AFAIR, this seems to be an issue with handling email type usernames without enabling email usernames..
Anyhow we have discussed to fix this from the sso consent implementation.. @Omindu: Do we have any git issue related to this? Thanks, On Mon, Apr 16, 2018 at 9:01 AM, gayan gunawardana <[email protected]> wrote: > > Hi Tharindu, > On Mon, Apr 16, 2018 at 8:39 AM, Tharindu Edirisinghe <[email protected]> > wrote: > >> Hi Gayan, >> >> It seems the error is coming form the consent management feature. If you >> don't require this feature, you can simply turn it off from the following >> property in identity.xml file. >> >> <Consent> >> <!--Specify whether consent management should be enable during >> SSO.--> >> <EnableSSOConsentManagement>*false*</EnableSSOConsentManagement> >> </Consent> >> >> Alternatively you can turn off the following listener from identity.xml >> file too for getting rid of the issue. >> >> <EventListener type="org.wso2.carbon.identity >> .core.handler.AbstractIdentityHandler" name="org.wso2.carbon.identity >> .application.authentication.framework.handler.request. >> impl.consent.ConsentMgtPostAuthnHandler" orderId="110" *enable*="*false*" >> /> >> > >> I could reproduce the same behavior and by setting any of the above >> configs, I could avoid the error and successfully authenticate the SP app >> (travelocity) with FB IDP. >> > Thanks for the explanation. I have already disabled consent management to > get it work. I suppose globally disabling consent management feature or > disabling the listener would not be a good solution. > >> >> @IAM Team - If we keep using the consent management feature, do we need >> any additional configuration? May be claim configuration to map the >> particular user claims which should require obtaining user consent? >> > >> Thanks, >> TharinduE >> >> On Sat, Apr 14, 2018 at 9:28 PM, gayan gunawardana < >> [email protected]> wrote: >> >>> Hi All, >>> >>> I have configured travelocity.com sample application as SAML inbound >>> and Facebook as federated authenticator for IS-5.5.0. After adding Facebook >>> credentials, got below UI. >>> >>> >>> ​After enabling debug logs found below exception. Is there any further >>> configuration I have to do to get it work ? >>> >>> [2018-04-14 20:25:49,655] ERROR {org.wso2.carbon.user.core.aut >>> horization.JDBCAuthorizationManager} - Error occurred while accessing >>> Java Security Manager Privilege Block >>> [2018-04-14 20:25:49,658] ERROR {org.wso2.carbon.identity.appl >>> ication.authentication.framework.handler.request.impl.DefaultRequestCoordinator} >>> - Error occurred while evaluating post authentication >>> org.wso2.carbon.identity.application.authentication.framewor >>> k.exception.PostAuthenticationFailedException: Error occurred while >>> retrieving consent data of user: [email protected] for service >>> provider: CafeLebens-Sample in tenant domain: carbon.super. >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.handler.request.impl.consent.ConsentMgtPostAuthnHandler. >>> handlePreConsent(ConsentMgtPostAuthnHandler.java:201) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.handler.request.impl.consent.ConsentMgtPostAuthnHandler. >>> handle(ConsentMgtPostAuthnHandler.java:106) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.services.PostAuthenticationMgtService.executePostAuthnHand >>> ler(PostAuthenticationMgtService.java:109) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.services.PostAuthenticationMgtService.handlePostAuthentica >>> tion(PostAuthenticationMgtService.java:78) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.handler.request.impl.DefaultAuthenticationRequestHandler.h >>> andlePostAuthentication(DefaultAuthenticationRequestHandler.java:165) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.handler.request.impl.DefaultAuthenticationRequestHandler.h >>> andle(DefaultAuthenticationRequestHandler.java:134) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.handler.request.impl.DefaultRequestCoordinator.handle(Defa >>> ultRequestCoordinator.java:157) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.servlet.CommonAuthenticationServlet.doPost(CommonAuthentic >>> ationServlet.java:53) >>> at org.wso2.carbon.identity.application.authentication.framewor >>> k.servlet.CommonAuthenticationServlet.doGet(CommonAuthentica >>> tionServlet.java:43) >>> >>> Thanks, >>> Gayan >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> Tharindu Edirisinghe >> Senior Software Engineer | WSO2 Inc >> Platform Security Team >> Blog : http://tharindue.blogspot.com >> mobile : +94 775181586 >> > > > > -- > Gayan > -- Regards, *Darshana Gunawardana*Technical Lead WSO2 Inc.; http://wso2.com *E-mail: [email protected] <[email protected]>* *Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
