[keycloak-user] Unable to integrate SAML 2 provider - Pingfederate

Dmitry Telegin demetrio at carretti.pro
Thu May 2 17:10:15 EDT 2019


Hi Bruce,

>From my practice I can confirm that Keycloak works with PingFederate pretty well.

Below that "Caused by: java.lang.NullPointerException", do you see anything related to java.util.regex.Matcher? If so, you're probably trying IdP-initiated SSO from Ping to Keycloak, which needs to be set up differently [1] (look for "When using identity brokering")

[1] https://www.keycloak.org/docs/latest/server_admin/index.html#idp-initiated-login

Cheers,
Dmitry

On Thu, 2019-05-02 at 13:10 +0530, Bruce Wings wrote:
> Any idea whether PingFederate integration is supported by keycloak? Any
> documentation for integrating PingFederate with keycloak?
> 
> > On Wed, May 1, 2019 at 9:05 AM Bruce Wings <testoauth55 at gmail.com> wrote:
> 
> > I have successfully integrated OKTA as SAML 2 provider.
> > Now I am trying to integrate Pingfederate as SAML 2 provider. Pingfederate
> > successfully redirctes back to keycloak :
> > ( <myhost>/auth/realms/<myRealm>/broker/pingfed/endpoint )
> > 
> > But keycloak gives following error trace:
> > 
> > 2019-04-30 13:27:23,196 ERROR
> > [org.keycloak.services.error.KeycloakErrorHandler] (default task-3)
> > Uncaught server error:
> > org.keycloak.broker.provider.IdentityBrokerException: Could not process
> > response from SAML identity provider.
> > at
> > org.keycloak.broker.saml.SAMLEndpoint$Binding.handleLoginResponse(SAMLEndpoint.java:450)
> > at
> > org.keycloak.broker.saml.SAMLEndpoint$Binding.handleSamlResponse(SAMLEndpoint.java:485)
> > at
> > org.keycloak.broker.saml.SAMLEndpoint$Binding.execute(SAMLEndpoint.java:243)
> > at org.keycloak.broker.saml.SAMLEndpoint.postBinding(SAMLEndpoint.java:159)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> > at java.lang.reflect.Method.invoke(Method.java:498)
> > at
> > org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140)
> > at
> > org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:510)
> > at
> > org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:401)
> > at
> > org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:365)
> > at
> > org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361)
> > at
> > org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:367)
> > at
> > org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:339)
> > at
> > org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:137)
> > at
> > org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:106)
> > at
> > org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:132)
> > at
> > org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:100)
> > at
> > org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:441)
> > at
> > org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:231)
> > at
> > org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:137)
> > at
> > org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361)
> > at
> > org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:140)
> > at
> > org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:217)
> > at
> > org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227)
> > at
> > org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
> > at
> > org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
> > at
> > io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
> > at
> > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
> > at
> > org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90)
> > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> > at
> > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> > at
> > io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
> > at
> > io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
> > at
> > io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
> > at
> > io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
> > at
> > org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
> > at
> > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> > at
> > io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
> > at
> > io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
> > at
> > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> > at
> > io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> > at
> > io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> > at
> > io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> > at
> > io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> > at
> > io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> > at
> > io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> > at
> > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> > at
> > org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> > at
> > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> > at
> > org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
> > at
> > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> > at
> > io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> > at
> > io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> > at
> > org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
> > at
> > org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
> > at
> > org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
> > at
> > org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
> > at
> > org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> > at
> > io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:360)
> > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
> > at
> > org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> > at
> > org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> > at
> > org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> > at
> > org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
> > at java.lang.Thread.run(Thread.java:748)
> > Caused by: java.lang.NullPointerException
> > 
> > 
> > 
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list