2 Replies Latest reply on May 9, 2016 2:28 PM by Leonardo Cruz

    Error on SAML Login after migration to WildFly 10

    Leonardo Cruz Newbie

      Hello,

       

      I'm trying to migrate an application from WildFly 8 to 10. After migration PicketLink SSO Federation stopped work properly. I'm got this error after redirection from Identity Provider to Service Provider.

       

      19:04:05,926 DEBUG [org.jboss.security] (default task-17) PBOX00206: Login failure: javax.security.auth.login.LoginException: unable to find LoginModule class: org.picketlink.identity.federation.bindings.jboss.SAML2LoginModule from [Module "deployment.mca-web.war:main" from Service Module Loader]

        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:794)

        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)

      ...

      19:04:05,928 ERROR [org.picketlink.common] (default task-17) Service Provider could not handle the request.: java.lang.NullPointerException

        at io.undertow.security.impl.AbstractSecurityContext.authenticationComplete(AbstractSecurityContext.java:86)

        at io.undertow.security.impl.AbstractSecurityContext.authenticationComplete(AbstractSecurityContext.java:78)

        at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.register(SPFormAuthenticationMechanism.java:408)

        at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.handleSAML2Response(SPFormAuthenticationMechanism.java:580)

        at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.handleSAMLResponse(SPFormAuthenticationMechanism.java:313)

        at org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism.authenticate(SPFormAuthenticationMechanism.java:275)

        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)


       

      It looks like an issue caused by PicketLink version downgrade on WildFly 10.

       

      I tried to change SP login module from:

       

      <login-module code="org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule" flag="required"/>

      to

      <login-module code="org.picketlink.identity.federation.bindings.jboss.SAML2LoginModule" flag="required"/>

       

      But it doesn't has effect.

       

       

      I would appreciate any help

       

      Thanks