Hi Raj, This was done after SP1 release. You can find the source for the custom secret callback handler in the patch1040 [1]. But this is needed only if the Tenat List Dropdown feature [2] in the SSO login page is enabled and also if secure vault is added for the TenantConfig.properties file. By default this feature is disabled. If we get the error when this feature is disabled, it is not correct. If so we need to patch authentication.endpoint webapp that is delivered in the pack. Let's have a review on this tomorrow.
[1] https://svn.wso2.com/wso2/custom/projects/projects/carbon/turing/patches/patch1040/ [2] http://tharindue.blogspot.com/2015/04/enabling-tenant-domains-dropdown-in-sso.html On Mon, Jul 27, 2015 at 3:15 PM, Darshana Gunawardana <[email protected]> wrote: > > > On Mon, Jul 27, 2015 at 2:22 PM, Samuel Gnaniah <[email protected]> wrote: > >> Adding TharinduA. >> >> *Samuel Gnaniah* >> Lead Technical Writer >> >> WSO2 (pvt.) Ltd. >> Colombo, Sri Lanka >> (+94) 773131798 >> >> On Mon, Jul 27, 2015 at 12:33 PM, Rajkumar Rajaratnam <[email protected] >> > wrote: >> >>> Hi Tharindu >>> >>> On Sun, Apr 26, 2015 at 9:11 AM, Tharindu Edirisinghe < >>> [email protected]> wrote: >>> >>>> Hi Firzan, >>>> >>>> The custom secret callback handler should be included in >>>> authenticanendpoint/WEB-INF/lib directory only if secure vault is added. We >>>> should write proper documentation for enabling secure vault for the >>>> dropdown feature and mention that. However the error handling of the >>>> feature is improved than the service pack when comes to the next release of >>>> IS. >>>> >>> >>> Where can I get CustomSecretCallbackHandler jar? >>> >> > Check : > https://wso2.org/jira/browse/IDENTITY-2981?focusedCommentId=95432&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-95432 > > > Thanks, > Darshana. > > >> I couldn't find it in SP01. The pre-configured IS pack [1] has >>> TenantConfig.properties file which references >>> org.wso2.carbon.securevault.custom.CustomSecretCallbackHandler. It throws >>> following CNF exceptions since the jar is not included anywhere. Please >>> advice. >>> >>> TID: [0] [IS] [2015-07-26 08:28:18,874] ERROR >>> {org.wso2.securevault.secret.SecretCallbackHandlerFactory} - A >>> SecretCallbackHandler cannot be found for class name : >>> org.wso2.carbon.securevault.custom.CustomSecretCallbackHandler >>> {org.wso2.securevault.secret.SecretCallbackHandlerFactory} >>> java.lang.ClassNotFoundException: >>> org.wso2.carbon.securevault.custom.CustomSecretCallbackHandler >>> at >>> org.wso2.carbon.webapp.mgt.loader.CarbonWebappClassLoader.loadClass(CarbonWebappClassLoader.java:138) >>> at >>> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1559) >>> at >>> org.wso2.securevault.secret.SecretCallbackHandlerFactory.createSecretCallbackHandler(SecretCallbackHandlerFactory.java:62) >>> at >>> org.wso2.securevault.SecretResolverFactory.initPasswordManager(SecretResolverFactory.java:278) >>> at >>> org.wso2.securevault.SecretResolverFactory.create(SecretResolverFactory.java:218) >>> at >>> org.wso2.carbon.identity.application.authentication.endpoint.util.TenantDataManager.resolveSecrets(TenantDataManager.java:282) >>> at >>> org.wso2.carbon.identity.application.authentication.endpoint.util.TenantDataManager.init(TenantDataManager.java:88) >>> at >>> org.wso2.carbon.identity.application.authentication.endpoint.util.TenantDataManager.isTenantListEnabled(TenantDataManager.java:267) >>> at org.apache.jsp.login_jsp._jspService(org.apache.jsp.login_jsp:329) >>> at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>> at >>> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:403) >>> at >>> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492) >>> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:412) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339) >>> at >>> org.wso2.carbon.identity.application.authentication.endpoint.oauth2.OAuth2Login.doGet(OAuth2Login.java:94) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:735) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:412) >>> at >>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339) >>> at >>> org.wso2.carbon.identity.application.authentication.endpoint.AuthenticationEndpoint.doGet(AuthenticationEndpoint.java:82) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:735) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>> at >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) >>> at >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) >>> at >>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) >>> at >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) >>> at >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) >>> at >>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) >>> at >>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) >>> at >>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) >>> at >>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) >>> at >>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) >>> at >>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) >>> at >>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) >>> at >>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) >>> at >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >>> at >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) >>> at >>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) >>> at >>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) >>> at >>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) >>> at >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>> at java.lang.Thread.run(Thread.java:745) >>> >>> >>> >>> [1] >>> https://docs.wso2.com/display/CLUSTER420/Configuring+the+Pre-Packaged+Identity+Server+5.0.0+with+API+Manager+1.9.0 >>> >>> Thanks, >>> Raj. >>> >>>> >>>> Regards, >>>> TharinduE >>>> >>>> On Sun, Apr 26, 2015 at 7:32 AM, Firzhan Naqash <[email protected]> >>>> wrote: >>>> >>>>> Hi Thraindhu/Darshana, >>>>> >>>>> And also IMO, we should make sure it does not throw CNF errors in the >>>>> console, in the event of mutual SSL authentication is disabled and it >>>>> doesn't have the custom authentication jar inside the >>>>> authenticanendpoint/WEB-INF/lib. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Regards, >>>>> Firzhan >>>>> >>>>> On Sat, Apr 25, 2015 at 3:49 PM, Tharindu Edirisinghe < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi Darshana, >>>>>> >>>>>> +1. Yes, IMO we should ship the mutual ssl authenticator with the new >>>>>> release so that the features like tenant list dropdown in SSO login page >>>>>> would work OOTB with only configuration changes. >>>>>> >>>>>> Thanks, >>>>>> TharinduE >>>>>> >>>>>> On Sun, Apr 26, 2015 at 2:13 AM, Darshana Gunawardana < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Devs, >>>>>>> >>>>>>> IS 5.0.0 does not have mutual authenticator shipped with 5.0.0. But >>>>>>> in the SP it has instructions to copy it to dropins. >>>>>>> >>>>>>> How about shipping it in the standard distribution from 5.1.0 >>>>>>> onwards. >>>>>>> >>>>>>> Thanks, >>>>>>> Darshana >>>>>>> -- >>>>>>> Regards, >>>>>>> >>>>>>> >>>>>>> *Darshana Gunawardana*Software Engineer >>>>>>> WSO2 Inc.; http://wso2.com >>>>>>> >>>>>>> *E-mail: [email protected] <[email protected]>* >>>>>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . >>>>>>> Middleware >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> Tharindu Edirisinghe >>>>>> Software Engineer | WSO2 Inc >>>>>> Identity Server Team >>>>>> mobile : +94 775 181586 >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> Tharindu Edirisinghe >>>> Software Engineer | WSO2 Inc >>>> Identity Server Team >>>> mobile : +94 775 181586 >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Rajkumar Rajaratnam >>> Committer & PMC Member, Apache Stratos >>> Software Engineer, WSO2 >>> >>> Mobile : +94777568639 >>> Blog : rajkumarr.com >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Regards, > > > *Darshana Gunawardana*Senior Software Engineer > WSO2 Inc.; http://wso2.com > > *E-mail: [email protected] <[email protected]>* > *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware > -- Tharindu Edirisinghe Software Engineer | WSO2 Inc Identity Server Team Blog : tharindue.blogspot.com mobile : +94 775 181586
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
