Open torsten-sap opened 6 months ago
We have created an issue in Pivotal Tracker to manage this:
https://www.pivotaltracker.com/story/show/187088205
The labels on this github issue will be updated when the story is started.
Reproduce the issue:
Open /login
The IdentityZone should be usable even without SAML keys, but there is execption:
.....a.lang.NullPointerException: Cannot invoke "org.springframework.security.saml.key.KeyManager.getDefaultCredentialName()" because the return value of "org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder.getSamlSPKeyManager()" is null at org.cloudfoundry.identity.uaa.provider.saml.ZoneAwareKeyManager.getDefaultCredentialName(ZoneAwareKeyManager.java:41) ~[cloudfoundry-identity-server-0.0.0.jar:?] at org.springframework.security.saml.metadata.MetadataGenerator.getSigningKey(MetadataGenerator.java:802) ~[spring-security-saml2-core-1.0.10.RELEASE.jar:1.0.10.RELEASE] at org.springframework.security.saml.metadata.MetadataGenerator.buildSPSSODescriptor(MetadataGenerator.java:323) ~[spring-security-saml2-core-1.0.10.RELEASE.jar:1.0.10.RELEASE] at org.cloudfoundry.identity.uaa.provider.saml.ZoneAwareMetadataGenerator.buildSPSSODescriptor(ZoneAwareMetadataGenerator.java:101) ~[cloudfoundry-identity-server-0.0.0.jar:?] at org.springframework.security.saml.metadata.MetadataGenerator.generateMetadata(MetadataGenerator.java:189) ~[spring-security-saml2-core-1.0.10.RELEASE.jar:1.0.10.RELEASE]
We will plan to look into it to prioritize in next iteration planning session.
What version of UAA are you running?
76.30
How are you deploying the UAA?
What did you do?
Usage of UAA without the need of SAML.
What did you expect to see? What goal are you trying to achieve with the UAA?
No need to configure SAML SP (including private key + certificate etc.) in uaa.yml.
What did you see instead?
SAML SP configuration (private key + certificate etc.) is required in uaa.yml. Otherwise, UAA will not startup.