I'm trying to use the Docusign API for an application that I'm running locally and I see the following error:
"message":"Uncaught Error when executing a Single
Cause: com.docusign.esign.client.ApiException: Error while
requesting server, received a non successful HTTP code 400 with response Body:
'{"errorCode":"HTTPS_REQUIRED_FOR_CONNECT_LISTENER",
"message":"HTTPS required for Connect listener communication."}'
Description: com.docusign.esign.client.ApiException: Error while
requesting server, received a non successful HTTP code 400 with response Body:
'{"errorCode":"HTTPS_REQUIRED_FOR_CONNECT_LISTENER",
"message":"HTTPS required for Connect listener communication."}
I am behind a company proxy but I have been able to use the API in the past and create envelopes without an issue so I'm not sure how to address this. Any help would be greatly appreciated.
This change is discussed in the Jan release notes.
Connect can only be used with https listeners (customers' servers).
And note that the server must use a certificate that chains to a root cert in the Microsoft standard root cert list. (Self-signed certs won't work.) You can use a free cert from LetsEncrypt or a $15 cert from a reputable CA.
I'm sorry that this update caught you by surprise.
Getting error now, it was working fine before:
Fatal error: Uncaught DocuSign\eSign\Client\ApiException: Error while requesting server, received a non successful HTTP code [400] with response Body: O:8:"stdClass":2:{s:9:"errorCode";s:35:"HTTPS_REQUIRED_FOR_CONNECT_LISTENER";s:7:"message";s:50:"HTTPS required for Connect listener communication.";}
I am working on integrating Knox with Keycloak with OIDC, for the SSO and security functionalities in Hadoop Cluster.
I have congigured everthing, and now while accessing the Knox URL, it is redirecting to the Keycloak URL. After authenticating the user successfully in Keycloak, it redirects it to the Knox URL(which is configured).
But once it is redirecting, Getting the below error:
2020-11-11 08:13:48,098 ERROR knox.gateway (CommonIdentityAssertionFilter.java:doFilter(79)) - Required subject/identity not available. Check authentication/federation provider for proper configuration.
2020-11-11 08:13:48,100 ERROR knox.gateway (AbstractGatewayFilter.java:doFilter(63)) - Failed to execute filter: java.lang.IllegalStateException: Required Subject Missing
2020-11-11 08:13:48,100 ERROR knox.gateway (GatewayFilter.java:doFilter(169)) - Gateway processing failed: javax.servlet.ServletException: java.lang.IllegalStateException: Required Subject Missing
javax.servlet.ServletException: java.lang.IllegalStateException: Required Subject Missing
at org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:64)
at org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:349)
at org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:263)
at org.apache.knox.gateway.GatewayFilter.doFilter(GatewayFilter.java:167)
at org.apache.knox.gateway.GatewayServlet.doFilter(GatewayServlet.java:158)
..........
Caused by: java.lang.IllegalStateException: Required Subject Missing
at org.apache.knox.gateway.identityasserter.common.filter.CommonIdentityAssertionFilter.doFilter(CommonIdentityAssertionFilter.java:80)
at org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:349)
at org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:263)
at org.apache.knox.gateway.filter.XForwardedHeaderFilter.doFilter(XForwardedHeaderFilter.java:50)
at org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:58)
... 48 more
Any suggestions will be very much helpful.
Thanks
Jithesh
I have used dotnetcore 3.0 to develop the IdentityServer in empty Asp.net Web Application hosting.
App Service I created is dotnetcore 3.0, Windows platform.
In my dotnet core solution I created the publish output using 'dotnet publish'
It worked fine on localhost url as I consumed that url in my client application. I have only TokenPoint and from UI application I pass username/ password
Below is the logs on App service:
2020-04-02 17:41:09 NEWIDPSERVER GET / X-ARR-LOG-ID=e83b7b1e-6f40-4f67-9f0d-0f4f474e2309 443 - 112.196.168.73 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/80.0.3987.149+Safari/537.36 ARRAffinity=c450828deae8ef5774d6b51f85ad7bb411cc76cec811344524a352e00ebf3ca1 - newidpserver.azurewebsites.net 500 30 574 2913 1374 6437
2020-04-02 17:41:19 ~1NEWIDPSERVER GET /detectors type=tools&name=eventviewer&X-ARR-LOG-ID=ec15da12-ce7e-44ae-83fe-7f8f4c9c62cc 443 - 112.196.168.73 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/80.0.3987.149+Safari/537.36 ARRAffinity=c450828deae8ef5774d6b51f85ad7bb411cc76cec811344524a352e00ebf3ca1 https://newidpserver.azurewebsites.net/ newidpserver.scm.azurewebsites.net 302 0 0 1047 1590 1062
IIS Detailed Error - 500.30 - Internal Server Error
HTTP Error 500.30 - Internal Server ErrorThe page cannot be displayed because an internal server error has occurred.Most likely causes: IIS received the request; however, an internal error occurred during the processing of the request. The root cause of this error depends on which module handles the request and what was happening in the worker process when this error occurred. IIS was not able to access the web.config file for the Web site or application. This can occur if the NTFS permissions are set incorrectly. IIS was not able to process configuration for the Web site or application. The authenticated user does not have permission to use this DLL. The request is mapped to a managed handler but the .NET Extensibility Feature is not installed. Things you can try: Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server's machine account. Check the event logs to see if any additional information was logged. Verify the permissions for the DLL. Install the .NET Extensibility feature if the request is mapped to a managed handler. Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
Detailed Error Information:Module AspNetCoreModuleV2Notification ExecuteRequestHandlerHandler aspNetCoreError Code 0x8007023e
Requested URL https://newidpserver:80/.well-known/openid-configurationPhysical Path D:\home\site\wwwroot\.well-known\openid-configurationLogon Method AnonymousLogon User Anonymous
More Information:This error means that there was a problem while processing the request. The request was received by the Web server, but during processing a fatal error occurred, causing the 500 error.View more information »Microsoft Knowledge Base Articles:
2020-04-02 17:42:35 NEWIDPSERVER GET /.well-known/openid-configuration X-ARR-LOG-ID=3273401b-d59d-4e79-ba95-207ca2a8273f 443 - 112.196.168.73 - - - newidpserver.azurewebsites.net 500 30 574 2923 892 0
2020-04-02T17:44:45 No new trace in the past 1 min(s).
2020-04-02T17:45:45 No new trace in the past 2 min(s).
2020-04-02T17:46:45 No new trace in the past 3 min(s).
2020-04-02T17:47:36 Welcome, you are now connected to log-streaming service. The default timeout is 2 hours. Change the timeout with the App Setting SCM_LOGSTREAM_TIMEOUT (in seconds).
2020-04-02T17:48:36 No new trace in the past 1 min(s).
2020-04-02T17:49:07
System.ApplicationException: The trace listener AzureBlobTraceListener is disabled. ---> System.InvalidOperationException: The SAS URL for the cloud storage account is not specified. Use the environment variable 'DIAGNOSTICS_AZUREBLOBCONTAINERSASURL' to define it.at Microsoft.WindowsAzure.WebSites.Diagnostics.AzureBlobTraceListener.RefreshConfig()--- End of inner exception stack trace ---
2020-04-02T17:49:07 PID[6956] Information Loading modules from D:\Program Files (x86)\MiddlewareModules\1.2.4\Microsoft.Azure.AppService.Middleware.Modules.dll
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_AUTH_LOGOUT_PATH' = '/.auth/logout'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_AUTH_ENABLED' = 'False'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'EASY_AUTH_CONFIG_CONTENTS' = '{"preserveUrlFragmentsForLogins":false,"endpointPath":{"apiPrefix":"/.auth","logoutPath":"/.auth/logout","LogoutCompletionPath":"/.auth/logout/complete","mobileCompatibilityEnabled":false},"allowedExternalRedirectUri":{"allowedExternalRedirectUrls":null,"AllowedExternalRedirectUriCollection":[]},"nonce":{"validateNonce":true,"nonceExpirationInterval":"00:05:00"},"token":{"stateDirectory":"D:\home\data\.auth","TokenStorePath":"D:\home\data\.auth\tokens","tokenStoreEnabled":false,"tokenStoreContainerSasUrlSettingName":null,"tokenRefreshExtensionHours":72.0},"isAuthEnabled":false,"requireHttps":true,"defaultProvider":null,"unauthenticatedClientAction":0,"authConfigDirectory":null,"hideDeprecatedSecurityIds":false,"AppTracingLevel":31,"useLegacyClaims":true,"warmupPath":null,"forwardingHeader":null,"functionsExtensionVersion":null,"cookieExpirationTime":"08:00:00","azureActiveDirectory":{"openIdIssuer":null,"clientId":null,"clientSecretSettingName":null,"clientSecretCertificateThumbprint":null,"allowedAudiences":null,"loginParameters":null,"aadBypassSingleTenancyCheck":false,"activeDirectoryAcl":null,"disableWwwAuthenticateResponse":false,"OpenIdIssuerValue":null,"OpenIdConfigurationUrl":null},"facebook":{"facebookAppId":null,"facebookAppSecretSettingName":null,"facebookScope":null,"facebookGraphApiVersion":"v3.3"},"gitHub":{"gitHubAppId":null,"gitHubAppSecretSettingName":null,"gitHubScope":null},"twitter":{"twitterConsumerKey":null,"twitterConsumerSecretSettingName":null},"google":{"googleClientId":null,"googleClientSecretSettingName":null,"googleScope":null,"allowedAudiences":null},"openIdConnectProviders":null}'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_CORS_ALLOWED_ORIGINS' = ''
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_CORS_SUPPORT_CREDENTIALS' = 'False'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_AUTH_LOGOUT_PATH' = '/.auth/logout'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_AUTH_ENABLED' = 'False'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'EASY_AUTH_CONFIG_CONTENTS' = '{"preserveUrlFragmentsForLogins":false,"endpointPath":{"apiPrefix":"/.auth","logoutPath":"/.auth/logout","LogoutCompletionPath":"/.auth/logout/complete","mobileCompatibilityEnabled":false},"allowedExternalRedirectUri":{"allowedExternalRedirectUrls":null,"AllowedExternalRedirectUriCollection":[]},"nonce":{"validateNonce":true,"nonceExpirationInterval":"00:05:00"},"token":{"stateDirectory":"D:\home\data\.auth","TokenStorePath":"D:\home\data\.auth\tokens","tokenStoreEnabled":false,"tokenStoreContainerSasUrlSettingName":null,"tokenRefreshExtensionHours":72.0},"isAuthEnabled":false,"requireHttps":true,"defaultProvider":null,"unauthenticatedClientAction":0,"authConfigDirectory":null,"hideDeprecatedSecurityIds":false,"AppTracingLevel":31,"useLegacyClaims":true,"warmupPath":null,"forwardingHeader":null,"functionsExtensionVersion":null,"cookieExpirationTime":"08:00:00","azureActiveDirectory":{"openIdIssuer":null,"clientId":null,"clientSecretSettingName":null,"clientSecretCertificateThumbprint":null,"allowedAudiences":null,"loginParameters":null,"aadBypassSingleTenancyCheck":false,"activeDirectoryAcl":null,"disableWwwAuthenticateResponse":false,"OpenIdIssuerValue":null,"OpenIdConfigurationUrl":null},"facebook":{"facebookAppId":null,"facebookAppSecretSettingName":null,"facebookScope":null,"facebookGraphApiVersion":"v3.3"},"gitHub":{"gitHubAppId":null,"gitHubAppSecretSettingName":null,"gitHubScope":null},"twitter":{"twitterConsumerKey":null,"twitterConsumerSecretSettingName":null},"google":{"googleClientId":null,"googleClientSecretSettingName":null,"googleScope":null,"allowedAudiences":null},"openIdConnectProviders":null}'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_CORS_ALLOWED_ORIGINS' = ''
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_CORS_SUPPORT_CREDENTIALS' = 'False'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_AUTH_SIGNING_KEY' = '0F****'
2020-04-02T17:49:08 PID[6956] Verbose Detected application setting 'WEBSITE_AUTH_ENCRYPTION_KEY' = 'CE****'
IIS Detailed Error - 500.0 - Internal Server Error
HTTP Error 500.0 - Internal Server ErrorThe page cannot be displayed because an internal server error has occurred.Most likely causes: IIS received the request; however, an internal error occurred during the processing of the request. The root cause of this error depends on which module handles the request and what was happening in the worker process when this error occurred. IIS was not able to access the web.config file for the Web site or application. This can occur if the NTFS permissions are set incorrectly. IIS was not able to process configuration for the Web site or application. The authenticated user does not have permission to use this DLL. The request is mapped to a managed handler but the .NET Extensibility Feature is not installed. Things you can try: Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server's machine account. Check the event logs to see if any additional information was logged. Verify the permissions for the DLL. Install the .NET Extensibility feature if the request is mapped to a managed handler. Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
Detailed Error Information:Module AspNetCoreModuleV2Notification ExecuteRequestHandlerHandler aspNetCoreError Code 0x00000000
Requested URL https://newidpserver:80/.well-known/openid-configurationPhysical Path D:\home\site\wwwroot\.well-known\openid-configurationLogon Method AnonymousLogon User Anonymous
More Information:This error means that there was a problem while processing the request. The request was received by the Web server, but during processing a fatal error occurred, causing the 500 error.View more information »Microsoft Knowledge Base Articles:
2:
https://i.stack.imgur.com/zeALq.png
Token on my local:
ack.imgur.com/X6Ch3.png
You can publish you webapps by vscode, if you has something with your visual studio.
Add Extensions about azure, and open your project which created by visual studio. Run it in local make sure you can open the site.
Then you can deploy you apps follow the document about publish app by vscode .I suggest you deploy apps by visual studio. I think it's easy publishing with Visual Studio.
I am trying to send the file to sftp using Spring Integration sftp outbound channel adapter.
<int-sftp:outbound-channel-adapter id="sftpOutboundAdapter" session-factory="sftpSessionFactory"channel="sftpChannel" charset="UTF-8" remote-directory="/sftp/home/sftp_foler" remote-filename-generator-expression="'dummy.txt'"/>
I am getting the below error..
Caused by: java.lang.IllegalStateException: failed to connect
at org.springframework.integration.sftp.session.SftpSession.connect(SftpSession.java:272)
at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:377)
... 42 more
Caused by: com.jcraft.jsch.JSchException: reject HostKey: myHost
at com.jcraft.jsch.Session.checkHost(Session.java:791)
at com.jcraft.jsch.Session.connect(Session.java:342)
at com.jcraft.jsch.Session.connect(Session.java:183)
at org.springframework.integration.sftp.session.SftpSession.connect(SftpSession.java:263)
I guess, I may have to set StrictHostKeyChecking to no, but how to set the value in sftp outbound gateway?
Please provide your valuable suggestion.
Maybe this one:
Previously, the DefaultSftpSessionFactory unconditionally allowed connections to unknown hosts. This is now configurable (default false).
The factory now requires a configured knownHosts file unless the allowUnknownKeys property is true (default false).
http://docs.spring.io/spring-integration/reference/html/whats-new.html#_default_sftp_session_factory
I am getting this exception while trying to invoke PingFederae StartSSO.ping endpoint.
12:49:54,153 DEBUG [IntegrationControllerServlet] GET: https://localhost:9031/idp/startSSO.ping
12:49:54,157 DEBUG [IdpAdapterSupportBase] IdP Adapter Selection disabled, performing legacy adapter selection.
12:49:54,157 DEBUG [HttpServletRespProxy] adding lazy cookie Cookie{PF=F1OpbNzE8iYqMJq6UcG5waLotsmXsBxdLFrhrm8OVFYE; path=/; maxAge=-1; domain=null} replacing Cookie{PF=F1OpbNzE8iYqMJq6UcG5wa; path=/; maxAge=-1; domain=null}
12:49:54,157 DEBUG [InterReqStateMgmtMapImpl] setAttr(oldKey: null, newKey: LotsmXsBxdLFrhrm8OVFYE, name: NUMBER_OF_ATTEMPTS, value: 1)
12:49:54,157 DEBUG [HttpServletRespProxy] flush cookies: adding Cookie{PF=F1OpbNzE8iYqMJq6UcG5waLotsmXsBxdLFrhrm8OVFYE; path=/; maxAge=-1; domain=null}
12:49:54,160 DEBUG [BindingServiceImpl] Not transporting protocol response message because the HTTP response has been committed (this is a normal condition usually due to an adapter or other component redirecting the user or writing its own content to the response).
12:49:54,232 DEBUG [IntegrationControllerServlet] GET: https://localhost:9031/idp/ENvrS/resumeSAML20/idp/startSSO.ping
12:49:54,233 DEBUG [IdpAdapterSupportBase] IdP Adapter Selection disabled, performing legacy adapter selection.
12:49:54,233 DEBUG [InterReqStateMgmtMapImpl] getAttr(key: LotsmXsBxdLFrhrm8OVFYE, name: NUMBER_OF_ATTEMPTS): 1
12:49:54,233 DEBUG [HttpServletRespProxy] adding lazy cookie Cookie{PF=F1OpbNzE8iYqMJq6UcG5waTbQaafveigalePVvdwcdta; path=/; maxAge=-1; domain=null} replacing null
12:49:54,233 DEBUG [InterReqStateMgmtMapImpl] setAttr(oldKey: LotsmXsBxdLFrhrm8OVFYE, newKey: TbQaafveigalePVvdwcdta, name: NUMBER_OF_ATTEMPTS, value: 2)
12:49:54,233 DEBUG [InterReqStateMgmtMapImpl] Object removeAttr(key: TbQaafveigalePVvdwcdta, name: NUMBER_OF_ATTEMPTS): 2
12:49:54,233 DEBUG [TrackingIdSupport] [cross-reference-message] entityid:sbwb-ppc-idp subject:null
12:49:54,233 ERROR [HandleAuthnRequest] Exception occurred during request processing
org.sourceid.websso.profiles.RequestProcessingException: Unexpected Runtime Authn Adapter Integration Problem.
at org.sourceid.websso.profiles.ResumableRequestHandlerBase.resume(ResumableRequestHandlerBase.java:54)
at org.sourceid.websso.profiles.ResumableRequestHandlerBase.resume(ResumableRequestHandlerBase.java:78)
at org.sourceid.saml20.profiles.ProfileProcessManager.resumeHandleRequest(ProfileProcessManager.java:73)
at $ProfileProcessMgmtService_1461cd08008.resumeHandleRequest($ProfileProcessMgmtService_1461cd08008.java)
at org.sourceid.websso.servlet.IntegrationControllerServlet.process(IntegrationControllerServlet.java:63)
at org.sourceid.websso.servlet.EnforcerServletBase.checkProcess(EnforcerServletBase.java:89)
at org.sourceid.websso.servlet.EnforcerServletBase.doGet(EnforcerServletBase.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:669)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1448)
at org.sourceid.servlet.filter.NoCacheFilter.doFilter(NoCacheFilter.java:55)
at org.sourceid.servlet.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:53)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1419)
at org.sourceid.websso.servlet.ProxyFilter.doFilter(ProxyFilter.java:34)
at org.sourceid.servlet.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:53)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1419)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:455)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1075)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:384)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1009)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:126)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:368)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:488)
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:932)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:994)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:640)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Thread.java:722)
Caused by: org.sourceid.saml20.adapter.AuthnAdapterException: org.sourceid.saml20.adapter.AuthnAdapterException: Could not obtain attributes from the IdP Authentication Service.
at org.sourceid.saml20.profiles.idp.IdpAdapterSupportBase.lookupAuthN(IdpAdapterSupportBase.java:141)
at org.sourceid.saml20.profiles.idp.HandleAuthnRequest.doResume(HandleAuthnRequest.java:245)
at org.sourceid.saml20.profiles.ResumableRequestHandlerBase.exeResume(ResumableRequestHandlerBase.java:66)
at org.sourceid.websso.profiles.ResumableRequestHandlerBase.resume(ResumableRequestHandlerBase.java:50)
... 43 more
Caused by: org.sourceid.saml20.adapter.AuthnAdapterException: Could not obtain attributes from the IdP Authentication Service.
at com.pingidentity.adapters.opentoken.IdpAuthnAdapter.lookupAuthNHelper(IdpAuthnAdapter.java:159)
at com.pingidentity.adapters.opentoken.IdpAuthnAdapter.lookupAuthN(IdpAuthnAdapter.java:78)
at org.sourceid.websso.authn.AdapterAuthnProcessor.lookupAuthN(AdapterAuthnProcessor.java:96)
at org.sourceid.saml20.profiles.idp.IdpAdapterSupportBase.lookupAuthN(IdpAdapterSupportBase.java:132)
... 46 more
12:49:54,238 DEBUG [HttpServletRespProxy] flush cookies: adding Cookie{PF=F1OpbNzE8iYqMJq6UcG5waTbQaafveigalePVvdwcdta; path=/; maxAge=-1; domain=null}
12:49:54,239 DEBUG [BindingServiceImpl] Not transporting protocol response message because the HTTP response has been committed (this is a normal condition usually due to an adapter or other component redirecting the user or writing its own content to the response).
And i think this exception is invoked when the PingFederate cannot find the OpenToken generated by application. But the cookie is present in the browser.
And the Ping Federate Application shows the error page :
And my Idp Adapter setting looks like :
cookie-path=/
use-verbose-error-messages=false
cipher-suite=2
obfuscate-password=true
session-cookie=false
password=Kyx+ElfeRRDkPRYZoVF3BQ==
token-name=opentoken
cookie-domain=.banka.liferay.com
token-notbefore-tolerance=0
token-renewuntil=43200
use-sunjce=false
secure-cookie=false
token-lifetime=300
use-cookie=true
I am struggling to find out the cause of this problem. But with no success.
What could be the cause of this problem? Is it related to Ping Federate or am i missing something in my configuration ?
And here is the Screen-shot of IdP Adapter :
And here is the summary of SP Connection :
Could it be that you're redirected to the resume URL with the hostname being localhost? In that case your browser won't send a cookie issued to .banka.liferay.com to the server, hence the error.