Message Title

michael cirioli created an issue

PLINK-429

Issue Type:	Bug
Assignee:	Anil Saldhana
Created:	14/May/14 4:11 PM
Environment:	EAP 6.x
Priority:	Minor
Reporter:	michael cirioli

When using the org.jboss.security.mapping.providers.attribute.LdapAttributeMappingProvider to provide SAML attributes from LDAP and no results are returned from the LDAP query, PicketLink blows up trying to create the SAML response.

2014-05-14 16:01:33,243 TRACE [org.jboss.security] (http-/10.7.26.48:8080-1) PBOX000220: Logging into LDAP server with env {java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, attributeList=mail,cn,givenName,sn,rhatPersonType, java.naming.security.principal=uid=picketlink,ou=serviceaccounts,dc=redhat,dc=com, searchTimeLimit=10000, baseCtxDN=ou=users,dc=redhat,dc=com, baseFilter=(uid=

{0}

), java.naming.provider.url=ldaps://ldap01.intranet.dev.int.devlab.redhat.com, bindDN=uid=picketlink,ou=serviceaccounts,dc=redhat,dc=com, bindCredential=*****, java.naming.security.authentication=simple, java.naming.security.credentials=*****}
2014-05-14 16:01:33,912 DEBUG [org.jboss.security] (http-/10.7.26.48:8080-1) PBOX000293: Exception caught: javax.naming.NamingException: PBOX000037: Search for context ou=users,dc=redhat,dc=com found no results
at org.jboss.security.mapping.providers.attribute.LdapAttributeMappingProvider.performMapping(LdapAttributeMappingProvider.java:217)
at org.jboss.security.mapping.providers.attribute.LdapAttributeMappingProvider.performMapping(LdapAttributeMappingProvider.java:94)
at org.jboss.security.mapping.MappingContext.performMapping(MappingContext.java:54)
at org.picketlink.identity.federation.bindings.jboss.attribute.JBossAppServerAttributeManager.getAttributes(JBossAppServerAttributeManager.java:73)
at org.picketlink.identity.federation.core.impl.DelegatedAttributeManager.getAttributes(DelegatedAttributeManager.java:67)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.processSAMLRequestMessage(AbstractIDPValve.java:806)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.handleSAMLMessage(AbstractIDPValve.java:403)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.invoke(AbstractIDPValve.java:350)
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
at org.jboss.as.web.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:356)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:559)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]

2014-05-14 16:01:33,914 TRACE [org.picketlink.common] (http-/10.7.26.48:8080-1) Final attribute map size: 0
2014-05-14 16:01:33,915 TRACE [org.picketlink.common] (http-/10.7.26.48:8080-1) Handlers are=[org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler@4ec645b7, org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler@32dfb243, org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler@f970193, org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler@55173994, org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler@232821e7, org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureValidationHandler@1b74b777]
2014-05-14 16:01:33,915 TRACE [org.picketlink.common] (http-/10.7.26.48:8080-1) Domains that IDP trusts = saml03.web.dev.ext.devlab.redhat.com,mobiledev-rhu.rhcloud.com,dev.lecorpio.com,www.lecorpioondemand.net,saml.deviam.devlab.redhat.com,redhat-test.bluejeans.com,samlsp.bluejeans.com,qa.pubsuite.com,rewardzone.redhat.com,redhatdemo.demo.starsperformance.com,redhatqa.service-now.com,redhatdev.service-now.com,redhatstage.service-now.com,redhat.service-now.com,uat.mojo.redhat.com,mojo.redhat.com,samlsp01.intranet.dev.int.devlab.redhat.com,vkumar-sp.devlab.phx1.redhat.com,localhost,10.7.15.171,10.11.217.71,vkumar.devlab.redhat.com and issuer domain = vkumar-sp.devlab.phx1.redhat.com
2014-05-14 16:01:33,915 TRACE [org.picketlink.common] (http-/10.7.26.48:8080-1) Destination = https://vkumar-sp.devlab.phx1.redhat.com/sales-post/
2014-05-14 16:01:33,915 TRACE [org.picketlink.common] (http-/10.7.26.48:8080-1) AssertionConsumerURL=https://vkumar-sp.devlab.phx1.redhat.com/sales-post/
2014-05-14 16:01:33,934 ERROR [org.picketlink.common] (http-/10.7.26.48:8080-1) Exception in processing authentication:: org.picketlink.common.exceptions.ConfigurationException: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at org.picketlink.common.DefaultPicketLinkLogger.configurationError(DefaultPicketLinkLogger.java:721)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:101)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:118)
at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.createResponseType(SAML2Response.java:236)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$IDPAuthenticationHandler.getResponse(SAML2AuthenticationHandler.java:276)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$IDPAuthenticationHandler.handleRequestType(SAML2AuthenticationHandler.java:197)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler.handleRequestType(SAML2AuthenticationHandler.java:126)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.processSAMLRequestMessage(AbstractIDPValve.java:833)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.handleSAMLMessage(AbstractIDPValve.java:403)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.invoke(AbstractIDPValve.java:350)
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
at org.jboss.as.web.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:356)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:559)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at javax.xml.datatype.DatatypeFactory.newInstance(DatatypeFactory.java:135) [rt.jar:1.7.0_45]
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.newDatatypeFactory(XMLTimeUtil.java:244)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:99)
... 19 more
Caused by: java.lang.ClassNotFoundException: _redirected/_DatatypeFactory
at java.lang.Class.forName0(Native Method) [rt.jar:1.7.0_45]
at java.lang.Class.forName(Class.java:270) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.getProviderClass(FactoryFinder.java:126) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.newInstance(FactoryFinder.java:181) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.newInstance(FactoryFinder.java:150) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.find(FactoryFinder.java:222) [rt.jar:1.7.0_45]
at javax.xml.datatype.DatatypeFactory.newInstance(DatatypeFactory.java:129) [rt.jar:1.7.0_45]
... 21 more

2014-05-14 16:01:33,937 ERROR [org.picketlink.common] (http-/10.7.26.48:8080-1) Exception in processing request:: org.picketlink.common.exceptions.ProcessingException: PL00102: Processing Exception:
at org.picketlink.common.DefaultPicketLinkLogger.processingError(DefaultPicketLinkLogger.java:174)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$IDPAuthenticationHandler.handleRequestType(SAML2AuthenticationHandler.java:224)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler.handleRequestType(SAML2AuthenticationHandler.java:126)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.processSAMLRequestMessage(AbstractIDPValve.java:833)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.handleSAMLMessage(AbstractIDPValve.java:403)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.invoke(AbstractIDPValve.java:350)
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
at org.jboss.as.web.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:356)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:559)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.picketlink.common.exceptions.ConfigurationException: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at org.picketlink.common.DefaultPicketLinkLogger.configurationError(DefaultPicketLinkLogger.java:721)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:101)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:118)
at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.createResponseType(SAML2Response.java:236)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$IDPAuthenticationHandler.getResponse(SAML2AuthenticationHandler.java:276)
at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$IDPAuthenticationHandler.handleRequestType(SAML2AuthenticationHandler.java:197)
... 15 more
Caused by: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at javax.xml.datatype.DatatypeFactory.newInstance(DatatypeFactory.java:135) [rt.jar:1.7.0_45]
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.newDatatypeFactory(XMLTimeUtil.java:244)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:99)
... 19 more
Caused by: java.lang.ClassNotFoundException: _redirected/_DatatypeFactory
at java.lang.Class.forName0(Native Method) [rt.jar:1.7.0_45]
at java.lang.Class.forName(Class.java:270) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.getProviderClass(FactoryFinder.java:126) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.newInstance(FactoryFinder.java:181) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.newInstance(FactoryFinder.java:150) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.find(FactoryFinder.java:222) [rt.jar:1.7.0_45]
at javax.xml.datatype.DatatypeFactory.newInstance(DatatypeFactory.java:129) [rt.jar:1.7.0_45]
... 21 more

2014-05-14 16:01:33,939 TRACE [org.jboss.as.web.security] (http-/10.7.26.48:8080-1) End invoke, caller=null
2014-05-14 16:01:33,939 TRACE [org.jboss.security] (http-/10.7.26.48:8080-1) PBOX000354: Setting security roles ThreadLocal: null
2014-05-14 16:01:33,940 ERROR [org.apache.catalina.connector] (http-/10.7.26.48:8080-1) JBWEB001018: An exception or error occurred in the container during the request processing: java.lang.RuntimeException: org.picketlink.common.exceptions.ConfigurationException: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.createResponseType(SAML2Response.java:307)
at org.picketlink.identity.federation.web.util.IDPWebRequestUtil.getErrorResponse(IDPWebRequestUtil.java:304)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.processSAMLRequestMessage(AbstractIDPValve.java:856)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.handleSAMLMessage(AbstractIDPValve.java:403)
at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.invoke(AbstractIDPValve.java:350)
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
at org.jboss.as.web.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:356)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:559)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.picketlink.common.exceptions.ConfigurationException: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at org.picketlink.common.DefaultPicketLinkLogger.configurationError(DefaultPicketLinkLogger.java:721)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:101)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:118)
at org.picketlink.identity.federation.api.saml.v2.response.SAML2Response.createResponseType(SAML2Response.java:305)
... 15 more
Caused by: javax.xml.datatype.DatatypeConfigurationException: Provider _redirected._DatatypeFactory not found
at javax.xml.datatype.DatatypeFactory.newInstance(DatatypeFactory.java:135) [rt.jar:1.7.0_45]
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.newDatatypeFactory(XMLTimeUtil.java:244)
at org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil.getIssueInstant(XMLTimeUtil.java:99)
... 17 more
Caused by: java.lang.ClassNotFoundException: _redirected/_DatatypeFactory
at java.lang.Class.forName0(Native Method) [rt.jar:1.7.0_45]
at java.lang.Class.forName(Class.java:270) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.getProviderClass(FactoryFinder.java:126) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.newInstance(FactoryFinder.java:181) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.newInstance(FactoryFinder.java:150) [rt.jar:1.7.0_45]
at javax.xml.datatype.FactoryFinder.find(FactoryFinder.java:222) [rt.jar:1.7.0_45]
at javax.xml.datatype.DatatypeFactory.newInstance(DatatypeFactory.java:129) [rt.jar:1.7.0_45]
... 19 more

Add Comment

This message was sent by Atlassian JIRA