Please find the error log below :
ERROR {org.apache.catalina.core.ApplicationDispatcher} - Servlet.service()
for servlet bridgeservlet threw exception
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1967)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:743)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:410)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
at
org.eclipse.equinox.http.servlet.internal.RequestDispatcherAdaptor.forward(RequestDispatcherAdaptor.java:30)
at
org.eclipse.equinox.http.helper.ContextPathServletAdaptor$RequestDispatcherAdaptor.forward(ContextPathServletAdaptor.java:362)
at
org.wso2.carbon.identity.application.authenticator.samlsso.SAML2FederatedLogoutRequestHandler.initiateLogRequest(SAML2FederatedLogoutRequestHandler.java:136)
at
org.wso2.carbon.identity.application.authenticator.samlsso.SAML2FederatedLogoutRequestHandler.doPost(SAML2FederatedLogoutRequestHandler.java:79)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at
org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:72)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80)
at
org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91)
at
org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at
org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at
org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
at
org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at
org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Thanks,
Kanapriya
Kanapriya Kuleswararajan
Software Engineer
Mobile : - 0774894438
Mail : - [email protected]
LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
WSO2, Inc.
lean . enterprise . middleware
On Thu, Jan 18, 2018 at 7:27 PM, Kanapriya Kuleswararajan <
[email protected]> wrote:
> Hi All,
>
>
>>> b) - At number 5 in the diagram, i.e. when the logout request is
>>> received, we wrap the request and response and send over to our
>>> common-auth servelet. Here before invoking the common-auth servelet, we
>>> will retrieve session Id from the map (using the SAML Session Index) and
>>> set it in the wrapper object.
>>>
>>
>> Request which forwards to the commonauth endpoint will have a format
>> similar to following,
>>
>> */commonauth?commonAuthLogout=true&type={type}&commonAuthCallerPath={some-url}&relyingParty={sp-name}*
>> NOTE: Need to verify whether relyingParty parameter is required or not.
>>
>> After logout from the framework, the saml-sso outbound component will
>> verify the response and will build a valid SAML2 logout response and send
>> back to the federated IdP.
>>
>
> I have created a Servlet endpoint [1] to access SAML logout request from
> FIDP and register this Servlet as service [2]. Here, I get the session id
> using the session index and set it inside wrapper object and forward that
> to the commonauth endpoint. When I sent a logout request from FIDP, FIDP is
> logged out but SP is is not getting logged out even we sent the sessionID
> to invalidate the session and observe the error [1] at the back end.
>
> Is there anything I need to do more than this?
>
> [1] https://github.com/Kanapriya/saml-sso-outbound/blob/master/
> components/org.wso2.carbon.identity.application.authenticator.samlsso/src/
> main/java/org/wso2/carbon/identity/application/authenticator/samlsso/
> SAML2FederatedLogoutRequestHandler.java
>
> [2] https://github.com/Kanapriya/saml-sso-outbound/blob/master/
> components/org.wso2.carbon.identity.application.authenticator.samlsso/src/
> main/java/org/wso2/carbon/identity/application/authenticator/samlsso/
> internal/SAMLSSOAuthenticatorServiceComponent.java#L74
>
> Thanks,
> Kanapriya
>
>
>>
>>
>>>
>>> @Thanuja and Malithi: Please add anything that I have missed. And also
>>> appreciate code snippets for above (a) and (b).
>>>
>>> After the POC implementation, we will have another review.
>>>
>>> thank you,
>>> Dimuthu
>>>
>>> --
>>> Dimuthu Leelarathne
>>> Director, Solutions Architecture
>>>
>>> WSO2, Inc. (http://wso2.com)
>>> email: [email protected]
>>> Mobile: +94773661935 <+94%2077%20366%201935>
>>> Blog: http://muthulee.blogspot.com
>>>
>>> Lean . Enterprise . Middleware
>>>
>>
>> [1] - https://github.com/wso2/carbon-identity-framework/blob/5.1
>> 1.x/components/authentication-framework/org.wso2.carbon.iden
>> tity.application.authentication.framework/src/main/java/org/
>> wso2/carbon/identity/application/authentication/
>> framework/util/FrameworkUtils.java#L1258
>>
>>
>> <https://github.com/wso2/carbon-identity-framework/blob/5.11.x/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java#L1258>[2]
>> - https://github.com/wso2/carbon-identity-framework/blob/5.
>> 11.x/components/authentication-framework/org.wso2.carbon.
>> identity.application.authentication.framework/src/
>> main/java/org/wso2/carbon/identity/application/
>> authentication/framework/AuthenticationDataPublisher.java
>>
>> [3] - https://github.com/wso2-extensions/identity-governance/
>> blob/master/components/org.wso2.carbon.identity.captcha/
>> src/main/java/org/wso2/carbon/identity/captcha/validator/Fai
>> lLoginAttemptValidator.java
>>
>> [4] - https://github.com/wso2/carbon-identity-framework/blob/5.
>> 11.x/components/authentication-framework/org.wso2.carbon.
>> identity.application.authentication.framework/src/
>> main/java/org/wso2/carbon/identity/application/authentication/framework/
>> model/CommonAuthRequestWrapper.java
>>
>> [5] - https://github.com/wso2/carbon-identity-framework/blob/5.
>> 11.x/components/authentication-framework/org.wso2.carbon.
>> identity.application.authentication.framework/src/
>> main/java/org/wso2/carbon/identity/application/authentication/framework/
>> model/CommonAuthResponseWrapper.java
>>
>>
>> Thanks,
>> Thanuja
>> --
>> *Thanuja Lakmal*
>> Associate Technical Lead
>> WSO2 Inc. http://wso2.com/
>> *lean.enterprise.middleware*
>> Mobile: +94715979891
>>
>
>
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
