search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
741 stars 719 forks source link

Error occurred if WSO2 Local Claim dialect is configured as Service Provider Claim Dialect #4012

Open sahanruwanga opened 5 years ago

sahanruwanga commented 5 years ago

Issue When configuring Service Provider Claim Configuration, there is a drop box to select Service Provider Claim Dialect. It lists down all the available claim dialects including the Local Claim Dialect (http://wso2.org/claims) too. If Local Claim Dialect is selected and save, it produces an error when user tries to log in to SP application.

Reason It causes because of try to find http://wso2.org/claims as an external claim dialect.

Solution http://wso2.org/claims dialect is not required in the Service Provider Claim Dialect drop box. It can be removed from drop-down list.

Log Error

[2018-11-21 17:25:46,686]  INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  'admin@carbon.super [-1234]' logged in at [2018-11-21 17:25:46,686+0530]

[2018-11-21 17:27:05,548] ERROR {org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig} -  Error when getting external claims of dialect: http://wso2.org/claims
org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException: Invalid external claim dialect http://wso2.org/claims
    at org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementServiceImpl.getExternalClaims(ClaimMetadataManagementServiceImpl.java:218)
    at org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig.lambda$setSpDialectClaims$1(ApplicationConfig.java:335)
    at java.util.Arrays$ArrayList.forEach(Arrays.java:3880)
    at org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig.setSpDialectClaims(ApplicationConfig.java:331)
    at org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig.<init>(ApplicationConfig.java:93)
    at org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader.getSequence(UIBasedConfigurationLoader.java:153)
    at org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader.getSequenceConfig(UIBasedConfigurationLoader.java:80)
    at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.AbstractRequestCoordinator.getSequenceConfig(AbstractRequestCoordinator.java:64)
    at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.findPreviousAuthenticatedSession(DefaultRequestCoordinator.java:400)
    at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.initializeFlow(DefaultRequestCoordinator.java:331)
    at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:145)
    at org.wso2.carbon.identity.application.authentication.framework.CommonAuthenticationHandler.doPost(CommonAuthenticationHandler.java:46)
    at org.wso2.carbon.identity.application.authentication.framework.CommonAuthenticationHandler.doGet(CommonAuthenticationHandler.java:37)
    at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.sendRequestToFramework(SAMLSSOProviderServlet.java:1289)
    at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.sendToFrameworkForAuthentication(SAMLSSOProviderServlet.java:598)
    at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleSPInitSSO(SAMLSSOProviderServlet.java:491)
    at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.handleRequest(SAMLSSOProviderServlet.java:236)
    at org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.doGet(SAMLSSOProviderServlet.java:116)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
    at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
    at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.wso2.carbon.identity.captcha.filter.CaptchaFilter.doFilter(CaptchaFilter.java:76)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88)
shavantha commented 5 years ago

hi sahanruwanga which version of the identity server was this issue on

sahanruwanga commented 5 years ago

hi sahanruwanga which version of the identity server was this issue on

Hi, I found it on version 5.7.0

kranidiotis commented 4 years ago

Hi the same problem occurs also in 5.8.0

ahmedelfaleh commented 4 years ago

Also in 5.9.0