Re: Issues with SSO - SAML

TianRong Ong Mon, 04 Nov 2024 05:12:42 -0800

Hi,

Have set the logback_level in the logback.xml to even trace but there is
nothing more that came out from the error.
<!-- Log at INFO level -->
    <root level="trace">
        <appender-ref ref="GUAC-DEFAULT" />
    </root>


Below is the whole chain of error before hitting the saml unable to load.
would that be something that would be useful ? something to do with the
REST endpoint ?

[2024-11-04 13:00:43] [info] Starting ProtocolHandler
["https-openssl-nio-443"]
[2024-11-04 13:00:43] [info] Server startup in [5928] milliseconds
[2024-11-04 13:00:43] [info] 21:00:43.759 [https-openssl-nio-443-exec-7]
ERROR o.a.g.rest.RESTExceptionMapper - An internal error occurred, but did
not contain an error message. Enable debug-level logging for details.
[2024-11-04 13:00:43] [info] 21:00:43.759 [https-openssl-nio-443-exec-7]
DEBUG o.a.g.rest.RESTExceptionMapper - Unexpected error in REST endpoint.
[2024-11-04 13:00:43] [info] java.lang.NullPointerException: null
[2024-11-04 13:00:43] [info] #011at
org.apache.guacamole.auth.saml.conf.ConfigurationService.getSamlSettings(ConfigurationService.java:361)
[2024-11-04 13:00:43] [info] #011at
org.apache.guacamole.auth.saml.acs.SAMLService.createRequest(SAMLService.java:77)
[2024-11-04 13:00:43] [info] #011at
org.apache.guacamole.auth.saml.AuthenticationProviderService.getLoginURI(AuthenticationProviderService.java:109)
[2024-11-04 13:00:43] [info] #011at
org.apache.guacamole.auth.sso.SSOResource.redirectToIdentityProvider(SSOResource.java:55)
[2024-11-04 13:00:43] [info] #011at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
[2024-11-04 13:00:43] [info] #011at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
[2024-11-04 13:00:43] [info] #011at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[2024-11-04 13:00:43] [info] #011at
java.base/java.lang.reflect.Method.invoke(Method.java:566)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:146)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:189)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:176)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:93)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:478)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:400)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:81)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:256)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.internal.Errors.process(Errors.java:292)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.internal.Errors.process(Errors.java:274)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.internal.Errors.process(Errors.java:244)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:235)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:684)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:359)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:312)
[2024-11-04 13:00:43] [info] #011at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:290)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:280)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:184)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:89)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:121)
[2024-11-04 13:00:43] [info] #011at
com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
[2024-11-04 13:00:43] [info] #011at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:359)
[2024-11-04 13:00:43] [info] #011at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
[2024-11-04 13:00:43] [info] #011at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
[2024-11-04 13:00:43] [info] #011at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:889)
[2024-11-04 13:00:43] [info] #011at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1735)
[2024-11-04 13:00:43] [info] #011at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
[2024-11-04 13:00:43] [info] #011at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
[2024-11-04 13:00:43] [info] #011at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
[2024-11-04 13:00:43] [info] #011at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[2024-11-04 13:00:43] [info] #011at
java.base/java.lang.Thread.run(Thread.java:829)
[2024-11-04 13:00:55] [info] RedirectFilter: https
[2024-11-04 13:00:55] [info] 21:00:55.392 [https-openssl-nio-443-exec-7]
WARN  o.a.g.e.AuthenticationProviderFacade - The "saml" authentication
provider has been skipped due to an internal error. If this is unexpected
or you are the developer of this authentication provider, you may wish to
enable debug-level logging: null
[2024-11-04 13:00:55] [info] 21:00:55.392 [https-openssl-nio-443-exec-7]
DEBUG o.a.g.e.AuthenticationProviderFacade - Authentication provider
skipped due to an internal failure.

Regards,
TR


On Thu, Oct 31, 2024 at 12:31 AM Der PCFreak <mailingli...@pcfreak.de>
wrote:

> Hi,
>
> Nginx was just an example - the overall point was that you need to make
> sure that the HTTPS protocol scheme is being maintained throughout the
> entire redirect chain. However, given some of the error messages you're
> receiving below, I'm not sure that's actually what is going on.
>
> I think for SAML if you set SAML_STRICT to false (docker/podman
> environment variable) or saml-strict (configuration file) to false
> it should also work if not the entire chain is https. That happened to me
> when using SAML behind nginx to a local container.
>
> As Nick already pointed out you should enable debugging to get more
> detailled information to find out what the error is related to.
> (set LOGBACK_LEVEL/logback-level to debug)
>
> Regards
>
> Peter
> &#8203;
>

Re: Issues with SSO - SAML

Reply via email to