Seems to be an issue with the apache common libraries when executing an oidc logout in IS 5.5.0. On logout this is the error we encounter about not being able to find MapUtils in LogoutRequestSender:
https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/master/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/backChannelLogout/LogoutRequestSender.java For some reason MapUtils does not seem to be included in is 5.5.0. Any help on getting logout working would be greatly appreciated. This is the request we are executing: https://localhost:9443/oidc/logout?id_token_hint=XXXXXXXXXXXXXX &post_logout_redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F&_=1524399139030 and this is the stracktrace of the error: [2018-04-22 08:12:18,895] ERROR {org.apache.catalina.core.StandardWrapperValve} - Servlet.service() for servlet [bridgeservlet] in context with path [/] threw exception [Servlet execution threw an exception] with root cause java.lang.NoClassDefFoundError: org/apache/commons/collections/MapUtils at org.wso2.carbon.identity.oidc.session.backChannelLogout.LogoutRequestSender.sendLogoutRequests(LogoutRequestSender.java:73) at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.doBackChannelLogout(OIDCLogoutServlet.java:526) at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.handleLogoutResponseFromFramework(OIDCLogoutServlet.java:444) at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.sendRequestToFramework(OIDCLogoutServlet.java:484) at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.sendToFrameworkForLogout(OIDCLogoutServlet.java:434) at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.doGet(OIDCLogoutServlet.java:161) at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80) at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91) at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962) at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) From: Ciprian Sabolovits <ciprian.sabolov...@cognosante.com> Date: Friday, April 20, 2018 at 1:26 PM To: Farasath Ahamed <farasa...@wso2.com> Cc: WSO2 Developers' List <dev@wso2.org> Subject: Re: [EXTERNAL SENDER] Re: [Dev] Missing JSESSION cookie Currently we get a 500 error when trying to log out the user with a log out call. https://wso2server/oidc/logout?id_token_hint=ID_TOKEN_HINT &post_logout_redirect_uri=REDIRECT_URI 17:20:16 org.wso2.carbon.identity.oidc.session.OIDCSessionManagerException: Invalid request. client_id not found in request as parameter. 17:20:16 at org.wso2.carbon.identity.oidc.session.servlet.OIDCSessionIFrameServlet.doGet(OIDCSessionIFrameServlet.java:69) 17:20:16 at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) 17:20:16 at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 17:20:16 at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) 17:20:16 at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) 17:20:16 at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) 17:20:16 at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) 17:20:16 at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 17:20:16 at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:16 at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:16 at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:72) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:16 at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:16 at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:16 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:16 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) 17:20:16 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110) 17:20:16 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) 17:20:16 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) 17:20:16 at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80) 17:20:16 at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91) 17:20:16 at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60) 17:20:16 at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) 17:20:16 at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) 17:20:16 at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) 17:20:16 at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) 17:20:16 at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) 17:20:16 at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) 17:20:16 at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962) 17:20:16 at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) 17:20:16 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) 17:20:16 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445) 17:20:16 at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115) 17:20:16 at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) 17:20:16 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775) 17:20:16 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734) 17:20:16 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 17:20:16 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 17:20:16 at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 17:20:16 at java.lang.Thread.run(Thread.java:748) 17:20:24 [2018-04-20 17:20:24,215] ERROR {org.apache.catalina.core.StandardWrapperValve} - Servlet.service() for servlet [bridgeservlet] in context with path [/] threw exception [Servlet execution threw an exception] with root cause 17:20:24 java.lang.ClassNotFoundException: org.apache.commons.collections.MapUtils cannot be found by org.wso2.carbon.identity.oidc.session_5.6.63 17:20:24 at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:501) 17:20:24 at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:421) 17:20:24 at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:412) 17:20:24 at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107) 17:20:24 at java.lang.ClassLoader.loadClass(ClassLoader.java:357) 17:20:24 at org.wso2.carbon.identity.oidc.session.backChannelLogout.LogoutRequestSender.sendLogoutRequests(LogoutRequestSender.java:73) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.doBackChannelLogout(OIDCLogoutServlet.java:526) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.handleLogoutResponseFromFramework(OIDCLogoutServlet.java:444) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.sendRequestToFramework(OIDCLogoutServlet.java:484) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.sendToFrameworkForLogout(OIDCLogoutServlet.java:434) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.doGet(OIDCLogoutServlet.java:161) 17:20:24 at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) 17:20:24 at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 17:20:24 at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) 17:20:24 at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) 17:20:24 at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) 17:20:24 at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) 17:20:24 at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 17:20:24 at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:72) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) 17:20:24 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110) 17:20:24 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) 17:20:24 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) 17:20:24 at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80) 17:20:24 at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91) 17:20:24 at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) 17:20:24 at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) 17:20:24 at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) 17:20:24 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) 17:20:24 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445) 17:20:24 at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115) 17:20:24 at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) 17:20:24 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775) 17:20:24 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734) 17:20:24 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 17:20:24 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 17:20:24 at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 17:20:24 at java.lang.Thread.run(Thread.java:748) 17:20:24 [2018-04-20 17:20:24,416] ERROR {org.apache.catalina.core.StandardWrapperValve} - Servlet.service() for servlet [bridgeservlet] in context with path [/] threw exception [Servlet execution threw an exception] with root cause 17:20:24 java.lang.NoClassDefFoundError: org/apache/commons/collections/MapUtils 17:20:24 at org.wso2.carbon.identity.oidc.session.backChannelLogout.LogoutRequestSender.sendLogoutRequests(LogoutRequestSender.java:73) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.doBackChannelLogout(OIDCLogoutServlet.java:526) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.handleLogoutResponseFromFramework(OIDCLogoutServlet.java:444) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.sendRequestToFramework(OIDCLogoutServlet.java:487) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.sendToFrameworkForLogout(OIDCLogoutServlet.java:434) 17:20:24 at org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet.doGet(OIDCLogoutServlet.java:161) 17:20:24 at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) 17:20:24 at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 17:20:24 at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) 17:20:24 at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) 17:20:24 at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) 17:20:24 at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) 17:20:24 at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 17:20:24 at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 17:20:24 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 17:20:24 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) 17:20:24 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110) 17:20:24 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) 17:20:24 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) 17:20:24 at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80) 17:20:24 at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91) 17:20:24 at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) 17:20:24 at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) 17:20:24 at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962) 17:20:24 at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) 17:20:24 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) 17:20:24 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445) 17:20:24 at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115) 17:20:24 at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) 17:20:24 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775) 17:20:24 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734) 17:20:24 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 17:20:24 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 17:20:24 at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 17:20:24 at java.lang.Thread.run(Thread.java:748) From: Farasath Ahamed <farasa...@wso2.com> Date: Friday, April 20, 2018 at 2:59 AM To: Ciprian Sabolovits <ciprian.sabolov...@cognosante.com> Cc: Madawa Soysa <mada...@wso2.com>, architecture <architect...@wso2.org>, WSO2 Developers' List <dev@wso2.org> Subject: [EXTERNAL SENDER] Re: [Dev] Missing JSESSION cookie On Fri, Apr 20, 2018 at 12:24 AM, Ciprian Sabolovits <ciprian.sabolov...@cognosante.com<mailto:ciprian.sabolov...@cognosante.com>> wrote: Hi Everyone, Having a problem with WSO2 IS 5.5.0. For some reason IS does not set the cookie JSESSIONID and hence the log out functionality with OpenID is broken. Any idea why? Do we need to do anything special in configuration to get the cookies set? Can you elaborate more on as to why you are relying on the JSESSIONID cookie for OpenID logout functionality? Thanks, Ciprian CONFIDENTIALITY NOTICE: This email message and any attachments are for the sole use of the intended recipient(s) and may contain confidential information of Cognosante Holdings, LLC and/or its subsidiaries, including Cognosante, LLC, Cognosante Consulting, LLC, and Cognosante MVH, LLC and is protected by law. If you have received this in error, please reply to the sender and delete it from your system. If you are the intended recipient, you may use the information contained in this message and any files attached only as authorized. _______________________________________________ Dev mailing list Dev@wso2.org<mailto:Dev@wso2.org> http://wso2.org/cgi-bin/mailman/listinfo/dev<https://urldefense.proofpoint.com/v2/url?u=http-3A__wso2.org_cgi-2Dbin_mailman_listinfo_dev&d=DwMFaQ&c=3osP8_fFVztkmLX-wblBSzVmg3E7zPSWQr9Be8oq6Ko&r=3HXTjBNfzBWO3d9LewuhBMdosy2FekO-SKzbM2cOtYvTBNYLqVPnUQM-da08SxZh&m=YSPW416cNzesKUg1qVlSfKqs_FNNzeBS_Ke9SNfsrXo&s=NEEfFwQYKmWnwMBNpKisJA07vHj4NDtVIYG_PelDGRM&e=> -- Farasath Ahamed Senior Software Engineer, WSO2 Inc.; http://wso2.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__wso2.com_&d=DwMFaQ&c=3osP8_fFVztkmLX-wblBSzVmg3E7zPSWQr9Be8oq6Ko&r=3HXTjBNfzBWO3d9LewuhBMdosy2FekO-SKzbM2cOtYvTBNYLqVPnUQM-da08SxZh&m=YSPW416cNzesKUg1qVlSfKqs_FNNzeBS_Ke9SNfsrXo&s=8mpK2CHLWXN2t5Jh7DdSSrd12rnS6T1DoVGGtuEDR6o&e=> Mobile: +94777603866<tel:%2B94777603866> Blog: blog.farazath.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__blog.farazath.com&d=DwMFaQ&c=3osP8_fFVztkmLX-wblBSzVmg3E7zPSWQr9Be8oq6Ko&r=3HXTjBNfzBWO3d9LewuhBMdosy2FekO-SKzbM2cOtYvTBNYLqVPnUQM-da08SxZh&m=YSPW416cNzesKUg1qVlSfKqs_FNNzeBS_Ke9SNfsrXo&s=Mo7xwBAgS1npIuKAZ8Z0o3tYmdsV0DoLWDLIatvkOZE&e=> Twitter: @farazath619<https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_farazath619&d=DwMFaQ&c=3osP8_fFVztkmLX-wblBSzVmg3E7zPSWQr9Be8oq6Ko&r=3HXTjBNfzBWO3d9LewuhBMdosy2FekO-SKzbM2cOtYvTBNYLqVPnUQM-da08SxZh&m=YSPW416cNzesKUg1qVlSfKqs_FNNzeBS_Ke9SNfsrXo&s=NxsTDGAS-XIimb9NNQk5RVc4ii2CpV8lucGDSBeCx7M&e=> [Image removed by sender.]<https://urldefense.proofpoint.com/v2/url?u=http-3A__wso2.com_signature&d=DwMFaQ&c=3osP8_fFVztkmLX-wblBSzVmg3E7zPSWQr9Be8oq6Ko&r=3HXTjBNfzBWO3d9LewuhBMdosy2FekO-SKzbM2cOtYvTBNYLqVPnUQM-da08SxZh&m=YSPW416cNzesKUg1qVlSfKqs_FNNzeBS_Ke9SNfsrXo&s=tTXl9y42Di2tudapuJ-nwYnPMeB59TfdEUPlIMnYHgY&e=>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev