jar:]
        ... 39 more

I truncated the stack trace a bit. Looks like the method loginRequest of
SamlService.BindingProtocol expects that the AuthNRequest token specify a
AssertionConsumerServiceURL attribute, which WebLogic is not setting,
however the SAML documentation states that the attribute is optional.

I wanted to check here before I posted a JIRA issue if this is a bug, or
intended behavior.

Thanks,
Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150206/202974ec/attachment-0001.html

More information about the keycloak-user mailing list