Josso 2.2 CE demo install fails, please help

Help
s
2012-06-12
2013-05-20
  • s

    s - 2012-06-12

    Hi,
    We\'re trying to evaluate Josso2.2.2 CE for our enterprise, but have not managed to get even the basic tomcat 6.0 demo application to work, even following the SSO Rollout tutorial video as exactly as possible.  The problem seems to be that when we click the Tomcat Demo app\'s protected-josso link, we sign in at the idp, and it refers us back to \"http:localhost:8080/partnerapp1/josso-security-check\" which does not exist.   If we create a josso-security-check directory within the partner app, and copy the index.jsp from the protected-josso directory to the  josso-security-check directory, we see that request.getRemoteUser() returns null, and request.getUserPrincipal() also returns null.  So the basic question is  what do we need to do to get this basic demo app to work?  what have we done wrong in our setting  up? 

    Much more detail follows.

     
  • s

    s - 2012-06-12

    I don't know why, but when I tried to post additional details to this topic, source-forge thought it was spam.  I'll add the details in a series of additional posts.  Please help if at all possible.  Thanks!

    We are on a Windows server 2008 R2 Virtual Machine,  with 64 bits, 4GB ram, 2.67GHz processor. 
    All Josso related software is presently run on this one machine.

    Using:
    JOSSO 2 CE             (2.2.2)
    Atricore Console CE    (1.1.2)  http://localhost:8081/atricore-console/
    Atricore Identity Bus  (1.2.2)
    Apache Karaf           (2.2.3)
    Apache Tomcat 6.0.35 Server on port localhost:8080 and is also using 8009
    iis is running on  port 8090, but the results explained here are completely unchanged if we shut off iis entirely.  iis is also using port 80.
    Jetty is running on port 8081, and when prompted for a file it can't find, jetty displays a standard jetty error page-so jetty must be running.
    The tomcat manager app- http://localhost:8080/manager worked fine until the josso appliance was deployed and has not worked since-when one tried to go there in a browser, one will be entering the password over and over again, ad infinitum.

    Using Josso 2.2 GUI, we’ve deployed and started a Josso Identity appliance, with identity vault, with the tomcat 6.0 Execution environment, and the tomcat 6.0 demo application. 
    We have tried to exactly follow the setup  instructions in this “Internet SSO Rollout Using  Josso 2” video: http://www.josso.org/confluence/display/JOSSO1/Video+Tutorial+-+Internet+SSO+Rollout+using+JOSSO2  EXCEPT that we eliminated the second service provider, and eliminated the datastore for the tomcat app.  When we had no luck with the setup demonstrated in the video, we reduced it to just the Tomcat-sp, its tomcat execution environment, the idp, and the identity vault.
    When we click on the “protected-Josso” link, we are taken to the gateway, where we sign in with the account we created.  However, it redirects us back to the localhost:8080/partnerapp/josso-security-check/  directory, which does not exist, and the login fails.    If I copy the protected-josso directory to  make an improvised josso-security-check,  I see that request.getRemoteUser() returns null, and request.getUserPrincipal() also returns null.
    Does anyone know what’s wrong?  Is there supposed to be a josso-security-check directory that wasn’t created? 

    I have a screen capture of the sign-in process, caught in Burpsuite;  how do I upload this?

     
  • s

    s - 2012-06-12

    The atricore.log file in  sometimes contains these errors at the time of the login failure, errors which I have googled to no avail:
    2012-06-11 16:44:28,089 | ERROR | tp-1952386350-19 | AbstractCamelProducer            | tion.camel.AbstractCamelProducer  159 | 170 - org.atricore.idbus.kernel.main - 1.2.2 |
    java.lang.NullPointerException
    at org.atricore.idbus.capabilities.josso.main.producers.SingleSignOnProducer.resolveSPInitiatedSSOEndpointDescriptor(SingleSignOnProducer.java:229)
    at org.atricore.idbus.capabilities.josso.main.producers.SingleSignOnProducer.doProcess(SingleSignOnProducer.java:109)
    at org.atricore.idbus.capabilities.josso.main.producers.SingleSignOnProducer.doProcess(SingleSignOnProducer.java:58)
    at org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133)
    at org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(AsyncProcessorTypeConverter.java:43)
    at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:115)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:89)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)
    at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)
    at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)
    at org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.process(CamelMediationEndpoint.java:311)
    at org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(AsyncProcessorTypeConverter.java:43)
    at org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59)
    at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:115)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:89)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)
    at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)
    at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)
    at org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.java:448)
    at org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:120)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    at org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java:98)
    at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
    at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
    at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
    2012-06-11 16:44:28,670 | ERROR | tp-1952386350-19 | AbstractCamelProducer            | tion.camel.AbstractCamelProducer  159 | 170 - org.atricore.idbus.kernel.main - 1.2.2 |
    java.lang.NullPointerException
    at org.atricore.idbus.capabilities.josso.main.producers.SingleSignOnProducer.resolveSPInitiatedSSOEndpointDescriptor(SingleSignOnProducer.java:229)
    at org.atricore.idbus.capabilities.josso.main.producers.SingleSignOnProducer.doProcess(SingleSignOnProducer.java:109)
    at org.atricore.idbus.capabilities.josso.main.producers.SingleSignOnProducer.doProcess(SingleSignOnProducer.java:58)
    at org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133)
    at org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(AsyncProcessorTypeConverter.java:43)
    at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:115)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:89)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)
    at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)
    at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)
    at org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.process(CamelMediationEndpoint.java:311)
    at org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(AsyncProcessorTypeConverter.java:43)
    at org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59)
    at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)
    at org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:115)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:89)
    at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)
    at org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)
    at org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)
    at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)
    at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)
    at org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.java:448)
    at org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:120)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    at org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java:98)
    at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
    at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)

    What could be causing this?
    Many thanks, and best regards,
    Sam

     
  • s

    s - 2012-06-12

    The cmd prompt, run as administrator, in which I have started josso (using the atricore.bat file) has nothing to say about the botched signin.  other error logs also have nothing to say, making me wonder if logging is correctly conifigured…?

    the SAML response from the sing-in at the idp is this:
    <samlp:Response xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns7="urn:oasis:names:tc:SAML:2.0:idbus" xmlns:ns6="urn:org:atricore:idbus:common:sso:1.0:protocol" xmlns:ns5="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:enc="http://www.w3.org/2001/04/xmlenc#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained"

     
  • Gianluca Brigandi

    Hi,

    The "josso-security-check" is a "magic" uri handled by the JOSSO Agent. Therefore, you should add any specific web resource to handle this. Just make sure that you've activated successfully your Tomcat 6 instance. For instance, the josso-agent-config.xml descriptor should exist within the target tomcat instance.

    Moreover, make sure that upon activating, the checkbox for installing the demo apps is checked. This way the demo application servicing request at the "/partnerapp" web context will be provisioned onto the target tomcat instance by trying to spot the corresponding WAR file.

    Hope this helps.

    Regards,
    Gianluca.
     

     
  • s

    s - 2012-06-13

    HI Gianluca,
    Thanks for the response! The checkbox for installing the demo apps is checked. I'll verify the other.  Thanks!
    Regards,
    S.

     
  • s

    s - 2012-06-14

    Hi, Here\'s an update-Could you please help me understand what\'s going on?
    I removed the unnecessary josso-security-check directory I had created, and took a look at the logs as I again tried to authenticate.
    The key log seems to be the catalina.log; what does this mean:

    Jun 13, 2012 3:26:54 PM org.apache.catalina.realm.JAASRealm authenticate
    SEVERE: Unexpected error
    java.lang.SecurityException: %CATALINA_HOME%\\conf\\jaas.conf (No such file or directory)
    at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at java.lang.Class.newInstance0(Unknown Source)
    at java.lang.Class.newInstance(Unknown Source)
    at javax.security.auth.login.Configuration$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
    at javax.security.auth.login.LoginContext$1.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.login.LoginContext.init(Unknown Source)
    at javax.security.auth.login.LoginContext.<init>(Unknown Source)
    at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:393)
    at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:334)
    at org.josso.tc60.agent.CatalinaSSOAgent.authenticate(CatalinaSSOAgent.java:95)
    at org.josso.agent.AbstractSSOAgent.execute(AbstractSSOAgent.java:420)
    at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:333)
    at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:557)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
    at java.lang.Thread.run(Unknown Source)
    Caused by: java.io.IOException: %CATALINA_HOME%\\conf\\jaas.conf (No such file or directory)
    at com.sun.security.auth.login.ConfigFile.init(Unknown Source)
    … 26 more

    Why is it failing to find something here?  We are not adding a database to the tomcat demo application, sice we wanted to use only the Josso authentication.  (So we picked \"Use Ours\" for the \"Identity Mapping Policy\"  in the atricore console identity appliance Modeler-is that correct? )  Is org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:334) trying to authenticate us using jaas?

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks