On Mon, Apr 16, 2018 at 9:15 AM, Darshana Gunawardana <[email protected]> wrote:
> AFAIR, this seems to be an issue with handling email type usernames > without enabling email usernames.. > Thanks Darshana for the input. It looks like that. I will configure some other attribute (other than email) as subject identifier and see. > > Anyhow we have discussed to fix this from the sso consent implementation.. > @Omindu: Do we have any git issue related to this? > > Thanks, > > On Mon, Apr 16, 2018 at 9:01 AM, gayan gunawardana < > [email protected]> wrote: > >> >> Hi Tharindu, >> On Mon, Apr 16, 2018 at 8:39 AM, Tharindu Edirisinghe <[email protected] >> > wrote: >> >>> Hi Gayan, >>> >>> It seems the error is coming form the consent management feature. If you >>> don't require this feature, you can simply turn it off from the following >>> property in identity.xml file. >>> >>> <Consent> >>> <!--Specify whether consent management should be enable during >>> SSO.--> >>> <EnableSSOConsentManagement>*false*</EnableSSOConsentManagement> >>> </Consent> >>> >>> Alternatively you can turn off the following listener from identity.xml >>> file too for getting rid of the issue. >>> >>> <EventListener type="org.wso2.carbon.identity >>> .core.handler.AbstractIdentityHandler" name="org.wso2.carbon.identity. >>> application.authentication.framework.handler.request.impl. >>> consent.ConsentMgtPostAuthnHandler" orderId="110" *enable*="*false*" /> >>> >> >>> I could reproduce the same behavior and by setting any of the above >>> configs, I could avoid the error and successfully authenticate the SP app >>> (travelocity) with FB IDP. >>> >> Thanks for the explanation. I have already disabled consent management to >> get it work. I suppose globally disabling consent management feature or >> disabling the listener would not be a good solution. >> >>> >>> @IAM Team - If we keep using the consent management feature, do we need >>> any additional configuration? May be claim configuration to map the >>> particular user claims which should require obtaining user consent? >>> >> >>> Thanks, >>> TharinduE >>> >>> On Sat, Apr 14, 2018 at 9:28 PM, gayan gunawardana < >>> [email protected]> wrote: >>> >>>> Hi All, >>>> >>>> I have configured travelocity.com sample application as SAML inbound >>>> and Facebook as federated authenticator for IS-5.5.0. After adding Facebook >>>> credentials, got below UI. >>>> >>>> >>>> ​After enabling debug logs found below exception. Is there any further >>>> configuration I have to do to get it work ? >>>> >>>> [2018-04-14 20:25:49,655] ERROR {org.wso2.carbon.user.core.aut >>>> horization.JDBCAuthorizationManager} - Error occurred while accessing >>>> Java Security Manager Privilege Block >>>> [2018-04-14 20:25:49,658] ERROR {org.wso2.carbon.identity.appl >>>> ication.authentication.framework.handler.request.impl.DefaultRequestCoordinator} >>>> - Error occurred while evaluating post authentication >>>> org.wso2.carbon.identity.application.authentication.framewor >>>> k.exception.PostAuthenticationFailedException: Error occurred while >>>> retrieving consent data of user: [email protected] for service >>>> provider: CafeLebens-Sample in tenant domain: carbon.super. >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.handler.request.impl.consent.ConsentMgtPostAuthnHandler.ha >>>> ndlePreConsent(ConsentMgtPostAuthnHandler.java:201) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.handler.request.impl.consent.ConsentMgtPostAuthnHandler.ha >>>> ndle(ConsentMgtPostAuthnHandler.java:106) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.services.PostAuthenticationMgtService.executePostAuthnHand >>>> ler(PostAuthenticationMgtService.java:109) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.services.PostAuthenticationMgtService.handlePostAuthentica >>>> tion(PostAuthenticationMgtService.java:78) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.handler.request.impl.DefaultAuthenticationRequestHandler.h >>>> andlePostAuthentication(DefaultAuthenticationRequestHandler.java:165) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.handler.request.impl.DefaultAuthenticationRequestHandler.h >>>> andle(DefaultAuthenticationRequestHandler.java:134) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.handler.request.impl.DefaultRequestCoordinator.handle(Defa >>>> ultRequestCoordinator.java:157) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.servlet.CommonAuthenticationServlet.doPost(CommonAuthentic >>>> ationServlet.java:53) >>>> at org.wso2.carbon.identity.application.authentication.framewor >>>> k.servlet.CommonAuthenticationServlet.doGet(CommonAuthentica >>>> tionServlet.java:43) >>>> >>>> Thanks, >>>> Gayan >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> >>> Tharindu Edirisinghe >>> Senior Software Engineer | WSO2 Inc >>> Platform Security Team >>> Blog : http://tharindue.blogspot.com >>> mobile : +94 775181586 >>> >> >> >> >> -- >> Gayan >> > > > > -- > Regards, > > > *Darshana Gunawardana*Technical Lead > WSO2 Inc.; http://wso2.com > > *E-mail: [email protected] <[email protected]>* > *Mobile: +94718566859*Lean . Enterprise . Middleware > -- Gayan
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
