What steps will reproduce the problem?
1. Configure PWM to Enable and force Setup Responses and enable Store NMAS
responses as well.
2. Login as user and setup responses.
3. Try to save the responses
What is the expected output?
Both NMAS responses and pwmResponseSet should be updated after the save.
What do you see instead?
I get the following error message after saving:
PWM 5015
Unexpected error. If this error occurs repeatedly please contact your helpdesk.
{ 5015 ERROR_UNKNOWN (cannot save response for 'What is the name of the main
character in your favorite book?' to NMAS, cleartext answer is not available) }
Catalina.out throws an error:
2013-04-05 10:52:00, TRACE, pwm.SessionFilter, {1g,Dhr Drs. S. Veldhuisen} POST
request for: /pwm/private/SetupResponses [127.0.0.1/localhost]
PwmResponse_R_Random_0=***removed***
PwmResponse_R_Random_2=***removed***
pwmFormID='4szXg2OEudi9hOrqZexqrjWKMxFZFTVK13dd963882abh76f5'
PwmResponse_R_Random_1=***removed***
PwmResponse_R_Random_3=***removed***
PwmResponse_Q_Random_2='What city / town were you born in?'
PwmResponse_Q_Random_3='What was your favorite show as a child?'
PwmResponse_Q_Random_0='What is the name of the main character in your favorite book?'
PwmResponse_Q_Random_1='What is the name of your favorite pet?'
processAction='setResponses'
2013-04-05 10:52:00, TRACE, servlet.SetupResponsesServlet, {1g,Dhr Drs. S.
Veldhuisen} new user responses are acceptable [127.0.0.1/localhost]
2013-04-05 10:52:00, DEBUG, provider.WatchdogWrapper, reopening ldap connection
for cn=x,ou=users,o=meta
2013-04-05 10:52:00, TRACE, provider.JNDIProviderImpl, bind successful as
cn=x,ou=users,o=meta (111ms)
2013-04-05 10:52:00, TRACE, provider.ChaiProviderFactory, adding
WatchdogWrapper to provider instance
2013-04-05 10:52:00, TRACE, provider.WatchdogWrapper, checking for user
password expiration to adjust watchdog timeout
2013-04-05 10:52:00, TRACE, provider.ChaiProviderFactory, adding
StatisticsWrapper to provider instance
2013-04-05 10:52:00, INFO , cr.ChaiResponseSet, successfully wrote Chai
challenge/response set for user cn=x,ou=users,o=meta
2013-04-05 10:52:00, INFO , operations.CrUtility, {1g,Dhr Drs. S. Veldhuisen}
saved responses for user to chai-ldap format [127.0.0.1/localhost]
2013-04-05 10:52:00, WARN , servlet.TopServlet, {1g,Dhr Drs. S. Veldhuisen}
unexpected pwm error during page generation: cannot save response for 'What is
the name of the main character in your favorite book?' to NMAS, cleartext
answer is not available [127.0.0.1/localhost]
java.lang.IllegalArgumentException: cannot save response for 'What is the name
of the main character in your favorite book?' to NMAS, cleartext answer is not
available
at password.pwm.util.operations.CrUtility.writeResponses(CrUtility.java:553)
at password.pwm.util.operations.CrUtility.writeResponses(CrUtility.java:438)
at password.pwm.servlet.SetupResponsesServlet.saveResponses(SetupResponsesServlet.java:268)
at password.pwm.servlet.SetupResponsesServlet.advanceToNextStage(SetupResponsesServlet.java:171)
at password.pwm.servlet.SetupResponsesServlet.handleSetupResponses(SetupResponsesServlet.java:260)
at password.pwm.servlet.SetupResponsesServlet.processRequest(SetupResponsesServlet.java:116)
at password.pwm.servlet.TopServlet.handleRequest(TopServlet.java:82)
at password.pwm.servlet.TopServlet.doPost(TopServlet.java:144)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at password.pwm.AuthenticationFilter.processAuthenticatedSession(AuthenticationFilter.java:132)
at password.pwm.AuthenticationFilter.doFilter(AuthenticationFilter.java:80)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at password.pwm.SessionFilter.processFilter(SessionFilter.java:233)
at password.pwm.SessionFilter.doFilter(SessionFilter.java:81)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at password.pwm.GZIPFilter.doFilter(GZIPFilter.java:45)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at password.pwm.ApplicationModeFilter.doFilter(ApplicationModeFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:722)
2013-04-05 10:52:00, TRACE, util.PwmMacroMachine, replaced Macro @User:ID@ with
value: Dhr Drs. S. Veldhuisen
2013-04-05 10:52:00, DEBUG, pwm.SessionManager, {1g} closing user ldap
connection [127.0.0.1/localhost]
2013-04-05 10:52:00, DEBUG, pwm.PwmSession, {1g} unauthenticate session from
127.0.0.1 (cn=x,ou=users,o=meta) [127.0.0.1/localhost]
It looks like the Response to the first Challenge is not properly passed to
NMAS.
What version of the product are you using?
Daily build (data-pwm-version="1.7.0 (RC1)" data-pwm-build="1216")
On what operating system?
SLES 11 SP1
Please provide any additional information below.
eDirectory for Linux x86_64 v8.8 SP7 is used as a LDAP directory.
Original issue reported on code.google.com by sebastia...@gmail.com on 5 Apr 2013 at 9:03
Original issue reported on code.google.com by
sebastia...@gmail.com
on 5 Apr 2013 at 9:03