Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1788

Problem with x509 Authentication in IDP 4.1.0

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.1.0
    • Fix Version/s: 4.1.1
    • Component/s: Configuration
    • Labels:
    • Operating System:
      Linux
    • Java Version:
      Debian OpenJDK 11
    • Servlet Container:
      Apache Tomcat 9

      Description

      I upgrade our IDP to 4.1.0. The IDP now reported some stacktrace  on SSO. We use x509 Authentication flow. The stacktrace report a Type Mismatch.

       

      2021-04-06 16:35:37,090 - 193.174.12.254 - DEBUG [org.springframework.webflow.engine.support.TransitionExecutingFlowExecutionExceptionHandler:107] - Handling flow execution exception org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@6b91657 targetAction = [E valuateAction@6ff0a137 expression = ValidateExternalAuthentication, resultExpression = [null]], attributes = map[[empty]]] in state 'ValidateExternalAuthentication' of flow 'authn/X509' -- action execution attributes were 'map[[empty]]' org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@6b91657 targetAction = [EvaluateAction@6ff0a137 expression = ValidateExternalAuthentication, resultExpression = [null]], attributes = map[[empty]]] in state 'ValidateExternalAuthentication' of flow 'authn/X50 9' -- action execution attributes were 'map[[empty]]'        at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62) Caused by: org.springframework.binding.expression.EvaluationException: An ELException occurred getting the value for expression 'ValidateExternalAuthentication' on context [class org.springframework.webflow.engine.impl.RequestControlContextImpl]        at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:104) Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1021E: A problem occurred whilst attempting to access the property 'ValidateExternalAuthentication': 'Error creating bean with name 'ValidateExternalAuthentication' defined in class path resource [net/shibboleth/idp/flows/authn/x509-authn-bea ns.xml]: Initialization of bean failed; nested exception is org.springframework.beans.TypeMismatchException: Failed to convert property value of type 'java.lang.String' to required type 'boolean' for property 'addDefaultPrincipals'; nested exception is java.lang.IllegalArgumentException: Invalid boolean value [true }]'        at org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty(PropertyOrFieldReference.java:209) Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ValidateExternalAuthentication' defined in class path resource [net/shibboleth/idp/flows/authn/x509-authn-beans.xml]: Initialization of bean failed; nested exception is org.springframework.beans.TypeMismatchException: Failed to convert property value of type 'java.lang.String' to required type 'boolean' for property 'addDefaultPrincipals'; nested exception is java.lang.IllegalArgumentException: Invalid boolean value [true}]        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:610) Caused by: org.springframework.beans.TypeMismatchException: Failed to convert property value of type 'java.lang.String' to required type 'boolean' for property 'addDefaultPrincipals'; nested exception is java.lang.IllegalArgumentException: Invalid boolean value [true}]        at org.springframework.beans.AbstractNestablePropertyAccessor.convertIfNecessary(AbstractNestablePropertyAccessor.java:600) Caused by: java.lang.IllegalArgumentException: Invalid boolean value [true}]        at org.springframework.beans.propertyeditors.CustomBooleanEditor.setAsText(CustomBooleanEditor.java:154)
      
      

      I think it is in error in the code from idp. In https://git.shibboleth.net/view/?p=java-identity-provider.git;a=blob;f=idp-conf-impl/src/main/resources/net/shibboleth/idp/flows/authn/x509-authn-beans.xml;h=4a1a4efb003085a54e2ecb22942be8767eb6a579;hb=HEAD#l30 there are three closing brackets instead of two.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              cantor.2@osu.edu Scott Cantor
              Reporter:
              pyw85bgt1omczascd51yav6s9vo=@https://idp.dfn-cert.de/idp/shibboleth pyw85bgt1omczascd51yav6s9vo=@https://idp.dfn-cert.de/idp/shibboleth
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 30 minutes
                  30m