[keycloak-user] Null pointer in keycloak saml adapter

Pulkit Gupta pulgupta at redhat.com
Wed Oct 19 03:21:23 EDT 2016 

Hi Everyone,

I am seeing something unusual.
We have multiple Keycloak configured applications on a 2 LB Jboss boxes.

One application is working perfectly fine. However in the other application
I am getting the below error. As per the resolution on access.redhat.com it
seems that this issue is related to some Jboss version and needs an upgrade.

However I am not convinced as if this is the case then how the other
application is working fine.
>From the below code it seems this is a bug in the keycloak itself.

Can you please check if indeed this is correct. Also in case this is a bug
then how can we proceed.

**CODE SNIPPET**

org.keycloak.adapters.saml.CatalinaSamlSessionStore

Line number 155-156

GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
if (samlSession.getPrincipal().getName().equals(*principal.getName()*))
// in clustered environment in JBossWeb, principal is not serialized or saved
if (principal == null) {...

We are first using principle to get the name and then checking if the
principle is null.


**ERROR**
2016-10-18 23:11:37,695 [ajp-/10.7.24.224:8009-21] ERROR
[org.apache.catalina.connector] JBWEB001018: An exception or error occurred
in the container during the request processing:
java.lang.NullPointerException
at org.keycloak.adapters.saml.CatalinaSamlSessionStore.isLogged
In(CatalinaSamlSessionStore.java:156)
at org.keycloak.adapters.saml.AbstractSamlAuthenticatorValve.
invoke(AbstractSamlAuthenticatorValve.java:183)
at org.jboss.as.web.security.SecurityContextAssociationValve.
invoke(SecurityContextAssociationValve.java:169)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHo
stValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo
rtValve.java:97)
at org.jboss.as.web.sso.ClusteredSingleSignOn.invoke(ClusteredS
ingleSignOn.java:356)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:559)
at org.apache.catalina.core.StandardEngineValve.invoke(Standard
EngineValve.java:102)
at com.redhat.container.UTF8Valve.invoke(UTF8Valve.java:26)
at com.redhat.container.redirect.RedirectToInternalValve.invoke
(RedirectToInternalValve.java:61)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd
apter.java:336)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:490)
at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.
process(AjpProtocol.java:420)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
at java.lang.Thread.run(Thread.java:745)

-- 
Thanks,
Pulkit
AMS

More information about the keycloak-user mailing list