SimpleAuthZRealm error in 2.7.0
183 views
Skip to first unread message
Mark
Jul 31, 2015, 4:44:54 PM7/31/15
to ddf-users
I am working on getting DDF 2.7.0 set up with PKI Authorization. I have the following setup :
Security STS LDAP Login - set up to connect to my Active Directory
Security STS LDAP and Roles Claims Handler - set up to connect to my Active Directory
Security STS PKI Token Validator - Realms set to "ldap"
Web Context Policy Manager -
For Authentication Types, I have "/jolokia=SAML|PKI".
For Context Realms I have "/jolokia=ldap"
For "Required Attributes", I have "/jolokia={http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname=Mark}"
When I load https://<DDF>/jolokia, I see in the log file the following entry:
2015-07-31 13:27:02,523 | DEBUG | 86-81 - /jolokia | ModularRealmAuthenticator | hc.pam.ModularRealmAuthenticator 231 | 209 - org.apache.shiro.core - 1.2.3 | Realm [ddf.security.pdp.realm.SimpleAuthzRealm@78047b16] does not support token dn: <My DN info from certificate loaded into browser>. Skipping realm.
So my question is, what should the "Security Simple AuthZ Realm" be set to? My AD does not yet have a "roles" attribute, so I am currently testing with a simple test using givenname just to get things working while the AD is set up. Is it a problem that the AD entry does not have a role attribute and could be causing trouble with the Simple AuthZ Realm or is there some other problem.
Thanks,
Mark
Scott Tustison
Aug 3, 2015, 3:03:23 PM8/3/15
to ddf-users
This doesn't appear to be an issue with the PDP to me. The realm that authenticates that token is the StsRealm. Are you using 2.7.0 or 2.7.1, because there was a bug that was fixed with PKI for 2.7.1 -> https://github.com/codice/ddf-platform/commit/496408a8821899a327b3046a382233ba539cc375
Scott
Mark
Aug 3, 2015, 3:16:51 PM8/3/15
to ddf-users
Scott,
Thanks for getting back to me on this. I am using 2.7.0. Is there a 2.7.1 release that I can download or do I need to build from source?
Mark
Jason Smith
Aug 3, 2015, 3:35:57 PM8/3/15
to ddf-users
Mark - I think Scott was referring to the ddf-platform version. If you are using the DDF 2.7.0 release, then you are using platform 2.7.1. See https://github.com/codice/ddf/blob/ddf-distribution-2.7.0/distribution/ddf/pom.xml.
- Jason
Mark
Aug 3, 2015, 3:38:17 PM8/3/15
to ddf-users
OK, Thanks. If that is the case, any ideas where I'm going wrong with Authorization and PKI / LDAP?
Mark
Aug 4, 2015, 4:19:03 PM8/4/15
to ddf-users
I am working on tracking this down and it appears that I have an exception getting thrown in my Active Directory connection. I get the following line in ddf.log:
2015-08-04 12:25:18,965 | TRACE | rityTokenService | LdapClaimsHandler | .claimsHandler.LdapClaimsHandler 123 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Executing ldap search with base dn of null and filter of (&(objectclass=person)(CN=Mark Webb))
My concern is why the base DN is null. I have verified in the "Security STS LDAP and Roles Claims Handler" that the "LDAP Base User DN" is properly set and verified using the JXplorer. I even verified the configuration and restarted DDF and after the reboot, I see the values in the DDF Web Console Configuration page (https://localhost:8993/system/console/configMgr)
Is the Base DN this entry is referencing set up somewhere else? The only places I can find to configure an LDAP connection is:
Security STS LDAP and Roles Claims Handler
Security STS LDAP Login
In both configurations I've verified that the connection info is identical. Using the Karaf commands:
config:list "(service.pid=ddf.security.sts.claimsHandler)"
config:list "(service.pid=ddf.security.sts.ldap)"
Thanks,
Mark
Mark
Aug 4, 2015, 4:31:26 PM8/4/15
to ddf-users
Quick follow up...
I cleared out the data/log directory and restarted DDF with the logging level set to TRACE. Once DDF was restarted, I did the following:
$ grep "userBaseDn" *
ddf.log:2015-08-04 13:14:08,758 | DEBUG | Event Dispatcher | CmManagedProperties | ompendium.cm.CmManagedProperties 261 | 13 - org.apache.aries.blueprint.cm - 1.0.5 | Unable to find a valid setter method for property userBaseDn and value <My LDAP DN>
ddf.log:2015-08-04 13:14:17,527 | DEBUG | Thread-125 | CmManagedProperties | ompendium.cm.CmManagedProperties 261 | 13 - org.apache.aries.blueprint.cm - 1.0.5 | Unable to find a valid setter method for property userBaseDn and value <My LDAP DN>
ddf.log:2015-08-04 13:14:32,073 | TRACE | Event Dispatcher | ClaimsHandlerManager | aimsHandler.ClaimsHandlerManager 309 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Setting userBaseDn: ou=users,dc=example,dc=com <-- This is not my LDAP DN -->
ddf.log:2015-08-04 13:14:32,077 | TRACE | Event Dispatcher | ClaimsHandlerManager | aimsHandler.ClaimsHandlerManager 309 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Setting userBaseDn: <My LDAP DN>
$ grep "Executing ldap search" *
ddf.log:2015-08-04 13:18:18,639 | TRACE | rityTokenService | LdapClaimsHandler | .claimsHandler.LdapClaimsHandler 123 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Executing ldap search with base dn of null and filter of (&(objectclass=person)(CN=Mark Webb))
So I'm confused as to why I get the log entry at 2015-08-04 13:14:32,077 stating the user base DN was set properly and then at 2015-08-04 13:18:18,639 the base DN used for searching is null. Any help would be greatly appreciated.
Thanks,
Mark
Mark
Aug 10, 2015, 9:12:01 AM8/10/15
to ddf-users
Is there any other configuration that needs to get done so that the Base DN is not set to null in the LDAP Claims Handler?
Thank you,
Mark
Scott Tustison
Aug 10, 2015, 9:56:05 AM8/10/15
to ddf-users
I'll take a look at this today. It sounds as if there might be a bug.
Scott
Mark
Aug 11, 2015, 12:43:42 PM8/11/15
to ddf-users
Not sure if this helps, but here's additional stack trace information:
2015-08-10 06:34:33,534 | DEBUG | rityTokenService | PKITokenValidator | .validator.pki.PKITokenValidator 244 | 253 - security-sts-pkivalidator - 2.7.1 | Encoded username/password credential: [encoded data removed for brevity]
2015-08-10 06:34:33,535 | TRACE | rityTokenService | PKITokenValidator | .validator.pki.PKITokenValidator 160 | 253 - security-sts-pkivalidator - 2.7.1 | Validating PKI Token
2015-08-10 06:34:33,535 | DEBUG | rityTokenService | PKITokenValidator | .validator.pki.PKITokenValidator 244 | 253 - security-sts-pkivalidator - 2.7.1 | Encoded username/password credential: [encoded data removed for brevity]
2015-08-10 06:34:33,542 | DEBUG | rityTokenService | Merlin | pache.wss4j.common.crypto.Merlin 869 | 171 - org.apache.wss4j.wss4j-ws-security-common - 2.0.3 | Preparing to validate certificate path for issuer CN=SubCA1,DC=X,DC=Y
2015-08-10 06:34:33,544 | WARN | rityTokenService | CryptoBase | e.wss4j.common.crypto.CryptoBase 324 | 171 - org.apache.wss4j.wss4j-ws-security-common - 2.0.3 | No Subject DN Certificate Constraints were defined. This could be a security issue
2015-08-10 06:34:33,547 | DEBUG | rityTokenService | SignatureTrustValidator | validate.SignatureTrustValidator 111 | 172 - org.apache.wss4j.wss4j-ws-security-dom - 2.0.3 | Certificate path has been verified for certificate with subject 1.2.840.113549.1.9.1=#160e776562626d40646367732e6d696c,CN=Mark Webb,OU=X,O=Y,L=Z,ST=NY,C=US
2015-08-10 06:34:33,549 | TRACE | rityTokenService | LdapClaimsHandler | .claimsHandler.LdapClaimsHandler 123 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Executing ldap search with base dn of null and filter of (&(objectclass=person)(CN=Mark Webb))
2015-08-10 06:34:33,551 | DEBUG | ) SelectorRunner | DefaultSelectionKeyHandler | y.nio.DefaultSelectionKeyHandler 94 | 386 - security-sts-ldapclaimshandler - 2.7.1 | KEY IS REGISTERED: sun.nio.ch.SelectionKeyImpl@2ca619a1
2015-08-10 06:34:33,552 | TRACE | ) SelectorRunner | ProcessorExecutor | ssfish.grizzly.ProcessorExecutor 66 | 386 - security-sts-ldapclaimshandler - 2.7.1 | executing connection (TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}). IOEvent=CONNECTED processor=org.glassfish.grizzly.filterchain.DefaultFilterChain@24fd1809
2015-08-10 06:34:33,552 | DEBUG | ) SelectorRunner | DefaultFilterChain | y.filterchain.DefaultFilterChain 280 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Execute filter. filter=org.glassfish.grizzly.filterchain.TransportFilter@28f9baa4 context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CONNECT, message=null, address=null]
2015-08-10 06:34:33,552 | DEBUG | ) SelectorRunner | DefaultFilterChain | y.filterchain.DefaultFilterChain 287 | 386 - security-sts-ldapclaimshandler - 2.7.1 | after execute filter. filter=org.glassfish.grizzly.filterchain.TransportFilter@28f9baa4 context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CONNECT, message=null, address=null] nextAction=org.glassfish.grizzly.filterchain.InvokeAction@234c7a00
2015-08-10 06:34:33,552 | DEBUG | ) SelectorRunner | DefaultFilterChain | y.filterchain.DefaultFilterChain 280 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Execute filter. filter=org.forgerock.opendj.grizzly.LDAPClientFilter@71dda81a context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CONNECT, message=null, address=null]
2015-08-10 06:34:33,553 | DEBUG | ) SelectorRunner | DefaultFilterChain | y.filterchain.DefaultFilterChain 287 | 386 - security-sts-ldapclaimshandler - 2.7.1 | after execute filter. filter=org.forgerock.opendj.grizzly.LDAPClientFilter@71dda81a context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CONNECT, message=null, address=null] nextAction=org.glassfish.grizzly.filterchain.InvokeAction@234c7a00
2015-08-10 06:34:33,554 | TRACE | rityTokenService | ProcessorExecutor | ssfish.grizzly.ProcessorExecutor 66 | 386 - security-sts-ldapclaimshandler - 2.7.1 | executing connection (TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}). IOEvent=CLOSED processor=org.glassfish.grizzly.filterchain.DefaultFilterChain@24fd1809
2015-08-10 06:34:33,554 | DEBUG | rityTokenService | DefaultFilterChain | y.filterchain.DefaultFilterChain 280 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Execute filter. filter=org.glassfish.grizzly.filterchain.TransportFilter@28f9baa4 context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CLOSE, message=null, address=null]
2015-08-10 06:34:33,555 | DEBUG | rityTokenService | DefaultFilterChain | y.filterchain.DefaultFilterChain 287 | 386 - security-sts-ldapclaimshandler - 2.7.1 | after execute filter. filter=org.glassfish.grizzly.filterchain.TransportFilter@28f9baa4 context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CLOSE, message=null, address=null] nextAction=org.glassfish.grizzly.filterchain.InvokeAction@234c7a00
2015-08-10 06:34:33,555 | DEBUG | rityTokenService | DefaultFilterChain | y.filterchain.DefaultFilterChain 280 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Execute filter. filter=org.forgerock.opendj.grizzly.LDAPClientFilter@71dda81a context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CLOSE, message=null, address=null]
2015-08-10 06:34:33,555 | DEBUG | rityTokenService | DefaultFilterChain | y.filterchain.DefaultFilterChain 287 | 386 - security-sts-ldapclaimshandler - 2.7.1 | after execute filter. filter=org.forgerock.opendj.grizzly.LDAPClientFilter@71dda81a context=FilterChainContext [connection=TCPNIOConnection{localSocketAddress={/<DDF>:54627}, peerSocketAddress={/<Active Directory>:389}}, operation=CLOSE, message=null, address=null] nextAction=org.glassfish.grizzly.filterchain.InvokeAction@234c7a00
2015-08-10 06:34:33,556 | WARN | rityTokenService | SAMLTokenProvider | token.provider.SAMLTokenProvider 174 | 244 - security-sts-server - 2.7.1 |
java.lang.NullPointerException
at java.util.Hashtable.put(Hashtable.java:514)[:1.7.0_79]
at org.ops4j.pax.logging.PaxContext.put(PaxContext.java:75)[4:org.ops4j.pax.logging.pax-logging-api:1.8.1]
at org.ops4j.pax.logging.slf4j.Slf4jLogger.setMDCMarker(Slf4jLogger.java:1140)
at org.ops4j.pax.logging.slf4j.Slf4jLogger.trace(Slf4jLogger.java:170)
at org.forgerock.i18n.slf4j.LocalizedLogger.trace(LocalizedLogger.java:5032)
at org.forgerock.opendj.io.LDAPWriter.writeBindRequest(LDAPWriter.java:157)
at org.forgerock.opendj.grizzly.GrizzlyLDAPConnection.bindAsync(GrizzlyLDAPConnection.java:293)
at org.forgerock.opendj.ldap.AbstractConnection.bindAsync(AbstractConnection.java:252)
at org.forgerock.opendj.ldap.AbstractAsynchronousConnection.bind(AbstractAsynchronousConnection.java:67)
at org.forgerock.opendj.ldap.AbstractConnection.bind(AbstractConnection.java:247)
at ddf.security.sts.claimsHandler.LdapClaimsHandler.retrieveClaimValues(LdapClaimsHandler.java:127)
at Proxy5594514c_cff3_4239_af85_88f2046a245c.retrieveClaimValues(Unknown Source)
at org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:218)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:109)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider.getStatement(ClaimsAttributeStatementProvider.java:61)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createCallbackHandler(SAMLTokenProvider.java:391)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSamlToken(SAMLTokenProvider.java:298)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:122)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:177)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:87)[244:security-sts-server:2.7.1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.7.0_79]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[:1.7.0_79]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.7.0_79]
at java.lang.reflect.Method.invoke(Method.java:606)[:1.7.0_79]
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:236)[178:org.apache.cxf.cxf-rt-ws-security:3.0.4]
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:69)[178:org.apache.cxf.cxf-rt-ws-security:3.0.4]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.7.0_79]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[:1.7.0_79]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.7.0_79]
at java.lang.reflect.Method.invoke(Method.java:606)[:1.7.0_79]
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.invoke(AbstractJAXWSMethodInvoker.java:232)[140:org.apache.cxf.cxf-rt-frontend-jaxws:3.0.4]
at org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:69)[140:org.apache.cxf.cxf-rt-frontend-jaxws:3.0.4]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:75)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)[130:org.apache.cxf.cxf-core:3.0.4]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)[:1.7.0_79]
at java.util.concurrent.FutureTask.run(FutureTask.java:262)[:1.7.0_79]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$2.run(ServiceInvokerInterceptor.java:126)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:131)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:212)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)[54:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0.0]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:268)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:110)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.authorization.AuthorizationFilter.doFilter(AuthorizationFilter.java:76)[263:security-filter-authorization:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.login.LoginFilter.doFilter(LoginFilter.java:241)[259:security-filter-login:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.websso.WebSSOFilter.doFilter(WebSSOFilter.java:125)[256:security-filter-web-sso:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.platform.filter.delegate.DelegateServletFilter.doFilter(DelegateServletFilter.java:102)[70:platform-filter-delegate:2.7.1]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:240)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:77)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.Server.handle(Server.java:366)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:957)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at java.lang.Thread.run(Thread.java:745)[:1.7.0_79]
2015-08-10 06:34:33,565 | WARN | rityTokenService | TokenIssueOperation | ts.operation.TokenIssueOperation 179 | 244 - security-sts-server - 2.7.1 |
org.apache.cxf.ws.security.sts.provider.STSException: The specified request failed
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:175)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:177)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:87)[244:security-sts-server:2.7.1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.7.0_79]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[:1.7.0_79]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.7.0_79]
at java.lang.reflect.Method.invoke(Method.java:606)[:1.7.0_79]
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:236)[178:org.apache.cxf.cxf-rt-ws-security:3.0.4]
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:69)[178:org.apache.cxf.cxf-rt-ws-security:3.0.4]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.7.0_79]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[:1.7.0_79]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.7.0_79]
at java.lang.reflect.Method.invoke(Method.java:606)[:1.7.0_79]
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.invoke(AbstractJAXWSMethodInvoker.java:232)[140:org.apache.cxf.cxf-rt-frontend-jaxws:3.0.4]
at org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:69)[140:org.apache.cxf.cxf-rt-frontend-jaxws:3.0.4]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:75)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)[130:org.apache.cxf.cxf-core:3.0.4]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)[:1.7.0_79]
at java.util.concurrent.FutureTask.run(FutureTask.java:262)[:1.7.0_79]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$2.run(ServiceInvokerInterceptor.java:126)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:131)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)[130:org.apache.cxf.cxf-core:3.0.4]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:212)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)[54:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0.0]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:268)[138:org.apache.cxf.cxf-rt-transports-http:3.0.4]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:110)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.authorization.AuthorizationFilter.doFilter(AuthorizationFilter.java:76)[263:security-filter-authorization:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.login.LoginFilter.doFilter(LoginFilter.java:241)[259:security-filter-login:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.websso.WebSSOFilter.doFilter(WebSSOFilter.java:125)[256:security-filter-web-sso:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.platform.filter.delegate.DelegateServletFilter.doFilter(DelegateServletFilter.java:102)[70:platform-filter-delegate:2.7.1]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:240)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:77)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.Server.handle(Server.java:366)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:957)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at java.lang.Thread.run(Thread.java:745)[:1.7.0_79]
Caused by: java.lang.NullPointerException
at java.util.Hashtable.put(Hashtable.java:514)[:1.7.0_79]
at org.ops4j.pax.logging.PaxContext.put(PaxContext.java:75)[4:org.ops4j.pax.logging.pax-logging-api:1.8.1]
at org.ops4j.pax.logging.slf4j.Slf4jLogger.setMDCMarker(Slf4jLogger.java:1140)
at org.ops4j.pax.logging.slf4j.Slf4jLogger.trace(Slf4jLogger.java:170)
at org.forgerock.i18n.slf4j.LocalizedLogger.trace(LocalizedLogger.java:5032)
at org.forgerock.opendj.io.LDAPWriter.writeBindRequest(LDAPWriter.java:157)
at org.forgerock.opendj.grizzly.GrizzlyLDAPConnection.bindAsync(GrizzlyLDAPConnection.java:293)
at org.forgerock.opendj.ldap.AbstractConnection.bindAsync(AbstractConnection.java:252)
at org.forgerock.opendj.ldap.AbstractAsynchronousConnection.bind(AbstractAsynchronousConnection.java:67)
at org.forgerock.opendj.ldap.AbstractConnection.bind(AbstractConnection.java:247)
at ddf.security.sts.claimsHandler.LdapClaimsHandler.retrieveClaimValues(LdapClaimsHandler.java:127)
at Proxy5594514c_cff3_4239_af85_88f2046a245c.retrieveClaimValues(Unknown Source)
at org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:218)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:109)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider.getStatement(ClaimsAttributeStatementProvider.java:61)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createCallbackHandler(SAMLTokenProvider.java:391)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSamlToken(SAMLTokenProvider.java:298)[244:security-sts-server:2.7.1]
at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:122)[244:security-sts-server:2.7.1]
... 71 more
Scott Tustison
Aug 12, 2015, 10:30:55 AM8/12/15
to ddf-users
I was not able to reproduce this particular issue on my system. I set up a separate ApacheDS server with a different base DN for users and was able to successfully log in to the Search UI with one of the users in that new server. I did find a separate issue where the LDAP Login bundle could produce a class cast exception depending on the values that you chose when configuring it. I pushed a fix for that to 2.8.x and 2.7.x as well as updating the OpenDJ dependencies for 2.7.x since they were set to SNAPSHOT versions of some OpenDJ libraries, which would have kept some things from working if someone tried to build 2.7.x from source.
I did dig through the source code from the exception that you posted and it appears that it results from trying to write out a logging message at the TRACE level. I'd try setting logging back to info or warn to see if you get a better exception, since the exception that you posted seems to be erroneous.
Scott
...
Mark
Aug 12, 2015, 11:14:16 AM8/12/15
to ddf-users
Thanks for getting back to me. I am still getting errors in the LdapClaimsHandler:
Cannot connect to server, therefore unable to set user attributes.
org.forgerock.opendj.ldap.EntryNotFoundException: No Such Entry: 0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:
''
at org.forgerock.opendf.ldap.LdapException.newLdapException(LdapException.java:181)
I have verified that the settings in the LDAP Claims Handler are the same as what I'm using in JXplorer.
Cannot connect to server, therefore unable to set user attributes.
org.forgerock.opendj.ldap.EntryNotFoundException: No Such Entry: 0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:
''
at org.forgerock.opendf.ldap.LdapException.newLdapException(LdapException.java:181)
I have verified that the settings in the LDAP Claims Handler are the same as what I'm using in JXplorer.
...
Scott Tustison
Aug 12, 2015, 5:06:59 PM8/12/15
to ddf-users
Actually, I may have spoken too soon before! It turns out that opendj and apacheds aren't as strict in their searching and allow you to search across all the base DNs. I was getting all of the attributes back anyways even though the base dn was set to null. Thanks for the bug!
Scott
...
Jason Smith
Aug 12, 2015, 6:01:50 PM8/12/15
to ddf-users
Mark - here is the ticket. https://codice.atlassian.net/browse/DDF-1416. Scott patched it into 2.7 (not released). Here is the ddf-platform branch you'll want to use if you are using 2.7.0: https://github.com/codice/ddf-platform/commits/2.7.x
- Jason
.
.
...
Mark
Aug 13, 2015, 11:38:46 AM8/13/15
to ddf-users
Thank you Scott and Jason for supporting me with this issue.
What is the easiest way to build and deploy the updated ddf-platform 2.7.x branch in my current DDF 2.7.0 deployment for testing?
Mark
...
Jason Smith
Aug 13, 2015, 12:35:02 PM8/13/15
to ddf-users
Mark -
here are the steps off the top of my head:
git clone https://github.com/codice/ddf.git
# build platform 2.7.x branch
cd ddf-platform
git checkout 2.7.x
mvn install
# update ddf 2.7.0 distribution to use ddf-platform 2.7.x
cd ../ddf
git checkout ddf-distribution-2.7.0
edit distribution/ddf/pom.xml
change the platform version to 2.7.1-SNAPSHOT
# build ddf distribution
cd .distribution/ddf
mvn install
Let me know if you run into any issues.
- Jason
...
Mark
Aug 13, 2015, 1:23:10 PM8/13/15
to ddf-users
Thanks Jason. My build is failing when trying to find support-checkstyle-2.3.1-SNAPSHOT. I looked through artifacts.codice.org and could not find that version.
Here's the output from my environment:
C:\Temp\ddf-platform>mvn -version
Apache Maven 3.3.3 (7994120775791599e205a5524ec3e0dfe41d4a06; 2015-04-22T07:57:37-04:00)
Maven home: c:\maven\bin\..
Java version: 1.8.0_51, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk1.8.0_51\jre
Default locale: en_US, platform encoding: Cp1252
OS name: "windows 7", version: "6.1", arch: "amd64", family: "dos"
Here's my output.
C:\Temp\ddf-platform>mvn install -DskipTests=true
[WARNING]
[WARNING] Some problems were encountered while building the effective settings
[WARNING] Unrecognised tag: 'repositories' (position: START_TAG seen ...</proxies>\r\n\r\n <repositories>... @25:21) @ C:\Users\webbm\.m2\settings.xml, line 25, column 21
[WARNING]
[INFO] Scanning for projects...
[WARNING]
[WARNING] Some problems were encountered while building the effective model for ddf.compression:compression-exi:bundle:2.7.1-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.owasp:dependency-check-maven is missing. @ ddf.compression:compression-exi:[unknown-version], C:\Temp\ddf-platform\compression\plat
form-compression-exi\pom.xml, line 136, column 21
[WARNING]
[WARNING] Some problems were encountered while building the effective model for ddf.platform.solr:platform-solr-server-standalone:war:2.7.1-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.owasp:dependency-check-maven is missing. @ ddf.platform.solr:platform-solr-server-standalone:[unknown-version], C:\Temp\ddf-platfor
m\solr\platform-solr-server-standalone\pom.xml, line 176, column 21
[WARNING]
[WARNING] Some problems were encountered while building the effective model for ddf.security.cas:security-cas-client:war:2.7.1-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.apache.maven.plugins:maven-war-plugin is missing. @ ddf.security.cas:security-cas-client:[unknown-version], C:\Temp\ddf-platform\se
curity\cas\security-cas-client\pom.xml, line 134, column 21
[WARNING]
[WARNING] Some problems were encountered while building the effective model for ddf.security.admin:security-admin-module:bundle:2.7.1-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for de.saumya.mojo:gem-maven-plugin is missing. @ ddf.security.admin:security-admin-module:[unknown-version], C:\Temp\ddf-platform\security
\security-admin-module\pom.xml, line 139, column 21
[WARNING]
[WARNING] Some problems were encountered while building the effective model for ddf.platform.security:docs:jar:2.7.1-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for de.saumya.mojo:gem-maven-plugin is missing. @ ddf.platform.security:docs:[unknown-version], C:\Temp\ddf-platform\security\docs\pom.xml,
line 27, column 21
[WARNING] 'build.plugins.plugin.version' for org.asciidoctor:asciidoctor-maven-plugin is missing. @ ddf.platform.security:docs:[unknown-version], C:\Temp\ddf-platform\security\docs
\pom.xml, line 35, column 21
[WARNING]
[WARNING] Some problems were encountered while building the effective model for ddf.platform:docs:jar:2.7.1-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for de.saumya.mojo:gem-maven-plugin is missing. @ ddf.platform:docs:[unknown-version], C:\Temp\ddf-platform\docs\pom.xml, line 27, column 2
1
[WARNING] 'build.plugins.plugin.version' for org.asciidoctor:asciidoctor-maven-plugin is missing. @ ddf.platform:docs:[unknown-version], C:\Temp\ddf-platform\docs\pom.xml, line 35,
column 21
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] DDF Platform
[INFO] DDF :: Platform :: Configuration
[INFO] DDF Action
[INFO] DDF Action Core
[INFO] DDF :: Action :: API
[INFO] DDF :: Action :: Implementation
[INFO] DDF Compression
[INFO] DDF :: Compression :: EXI
[INFO] DDF :: Compression :: GZip
[INFO] DDF Solr
[INFO] DDF :: Platform :: Solr :: Factory
[INFO] DDF :: Platform :: Solr :: Query
[INFO] DDF :: Platform :: Solr :: XPath
[INFO] DDF :: Platform :: Solr :: Server :: Standalone War
[INFO] DDF Persistence
[INFO] DDF :: Persistence :: Core :: API
[INFO] DDF Platform Security
[INFO] DDF Security Encryption
[INFO] DDF :: Security :: Encryption :: API
[INFO] DDF :: Persistence :: Core :: Internal Implementation
[INFO] DDF :: Persistence :: Core :: Commands
[INFO] DDF Notifications
[INFO] DDF Notifications Core
[INFO] DDF :: Platform :: Core :: Notifications API
[INFO] DDF :: Persistence :: Core :: Listeners
[INFO] DDF :: Platform :: Core :: Notifications
[INFO] DDF :: Catalog :: Core :: Notification Commands
[INFO] DDF MIME
[INFO] DDF MIME Core
[INFO] DDF :: MIME :: Core :: MIME API
[INFO] DDF MIME Tika
[INFO] DDF :: MIME :: Tika :: Tika MIME Resolver
[INFO] DDF :: MIME :: Core :: MIME Implementation
[INFO] DDF :: MIME :: Core :: ConfigurableResolver
[INFO] DDF :: MIME :: Tika :: App
[INFO] DDF Metrics
[INFO] DDF :: Metrics :: Collector
[INFO] DDF :: Metrics :: Reporting
[INFO] DDF :: Metrics :: Plugin :: WebConsole
[INFO] DDF :: Metrics :: Interceptor
[INFO] DDF :: Platform :: Scheduler
[INFO] DDF :: Platform :: Security :: Core :: API
[INFO] DDF :: Security :: Encryption :: Implementation
[INFO] DDF :: Security :: Encryption :: Commands
[INFO] DDF :: Platform :: Security :: Session
[INFO] DDF :: Platform :: Security :: Settings
[INFO] DDF Security Expansion
[INFO] DDF :: Security :: Expansion :: API
[INFO] DDF :: Security :: Expansion :: Implementation
[INFO] DDF :: Security :: Expansion :: Commands
[INFO] ddf-security-common
[INFO] DDF Security Core
[INFO] DDF :: Security :: Core :: Implementation
[INFO] DDF Security Policy
[INFO] DDF :: Security :: Policy :: API
[INFO] DDF :: Security :: Policy :: Context Manager
[INFO] DDF Security STS
[INFO] DDF :: Security :: STS :: Client Config
[INFO] DDF Security Handler
[INFO] DDF :: Security :: Handler :: API
[INFO] DDF :: Security :: STS :: Realm
[INFO] DDF :: Security :: STS :: CRL Interceptor
[INFO] DDF :: Security :: STS :: X509 Delegation Handler
[INFO] DDF :: Security :: STS :: BST Delegation Handler
[INFO] DDF :: Security :: STS :: Server
[INFO] DDF :: Security :: STS :: SAML Validator
[INFO] DDF :: Security :: STS :: X509 Validator
[INFO] DDF :: Security :: STS :: PKI Validator
[INFO] DDF :: Security :: STS :: Username Token Validator
[INFO] DDF :: Security :: STS :: LDAP Claims Handler
[INFO] DDF :: Security :: STS :: LDAP Login
[INFO] DDF :: Security :: STS :: Username BST Validator
[INFO] DDF :: Security :: STS :: Anonymous Validator
[INFO] DDF :: Security :: STS :: Anonymous Claims Handler
[INFO] DDF :: Security :: STS :: Property Claims Handler
[INFO] DDF Security CAS
[INFO] DDF :: Security :: CAS :: Client
[INFO] DDF :: Security :: CAS :: Implementation
[INFO] DDF :: Security :: CAS :: Token Validator
[INFO] DDF :: Security :: CAS :: CXF Servlet Filter
[INFO] DDF Security PDP
[INFO] DDF :: Security :: PDP :: XACML Realm
[INFO] DDF :: Security :: PDP :: Simple AuthZ Realm
[INFO] DDF Security PEP
[INFO] DDF :: Security :: PEP :: Interceptor
[INFO] DDF :: Security :: PEP :: User Attributes Map
[INFO] DDF :: Security :: PEP :: Metacard Attributes Map
[INFO] DDF :: Security :: Handler :: Basic
[INFO] DDF :: Security :: Handler :: PKI
[INFO] DDF :: Security :: Handler :: Anonymous
[INFO] DDF :: Security :: Handler :: SAML
[INFO] DDF Security Filter
[INFO] DDF :: Security :: Filter :: Web-SSO
[INFO] DDF :: Security :: Filter :: Login
[INFO] DDF :: Security :: Filter :: Authorization
[INFO] DDF Security Servlet
[INFO] DDF :: Security :: Servlet :: Logout
[INFO] DDF Security Interceptor
[INFO] DDF :: Security :: Interceptor :: Anonymous
[INFO] DDF :: Security :: Interceptor :: Anonymous :: Wrapper
[INFO] DDF Platform Error
[INFO] DDF :: Platform :: Error :: API
[INFO] DDF :: Platform :: Error :: Servlet
[INFO] security-admin-module
[INFO] DDF :: Security :: DOCS
[INFO] DDF :: Security Services App
[INFO] DDF Platform Commands
[INFO] DDF Platform Util
[INFO] DDF :: Platform :: Filter Delegate
[INFO] DDF :: Platform :: Error :: Impl
[INFO] DDF :: Platform :: HTTP to HTTPS proxy
[INFO] DDF :: Platform :: App
[INFO] DDF :: platform :: DOCS
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building DDF Platform 2.7.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- jacoco-maven-plugin:0.7.4.201502262128:prepare-agent (default-prepare-agent) @ platform ---
[INFO] argLine set to -javaagent:C:\\Users\\webbm\\.m2\\repository\\org\\jacoco\\org.jacoco.agent\\0.7.4.201502262128\\org.jacoco.agent-0.7.4.201502262128-runtime.jar=destfile=C:\\
Temp\\ddf-platform\\target\\jacoco.exec
[INFO]
[INFO] --- maven-dependency-plugin:2.4:unpack (unpack-findbugs) @ platform ---
[INFO] Configured Artifact: ddf.support:support-findbugs:2.3.1:jar
[INFO] Unpacking C:\Users\webbm\.m2\repository\ddf\support\support-findbugs\2.3.1\support-findbugs-2.3.1.jar to C:\Temp\ddf-platform\target\target\classes with includes "" and excl
udes "META-INF"
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.1:findbugs (generate-findbugs) @ platform ---
[INFO]
[INFO] --- jacoco-maven-plugin:0.7.4.201502262128:report (default-report) @ platform ---
[INFO] Skipping JaCoCo execution due to missing execution data file:C:\Temp\ddf-platform\target\jacoco.exec
[INFO]
[INFO] --- maven-checkstyle-plugin:2.9.1:check (checkstyle-check) @ platform ---
Downloading: http://artifacts.codice.org/content/groups/public/ddf/support/support-checkstyle/2.3.1-SNAPSHOT/maven-metadata.xml
Downloading: http://repository.apache.org/snapshots/ddf/support/support-checkstyle/2.3.1-SNAPSHOT/maven-metadata.xml
[WARNING] The POM for ddf.support:support-checkstyle:jar:2.3.1-SNAPSHOT is missing, no dependency information available
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] DDF Platform ....................................... FAILURE [ 3.528 s]
[INFO] DDF :: Platform :: Configuration ................... SKIPPED
[INFO] DDF Action ......................................... SKIPPED
[INFO] DDF Action Core .................................... SKIPPED
[INFO] DDF :: Action :: API ............................... SKIPPED
[INFO] DDF :: Action :: Implementation .................... SKIPPED
[INFO] DDF Compression .................................... SKIPPED
[INFO] DDF :: Compression :: EXI .......................... SKIPPED
[INFO] DDF :: Compression :: GZip ......................... SKIPPED
[INFO] DDF Solr ........................................... SKIPPED
[INFO] DDF :: Platform :: Solr :: Factory ................. SKIPPED
[INFO] DDF :: Platform :: Solr :: Query ................... SKIPPED
[INFO] DDF :: Platform :: Solr :: XPath ................... SKIPPED
[INFO] DDF :: Platform :: Solr :: Server :: Standalone War SKIPPED
[INFO] DDF Persistence .................................... SKIPPED
[INFO] DDF :: Persistence :: Core :: API .................. SKIPPED
[INFO] DDF Platform Security .............................. SKIPPED
[INFO] DDF Security Encryption ............................ SKIPPED
[INFO] DDF :: Security :: Encryption :: API ............... SKIPPED
[INFO] DDF :: Persistence :: Core :: Internal Implementation SKIPPED
[INFO] DDF :: Persistence :: Core :: Commands ............. SKIPPED
[INFO] DDF Notifications .................................. SKIPPED
[INFO] DDF Notifications Core ............................. SKIPPED
[INFO] DDF :: Platform :: Core :: Notifications API ....... SKIPPED
[INFO] DDF :: Persistence :: Core :: Listeners ............ SKIPPED
[INFO] DDF :: Platform :: Core :: Notifications ........... SKIPPED
[INFO] DDF :: Catalog :: Core :: Notification Commands .... SKIPPED
[INFO] DDF MIME ........................................... SKIPPED
[INFO] DDF MIME Core ...................................... SKIPPED
[INFO] DDF :: MIME :: Core :: MIME API .................... SKIPPED
[INFO] DDF MIME Tika ...................................... SKIPPED
[INFO] DDF :: MIME :: Tika :: Tika MIME Resolver .......... SKIPPED
[INFO] DDF :: MIME :: Core :: MIME Implementation ......... SKIPPED
[INFO] DDF :: MIME :: Core :: ConfigurableResolver ........ SKIPPED
[INFO] DDF :: MIME :: Tika :: App ......................... SKIPPED
[INFO] DDF Metrics ........................................ SKIPPED
[INFO] DDF :: Metrics :: Collector ........................ SKIPPED
[INFO] DDF :: Metrics :: Reporting ........................ SKIPPED
[INFO] DDF :: Metrics :: Plugin :: WebConsole ............. SKIPPED
[INFO] DDF :: Metrics :: Interceptor ...................... SKIPPED
[INFO] DDF :: Platform :: Scheduler ....................... SKIPPED
[INFO] DDF :: Platform :: Security :: Core :: API ......... SKIPPED
[INFO] DDF :: Security :: Encryption :: Implementation .... SKIPPED
[INFO] DDF :: Security :: Encryption :: Commands .......... SKIPPED
[INFO] DDF :: Platform :: Security :: Session ............. SKIPPED
[INFO] DDF :: Platform :: Security :: Settings ............ SKIPPED
[INFO] DDF Security Expansion ............................. SKIPPED
[INFO] DDF :: Security :: Expansion :: API ................ SKIPPED
[INFO] DDF :: Security :: Expansion :: Implementation ..... SKIPPED
[INFO] DDF :: Security :: Expansion :: Commands ........... SKIPPED
[INFO] ddf-security-common ................................ SKIPPED
[INFO] DDF Security Core .................................. SKIPPED
[INFO] DDF :: Security :: Core :: Implementation .......... SKIPPED
[INFO] DDF Security Policy ................................ SKIPPED
[INFO] DDF :: Security :: Policy :: API ................... SKIPPED
[INFO] DDF :: Security :: Policy :: Context Manager ....... SKIPPED
[INFO] DDF Security STS ................................... SKIPPED
[INFO] DDF :: Security :: STS :: Client Config ............ SKIPPED
[INFO] DDF Security Handler ............................... SKIPPED
[INFO] DDF :: Security :: Handler :: API .................. SKIPPED
[INFO] DDF :: Security :: STS :: Realm .................... SKIPPED
[INFO] DDF :: Security :: STS :: CRL Interceptor .......... SKIPPED
[INFO] DDF :: Security :: STS :: X509 Delegation Handler .. SKIPPED
[INFO] DDF :: Security :: STS :: BST Delegation Handler ... SKIPPED
[INFO] DDF :: Security :: STS :: Server ................... SKIPPED
[INFO] DDF :: Security :: STS :: SAML Validator ........... SKIPPED
[INFO] DDF :: Security :: STS :: X509 Validator ........... SKIPPED
[INFO] DDF :: Security :: STS :: PKI Validator ............ SKIPPED
[INFO] DDF :: Security :: STS :: Username Token Validator . SKIPPED
[INFO] DDF :: Security :: STS :: LDAP Claims Handler ...... SKIPPED
[INFO] DDF :: Security :: STS :: LDAP Login ............... SKIPPED
[INFO] DDF :: Security :: STS :: Username BST Validator ... SKIPPED
[INFO] DDF :: Security :: STS :: Anonymous Validator ...... SKIPPED
[INFO] DDF :: Security :: STS :: Anonymous Claims Handler . SKIPPED
[INFO] DDF :: Security :: STS :: Property Claims Handler .. SKIPPED
[INFO] DDF Security CAS ................................... SKIPPED
[INFO] DDF :: Security :: CAS :: Client ................... SKIPPED
[INFO] DDF :: Security :: CAS :: Implementation ........... SKIPPED
[INFO] DDF :: Security :: CAS :: Token Validator .......... SKIPPED
[INFO] DDF :: Security :: CAS :: CXF Servlet Filter ....... SKIPPED
[INFO] DDF Security PDP ................................... SKIPPED
[INFO] DDF :: Security :: PDP :: XACML Realm .............. SKIPPED
[INFO] DDF :: Security :: PDP :: Simple AuthZ Realm ....... SKIPPED
[INFO] DDF Security PEP ................................... SKIPPED
[INFO] DDF :: Security :: PEP :: Interceptor .............. SKIPPED
[INFO] DDF :: Security :: PEP :: User Attributes Map ...... SKIPPED
[INFO] DDF :: Security :: PEP :: Metacard Attributes Map .. SKIPPED
[INFO] DDF :: Security :: Handler :: Basic ................ SKIPPED
[INFO] DDF :: Security :: Handler :: PKI .................. SKIPPED
[INFO] DDF :: Security :: Handler :: Anonymous ............ SKIPPED
[INFO] DDF :: Security :: Handler :: SAML ................. SKIPPED
[INFO] DDF Security Filter ................................ SKIPPED
[INFO] DDF :: Security :: Filter :: Web-SSO ............... SKIPPED
[INFO] DDF :: Security :: Filter :: Login ................. SKIPPED
[INFO] DDF :: Security :: Filter :: Authorization ......... SKIPPED
[INFO] DDF Security Servlet ............................... SKIPPED
[INFO] DDF :: Security :: Servlet :: Logout ............... SKIPPED
[INFO] DDF Security Interceptor ........................... SKIPPED
[INFO] DDF :: Security :: Interceptor :: Anonymous ........ SKIPPED
[INFO] DDF :: Security :: Interceptor :: Anonymous :: Wrapper SKIPPED
[INFO] DDF Platform Error ................................. SKIPPED
[INFO] DDF :: Platform :: Error :: API .................... SKIPPED
[INFO] DDF :: Platform :: Error :: Servlet ................ SKIPPED
[INFO] security-admin-module .............................. SKIPPED
[INFO] DDF :: Security :: DOCS ............................ SKIPPED
[INFO] DDF :: Security Services App ....................... SKIPPED
[INFO] DDF Platform Commands .............................. SKIPPED
[INFO] DDF Platform Util .................................. SKIPPED
[INFO] DDF :: Platform :: Filter Delegate ................. SKIPPED
[INFO] DDF :: Platform :: Error :: Impl ................... SKIPPED
[INFO] DDF :: Platform :: HTTP to HTTPS proxy ............. SKIPPED
[INFO] DDF :: Platform :: App ............................. SKIPPED
[INFO] DDF :: platform :: DOCS ............................ SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 6.623 s
[INFO] Finished at: 2015-08-13T13:17:37-04:00
[INFO] Final Memory: 99M/1119M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-checkstyle-plugin:2.9.1:check (checkstyle-check) on project platform: Execution checkstyle-check of goal org.apache.ma
ven.plugins:maven-checkstyle-plugin:2.9.1:check failed: Plugin org.apache.maven.plugins:maven-checkstyle-plugin:2.9.1 or one of its dependencies could not be resolved: Could not fi
nd artifact ddf.support:support-checkstyle:jar:2.3.1-SNAPSHOT in codice (http://artifacts.codice.org/content/groups/public/) -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
R.A. Porter
Aug 14, 2015, 9:01:55 AM8/14/15
to ddf-users
Mark,
It looks like a SNAPSHOT version was missed when that 2.7.1 tag was created. The 2.3.1 release version of support-checkstyle was released. Check through your poms for the reference to 2.3.1-SNAPSHOT and just drop the -SNAPSHOT suffix and you should get over this hurdle.
-Richard
Mark
Aug 14, 2015, 10:36:44 AM8/14/15
to ddf-users
Not sure which tag you are referring to. Based on the instructions that Jason provided, I am working with the 2.7.x branch of ddf-platform. I could not find and references to "2.3.1-SNAPSHOT".
webbm@ddf-dev /cygdrive/c/temp/ddf-platform
$ git status
On branch 2.7.x
Your branch is up-to-date with 'origin/2.7.x'.
nothing to commit, working directory clean
webbm@ddf-dev /cygdrive/c/temp/ddf-platform
$ find . -name pom.xml -print | xargs fgrep "2.3.1-SNAPSHOT"
webbm@ddf-dev /cygdrive/c/temp/ddf-platform
$
Keith Wire
Aug 14, 2015, 11:53:34 AM8/14/15
to Mark, ddf-users
Hey Mark,
You really only need the LdapClaimsHandler bundle. Here's the steps:
1. do all the cloning and checkout the 2.7.x branch of ddf-platform
2. edit the root pom (vi ddf-platform/pom.xml) - change the <parent><version> to 3.0.2 (should be 3.0.1)
3. run `mvn clean install -Dcheckstyle.skip=true`
4. log into https://hostname:port/system/console (admin username and password)
5. search for "ldapclaimshandler" and stop the bundle (button is on the right)
6. at the top of the table select "Install/Update..." - click it and check the "Start Bundle" box and browse to your newly built ldapclaimshandler jar. - then click Install or Update
7. Verify the newly installed bundle is up and running and redo any configuration if needed.
Let me know how that works.
--Keith
--
You received this message because you are subscribed to the Google Groups "ddf-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ddf-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mark
Aug 17, 2015, 9:28:40 AM8/17/15
to ddf-users, elihu...@gmail.com
Seems as though there are SNAPSHOT dependencies in the ddf-platform pom files. I followed the instructions and at step 3, I received the following error:
[ERROR] Failed to execute goal on project persistence-core-impl: Could not resolve dependencies for project ddf.persistence.core:persistence-core-impl:bundle:2.7.0: Failed to collect dependencies at ddf.platform:platform-configuration:jar:2.7.1-SNAPSHOT: Failed to read artifact descriptor for ddf.platform:platform-configuration:jar:2.7.1-SNAPSHOT: Could not transfer artifact ddf.platform:platform-configuration:pom:2.7.1-SNAPSHOT from/to forgerock-staging-repository (http://maven.forgerock.org/repo/releases): Failed to transfer file: http://maven.forgerock.org/repo/releases/ddf/platform/platform-configuration/2.7.1-SNAPSHOT/platform-configuration-2.7.1-SNAPSHOT.pom. Return code is: 409 , ReasonPhrase:Conflict. -> [Help 1]
Mark
Aug 17, 2015, 1:50:44 PM8/17/15
to ddf-users, elihu...@gmail.com
Not sure if this is the proper approach, but I wrote a script that removed "SNAPSHOT" from all pom.xml files in ddf and ddf-platform. I then deleted my ~/.m2/repository/ddf folder and successfully rebuilt ddf and ddf-platform. I can now see the log:
2015-08-17 09:12:07,210 | TRACE | rityTokenService | LdapClaimsHandler | .claimsHandler.LdapClaimsHandler 112 | 386 - security-sts-ldapclaimshandler - 2.7.1 | Executing ldap search with base dn of DC=X,DC=Y and filter of (&(objectclass=person)(CN=Mark Webb))
So that is great news. I still cannot access the /jolokia page, so I'm working through the logs to try and figure out why.
Thanks for the continued help.
Mark
Aug 17, 2015, 3:03:50 PM8/17/15
to ddf-users, elihu...@gmail.com
Keith,
Thanks for the help. I was able to get your jar to deploy. I deployed the jar that I built from the 2.7.x branch. I added some more debugging in order to try and figure out where things are breaking. Nothing is jumping out at me, except for the stack trace at the bottom of the attached log file. Not sure if it makes sense to you. I did see the same stack trace in both your jar file and mine. I can't say for certain if I have my DDF configured properly so I don't know if you can determine anything from looking at the log file. I'd appreciate any help you could provide.
Thanks,
Mark
Scott Tustison
Aug 17, 2015, 3:33:45 PM8/17/15
to ddf-users, elihu...@gmail.com
Looks like Keith build the jar on Java 8 but you're trying to run DDF on Java 7. That won't work. Either build the jar with 7 or run DDF on 8.
Scott
Mark
Aug 17, 2015, 4:32:49 PM8/17/15
to ddf-users, elihu...@gmail.com
Got it, that was an easy fix. I am not running DDF on JDK 1.8. Chasing down a NullPointerException in LdapClaimsHandler.retrieveClaimValues at the line:
connection.bind(bindUserDN, bindUserCredentials.toCharArray());
Weird thing is that bindUserDN and bindUserCredentials are both valid and not null. I'm printing them out in the logs. My guess is that the bindUserDN is wrong, but I'm not sure what the OpenDJ libs are looking for. I wrote a sample application that uses the same libs and versions at the LdapClaimsHandler and can successfully query my ActiveDirectory Server using the same values (searchAttritues, user bind DN, user bind password..etc) as what is printed in the logs.
Mark
Aug 17, 2015, 5:08:48 PM8/17/15
to ddf-users, elihu...@gmail.com
Following the stack trace, I beleive this is the root cause. I have "ldap" set at the Realm for the Security STS PKI Token Validator. I also have "ldap" set as the realm for "/jolokia" in the Web Context Policy Manager. Is there other configurations that I must perform?
2015-08-17 13:44:38,814 | DEBUG | 21-74 - /jolokia | WebSSOFilter | urity.filter.websso.WebSSOFilter 230 | 256 - security-filter-web-sso - 2.7.1 | Exception in filter chain - passing off to handlers. Msg: Authentication token of type [class org.codice.ddf.security.handler.api.PKIAuthenticationToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.
org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.codice.ddf.security.handler.api.PKIAuthenticationToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.
at org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy.afterAllAttempts(AtLeastOneSuccessfulStrategy.java:54)[209:org.apache.shiro.core:1.2.3]
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doMultiRealmAuthentication(ModularRealmAuthenticator.java:235)[209:org.apache.shiro.core:1.2.3]
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269)[209:org.apache.shiro.core:1.2.3]
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)[209:org.apache.shiro.core:1.2.3]
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)[209:org.apache.shiro.core:1.2.3]
at ddf.security.service.impl.SecurityManagerImpl.getSubject(SecurityManagerImpl.java:90)[240:security-core-impl:2.7.1]
at ddf.security.service.impl.SecurityManagerImpl.getSubject(SecurityManagerImpl.java:67)[240:security-core-impl:2.7.1]
at Proxy93768d2a_4d85_403d_bcc1_649608cf2e77.getSubject(Unknown Source)[:]
at org.codice.ddf.security.filter.login.LoginFilter.handleAuthenticationToken(LoginFilter.java:512)[259:security-filter-login:2.7.1]
at org.codice.ddf.security.filter.login.LoginFilter.validateRequest(LoginFilter.java:304)[259:security-filter-login:2.7.1]
at org.codice.ddf.security.filter.login.LoginFilter.doFilter(LoginFilter.java:244)[259:security-filter-login:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.security.filter.websso.WebSSOFilter.handleRequest(WebSSOFilter.java:222)[256:security-filter-web-sso:2.7.1]
at org.codice.ddf.security.filter.websso.WebSSOFilter.doFilter(WebSSOFilter.java:132)[256:security-filter-web-sso:2.7.1]
at org.codice.ddf.platform.filter.delegate.ProxyFilterChain.doFilter(ProxyFilterChain.java:106)[70:platform-filter-delegate:2.7.1]
at org.codice.ddf.platform.filter.delegate.DelegateServletFilter.doFilter(DelegateServletFilter.java:102)[70:platform-filter-delegate:2.7.1]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:240)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:77)[69:org.ops4j.pax.web.pax-web-jetty:3.1.2]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.Server.handle(Server.java:366)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[60:org.eclipse.jetty.aggregate.jetty-all-server:8.1.15.v20140411]
at java.lang.Thread.run(Thread.java:745)[:1.8.0_51]
2015-08-17 13:44:38,815 | DEBUG | 21-74 - /jolokia | SAMLAssertionHandler | andler.saml.SAMLAssertionHandler 170 | 260 - security-handler-saml - 2.7.1 | In error handler for saml - clearing cookies and returning no action taken.
2015-08-17 13:44:38,815 | DEBUG | 21-74 - /jolokia | SAMLAssertionHandler | andler.saml.SAMLAssertionHandler 184 | 260 - security-handler-saml - 2.7.1 | Removing cookie org.codice.websso.saml.token
2015-08-17 13:44:38,816 | DEBUG | 21-74 - /jolokia | SAMLAssertionHandler | andler.saml.SAMLAssertionHandler 184 | 260 - security-handler-saml - 2.7.1 | Removing cookie org.codice.websso.saml.ref
2015-08-17 13:44:38,816 | DEBUG | 21-74 - /jolokia | PKIHandler | .security.handler.pki.PKIHandler 92 | 262 - security-handler-pki - 2.7.1 | In error handler for pki - no action taken.
2015-08-17 13:44:38,817 | DEBUG | 21-74 - /jolokia | WebSSOFilter | urity.filter.websso.WebSSOFilter 245 | 256 - security-filter-web-sso - 2.7.1 | Error during authentication - no error recovery attempted - returning bad request.
2015-08-17 13:44:38,818 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 347 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] SslConnection@72aba175 SSL NOT_HANDSHAKING i/o/u=0/0/0 ishut=false oshut=false {AsyncHttpConnection@13385501,g=HttpGenerator{s=2,h=542,b=1376,c=-1},p=HttpParser{s=-5,l=10,c=0},r=1} NOT_HANDSHAKING filled=0/0 flushed=0/0
2015-08-17 13:44:38,819 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 462 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] wrap OK NOT_HANDSHAKING consumed=542 produced=571
2015-08-17 13:44:38,820 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 347 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] SslConnection@72aba175 SSL NOT_HANDSHAKING i/o/u=0/0/0 ishut=false oshut=false {AsyncHttpConnection@13385501,g=HttpGenerator{s=2,h=0,b=1376,c=-1},p=HttpParser{s=-5,l=10,c=0},r=1} NOT_HANDSHAKING filled=0/0 flushed=571/0
2015-08-17 13:44:38,820 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 347 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] SslConnection@72aba175 SSL NOT_HANDSHAKING i/o/u=0/0/0 ishut=false oshut=false {AsyncHttpConnection@13385501,g=HttpGenerator{s=2,h=0,b=1376,c=-1},p=HttpParser{s=-5,l=10,c=0},r=1} NOT_HANDSHAKING filled=0/0 flushed=0/0
2015-08-17 13:44:38,821 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 347 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] SslConnection@72aba175 SSL NOT_HANDSHAKING i/o/u=0/0/0 ishut=false oshut=false {AsyncHttpConnection@13385501,g=HttpGenerator{s=2,h=0,b=1376,c=-1},p=HttpParser{s=-5,l=10,c=0},r=1} NOT_HANDSHAKING filled=0/0 flushed=0/0
2015-08-17 13:44:38,822 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 462 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] wrap OK NOT_HANDSHAKING consumed=1376 produced=1405
2015-08-17 13:44:38,822 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 347 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] SslConnection@72aba175 SSL NOT_HANDSHAKING i/o/u=0/0/0 ishut=false oshut=false {AsyncHttpConnection@13385501,g=HttpGenerator{s=2,h=0,b=0,c=-1},p=HttpParser{s=-5,l=10,c=0},r=1} NOT_HANDSHAKING filled=0/0 flushed=1405/0
2015-08-17 13:44:38,823 | DEBUG | 21-74 - /jolokia | ssl | lipse.jetty.io.nio.SslConnection 347 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | [Session-1, SSL_NULL_WITH_NULL_NULL] SslConnection@72aba175 SSL NOT_HANDSHAKING i/o/u=0/0/0 ishut=false oshut=false {AsyncHttpConnection@13385501,g=HttpGenerator{s=2,h=0,b=0,c=-1},p=HttpParser{s=-5,l=10,c=0},r=1} NOT_HANDSHAKING filled=0/0 flushed=0/0
2015-08-17 13:44:38,823 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext@18087772}
2015-08-17 13:44:38,823 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=org.apache.karaf.webconsole.features_2.4.1 [108], contextID=default]}
2015-08-17 13:44:38,824 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=org.apache.karaf.webconsole.gogo_2.4.1 [109], contextID=default]}
2015-08-17 13:44:38,824 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=org.apache.cxf.cxf-rt-transports-http_3.0.4 [138], contextID=default]}
2015-08-17 13:44:38,824 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{metrics-ui - 217}}
2015-08-17 13:44:38,825 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{platform-solr-server-standalone - 224}}
2015-08-17 13:44:38,825 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{platform-error-impl - 229}}
2015-08-17 13:44:38,825 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=security-filter-web-sso_2.7.1 [256], contextID=default]}
2015-08-17 13:44:38,825 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=security-filter-authorization_2.7.1 [263], contextID=default]}
2015-08-17 13:44:38,826 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=security-servlet-logout_2.7.1 [265], contextID=default]}
2015-08-17 13:44:38,826 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=security-filter-login_2.7.1 [259], contextID=default]}
2015-08-17 13:44:38,826 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{security-handler-anonymous - 269}}
2015-08-17 13:44:38,826 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{admin-ui - 281}}
2015-08-17 13:44:38,827 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{catalog-admin-module-sources - 332}}
2015-08-17 13:44:38,827 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{simple - 346}}
2015-08-17 13:44:38,827 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=standard_2.7.1 [347], contextID=default]}
2015-08-17 13:44:38,828 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{standard - 347}}
2015-08-17 13:44:38,828 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=search-redirect_2.7.1 [348], contextID=default]}
2015-08-17 13:44:38,828 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=DefaultHttpContext [bundle=search-endpoint_2.7.1 [350], contextID=default]}
2015-08-17 13:44:38,828 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{search-endpoint - 350}}
2015-08-17 13:44:38,829 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{spatial-wfs-v1_0_0-schema-webapp - 362}}
2015-08-17 13:44:38,829 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{admin-modules-configuration - 368}}
2015-08-17 13:44:38,829 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{admin-modules-application - 369}}
2015-08-17 13:44:38,829 | DEBUG | 21-74 - /jolokia | ContextHandler | ty.server.handler.ContextHandler 942 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | scope null||/jolokia @ HttpServiceContext{httpContext=WebAppHttpContext{SEARCH - 377}}
2015-08-17 13:44:38,829 | DEBUG | 21-74 - /jolokia | Server | org.eclipse.jetty.server.Server 367 | 60 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | RESPONSE /jolokia 400 handled=true
Mark
Aug 18, 2015, 10:00:56 AM8/18/15
to ddf-users, elihu...@gmail.com
I changed everything back to "karaf". So I have the following settings:
Security STS PKI Token Validator
- Realms : karaf
Web Context Policy Manager
- Context Realms all set to "karaf"
I am still seeing the same exceptions.
Mark
Aug 26, 2015, 9:02:40 AM8/26/15
to ddf-users, elihu...@gmail.com
Preliminary tests that demonstrate PKI Authorization appear to be working. I am hoping to document this process and provide feedback to this group. I've also added a couple tickets to JIRA that capture findings that we have come across.
Thanks all for the help.
Reply all
Reply to author
Forward
0 new messages