Uploaded image for project: 'PicketLink Federated Identity'
  1. PicketLink Federated Identity
  2. PLFED-324

RuntimeException on global logout with SAML2AttributeHandler

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: PLFED_2.0.3.Final, PLFED_2.1.1.Final
    • Fix Version/s: PLFED_2.1.4.final
    • Component/s: SAML
    • Labels:
      None
    • Environment:

      JBoss 7.1.0, JBoss 7.1.1

      Description

      I am using the SAML2AttributeHandler to send the email, firstname and lastname from the IDP to a SP. When I try to logout by adding "?GLO=true" to the current URL, the SAML2AttributeHandler throws an exception Assertion not found in the handler request on the SP side.

      11:41:56,801 ERROR org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator (http-localhost-127.0.0.1-8080-1) Server Exception:: java.lang.RuntimeException: PL00092: Null Value:Assertion not found in the handler request:

      {CONFIGURATION=org.picketlink.identity.federation.core.config.SPType@60b24245}

      at org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler.handleIDPResponse(SAML2AttributeHandler.java:175) picketlink-fed-2.0.3.Final.jar:2.0.3.Final
      at org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler.handleStatusResponseType(SAML2AttributeHandler.java:146) picketlink-fed-2.0.3.Final.jar:2.0.3.Final
      at org.picketlink.identity.federation.web.process.SAMLHandlerChainProcessor.callHandlerChain(SAMLHandlerChainProcessor.java:72) picketlink-fed-2.0.3.Final.jar:2.0.3.Final
      at org.picketlink.identity.federation.web.process.ServiceProviderSAMLResponseProcessor.process(ServiceProviderSAMLResponseProcessor.java:174) picketlink-fed-2.0.3.Final.jar:2.0.3.Final
      at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.handleSAMLResponse(SPRedirectFormAuthenticator.java:264) picketlink-bindings-2.0.3.Final.jar:2.0.3.Final
      at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.authenticate(SPRedirectFormAuthenticator.java:170) picketlink-bindings-2.0.3.Final.jar:2.0.3.Final
      at org.picketlink.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator.authenticate(SPRedirectFormAuthenticator.java:121) picketlink-bindings-2.0.3.Final.jar:2.0.3.Final
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) jbossweb-7.0.10.Final.jar:
      at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) jboss-as-web-7.1.0.Final.jar:7.1.0.Final
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) jbossweb-7.0.10.Final.jar:
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) jbossweb-7.0.10.Final.jar:
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) jbossweb-7.0.10.Final.jar:
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) jbossweb-7.0.10.Final.jar:
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) jbossweb-7.0.10.Final.jar:
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) jbossweb-7.0.10.Final.jar:
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) jbossweb-7.0.10.Final.jar:
      at java.lang.Thread.run(Thread.java:679) SAML2AttributeHandler and Global logout

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                pcraveiro Pedro Igor
                Reporter:
                mksplg Markus Plangg
              • Votes:
                1 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: