Error: "entityId cannot be null or empty" in cBioPortal SAML2 Integration with Keycloak
142 views
Skip to first unread message
Rye Visualization
Mar 24, 2025, 8:01:08 AM3/24/25
to cBioPortal for Cancer Genomics Discussion Group
Hi everyone,
I'm encountering an issue when deploying cBioPortal with SAML2 authentication using Keycloak in Docker. I followed the guide from the cBioPortal documentation on Using Keycloak in Docker and I'm running Keycloak version 18.0.2.
Issue Description:
Every time I try to start the services, the cBioPortal service fails with the following error:
... 20 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'relyingPartyRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.class]: Failed to instantiate [org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository]: Factory method 'relyingPartyRegistrationRepository' threw exception with message: entityId cannot be null or empty
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:654) ~[spring-beans-6.0.12.jar:6.0.12]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:642) ~[spring-beans-6.0.12.jar:6.0.12]
... 50 common frames omitted
Below is the relevant section from my application.properties:
spring.security.saml2.relyingparty.registration.cbioportal.entity-id=https://vm21197.virt.gwdg.de
spring.security.saml2.relyingparty.registration.cbioportal.assertion-consumer-service-url=https://vm21197.virt.gwdg.de/login/saml2/sso/cbioportal
spring.security.saml2.relyingparty.registration.cbioportal.idp.metadata-location=file:/opt/docker/testSSL/cbioportal-docker-compose/metadata/client-tailored-saml-idp-metadata.xml
spring.security.saml2.relyingparty.registration.cbioportal.signing.credentials[0].private-key-location=file:/cbioportal-webapp/WEB-INF/classes/privateKey_pkcs8.pem
spring.security.saml2.relyingparty.registration.cbioportal.signing.credentials[0].certificate-location=file:/opt/docker/testSSL/cbioportal-docker-compose/letsencrypt/live/vm21197.virt.gwdg.de-0001/cert.pem
I’ve verified that the metadata file exists at the specified location and that its contents include a valid IdP entityID (e.g., entityID="https://vm21197.virt.gwdg.de/realms/cbioportal"). Despite this, the error persists indicating that an entityId is null or empty.
Any insights or suggestions on how to resolve the "entityId cannot be null or empty" error would be greatly appreciated!
Thanks in advance for your help.
I'm encountering an issue when deploying cBioPortal with SAML2 authentication using Keycloak in Docker. I followed the guide from the cBioPortal documentation on Using Keycloak in Docker and I'm running Keycloak version 18.0.2.
Issue Description:
Every time I try to start the services, the cBioPortal service fails with the following error:
... 20 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'relyingPartyRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.class]: Failed to instantiate [org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository]: Factory method 'relyingPartyRegistrationRepository' threw exception with message: entityId cannot be null or empty
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:654) ~[spring-beans-6.0.12.jar:6.0.12]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:642) ~[spring-beans-6.0.12.jar:6.0.12]
... 50 common frames omitted
Below is the relevant section from my application.properties:
spring.security.saml2.relyingparty.registration.cbioportal.entity-id=https://vm21197.virt.gwdg.de
spring.security.saml2.relyingparty.registration.cbioportal.assertion-consumer-service-url=https://vm21197.virt.gwdg.de/login/saml2/sso/cbioportal
spring.security.saml2.relyingparty.registration.cbioportal.idp.metadata-location=file:/opt/docker/testSSL/cbioportal-docker-compose/metadata/client-tailored-saml-idp-metadata.xml
spring.security.saml2.relyingparty.registration.cbioportal.signing.credentials[0].private-key-location=file:/cbioportal-webapp/WEB-INF/classes/privateKey_pkcs8.pem
spring.security.saml2.relyingparty.registration.cbioportal.signing.credentials[0].certificate-location=file:/opt/docker/testSSL/cbioportal-docker-compose/letsencrypt/live/vm21197.virt.gwdg.de-0001/cert.pem
I’ve verified that the metadata file exists at the specified location and that its contents include a valid IdP entityID (e.g., entityID="https://vm21197.virt.gwdg.de/realms/cbioportal"). Despite this, the error persists indicating that an entityId is null or empty.
Any insights or suggestions on how to resolve the "entityId cannot be null or empty" error would be greatly appreciated!
Thanks in advance for your help.
Gaofei Zhao
Mar 25, 2025, 3:24:43 PM3/25/25
to Rye Visualization, cBioPortal for Cancer Genomics Discussion Group
Hi Rye,
If your cBioPortal version is greater than 6, you can refer to this documentation to set up your saml authentication.
I have also included one example of our production portal instance for your reference.
I have also included one example of our production portal instance for your reference.
Please let me know if you have any questions. You can use "Reply All" when replying to this email so that your message will also be updated in the group.
Best,
Gaofei
--
You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/cbioportal/be9cfb47-5927-4f61-bec3-e77c9537cfdfn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages