[midPoint] Midpoint and SSO

Jason Everling jeverling at bshp.edu
Tue Jun 7 16:31:15 CEST 2016


Did you add the certificate that is being used by CAS to midpoint's
keystore under mindpoint.home? It needs to be there

JASON

On Tue, Jun 7, 2016 at 2:16 AM, mceylan <mrveceylan at gmail.com> wrote:

> Thanks Jason. I did they say. But I get an error. Midpoint login page
> error message
>
>
> http://localhost:8080/midpoint/j_spring_cas_security_check?ticket=ST-1-ocJ73L6rbrpicihnTSjo-cas01.example.org
>
> Internal Server Error
>
> Unexpected error occurred, if necessary please contact system
> administrator.
>
>
> idm.log
>
>
> 2016-06-07 10:15:01,285 [] [http-nio-8080-exec-4] ERROR
> (com.evolveum.midpoint.web.util.MidPointProfilingServletFilter):
> Encountered exception: java.lang.RuntimeException:
> javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
> java.lang.RuntimeException: javax.net.ssl.SSLException:
> java.lang.RuntimeException: Unexpected error:
> java.security.InvalidAlgorithmParameterException: the trustAnchors
> parameter must be non-empty
>         at
> org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:407)
> ~[cas-client-core-3.3.3.jar:3.3.3]
>         at
> org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
> ~[cas-client-core-3.3.3.jar:3.3.3]
>         at
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
> ~[cas-client-core-3.3.3.jar:3.3.3]
>         at
> org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:140)
> ~[spring-security-cas-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:126)
> ~[spring-security-cas-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
> ~[spring-security-core-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:242)
> ~[spring-security-cas-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
> ~[cas-client-core-3.3.3.jar:3.3.3]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.0.6.RELEASE.jar:4.0.6.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
> ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>         at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
> ~[spring-web-4.0.6.RELEASE.jar:4.0.6.RELEASE]
>         at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
> ~[spring-web-4.0.6.RELEASE.jar:4.0.6.RELEASE]
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> [catalina.jar:8.0.33]
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> [catalina.jar:8.0.33]
>         at
> org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
> ~[cas-client-core-3.3.3.jar:3.3.3]
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> [catalina.jar:8.0.33]
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> [catalina.jar:8.0.33]
>         at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
> ~[spring-web-4.0.6.RELEASE.jar:4.0.6.RELEASE]
>         at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.0.6.RELEASE.jar:4.0.6.RELEASE]
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> [catalina.jar:8.0.33]
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> [catalina.jar:8.0.33]
>         at
> com.evolveum.midpoint.web.util.MidPointProfilingServletFilter.doFilter(MidPointProfilingServletFilter.java:86)
> ~[classes/:na]
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> [catalina.jar:8.0.33]
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> [catalina.jar:8.0.33]
>
>
> Thanks,
>
> Merve
>
>
>
> 2016-06-03 17:03 GMT+03:00 Jason Everling <jeverling at bshp.edu>:
>
>> No, you need to comment out that block for CAS auth, that is only used if
>> you are using another method that passes the auth through the header, look
>> at mine below, that is correctly done for CAS, well at least for v 3.2
>>
>> http://pastebin.com/mHW8hvP4
>>
>> JASON
>>
>> On Fri, Jun 3, 2016 at 2:09 AM, mceylan <mrveceylan at gmail.com> wrote:
>>
>>> Hi,
>>> I using CAS. uncomment line with  "PRE_AUTH_FILTER" and deploy project
>>> login page error
>>>
>>> stack tree
>>>
>>> 2016-06-03 10:05:18,998 [] [http-nio-8080-exec-1] WARN
>>> (com.evolveum.midpoint.web.page.error.PageError): Creating error page for
>>> code org.apache.wicket.WicketRuntimeException, exception Can't instantiate
>>> page using constructor 'public
>>> com.evolveum.midpoint.web.page.self.PageSelfDashboard()'. An exception has
>>> been thrown during construction!: {}
>>> org.apache.wicket.WicketRuntimeException: Can't instantiate page using
>>> constructor 'public
>>> com.evolveum.midpoint.web.page.self.PageSelfDashboard()'. An exception has
>>> been thrown during construction!
>>>         at
>>> org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:194)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:67)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:103)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.DefaultMapperContext.newPageInstance(DefaultMapperContext.java:137)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.core.request.handler.PageProvider.resolvePageInstance(PageProvider.java:268)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.core.request.handler.PageProvider.getPageInstance(PageProvider.java:166)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.handler.render.PageRenderer.getPage(PageRenderer.java:78)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.handler.render.WebPageRenderer.respond(WebPageRenderer.java:279)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.core.request.handler.RenderPageRequestHandler.respond(RenderPageRequestHandler.java:175)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:890)
>>> ~[wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
>>> ~[wicket-request-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:261)
>>> [wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:218)
>>> [wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:289)
>>> [wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:259)
>>> [wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:201)
>>> [wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:282)
>>> [wicket-core-6.20.0.jar:6.20.0]
>>>         at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
>>> [catalina.jar:8.0.33]
>>>         at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
>>> [catalina.jar:8.0.33]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>         at
>>> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
>>> [spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]
>>>
>>>
>>>
>>>
>>> 2016-06-02 19:39 GMT+03:00 Jason Everling <jeverling at bshp.edu>:
>>>
>>>> He was mentioning that to me thinking it was me having the issues,
>>>>
>>>> Merve, what are you using to pass your HEADER auth? Or are you using
>>>> CAS?
>>>>
>>>> JASON
>>>>
>>>> On Thu, Jun 2, 2016 at 9:43 AM, mceylan <mrveceylan at gmail.com> wrote:
>>>>
>>>>> Hi Roman,
>>>>>
>>>>> why uncomment  line with "PRE_AUTH_FILTER"?
>>>>>
>>>>> https://wiki.evolveum.com/display/midPoint/MidPoint+and+SSO+HOWTO is
>>>>> setup Basically what needs to be done is to uncomment the following
>>>>> line:
>>>>>
>>>>> <custom-filter position="PRE_AUTH_FILTER" ref=
>>>>> "requestHeaderAuthenticationFilter" />
>>>>>
>>>>> 2016-06-02 16:57 GMT+03:00 Jason Everling <jeverling at bshp.edu>:
>>>>>
>>>>>> Hah! Wait, I am not the one with issue, it is the other on the
>>>>>> thread, Merve
>>>>>>
>>>>>> JASON
>>>>>>
>>>>>> On Thu, Jun 2, 2016 at 8:56 AM, Roman Pudil - AMI Praha a.s. <
>>>>>> roman.pudil at ami.cz> wrote:
>>>>>>
>>>>>>> Hi Jason,
>>>>>>>
>>>>>>> try to uncoment line with "PRE_AUTH_FILTER".
>>>>>>>
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>>
>>>>>>> Roman Pudil
>>>>>>> solution architect
>>>>>>>
>>>>>>> gsm: [+420] 775 663 666
>>>>>>> e-mail: roman.pudil at ami.cz
>>>>>>>
>>>>>>>
>>>>>>> AMI Praha a.s.
>>>>>>> Pláničkova 11
>>>>>>> 162 00 Praha 6
>>>>>>> tel./fax: [+420] 274 783 239
>>>>>>> web: www.ami.cz
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> <http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
>>>>>>>
>>>>>>> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá
>>>>>>> za společnost AMI Praha a.s.
>>>>>>> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
>>>>>>> výhradně písemnou formu.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ------ Původní zpráva ------
>>>>>>> Od: "Jason Everling" <jeverling at bshp.edu>
>>>>>>> Komu: "Roman Pudil - AMI Praha a.s." <roman.pudil at ami.cz>;
>>>>>>> "midPoint General Discussion" <midpoint at lists.evolveum.com>
>>>>>>> Odesláno: 2.6.2016 15:51:17
>>>>>>> Předmět: Re: [midPoint] Midpoint and SSO
>>>>>>>
>>>>>>>
>>>>>>> We are using the Java CAS Client, in midpoint 3.2, and haven't had
>>>>>>> any issues, it was pretty easy to setup. I am looking over my files to see
>>>>>>> if I did anything outside of that document or what was commented in
>>>>>>> ctx-web-security.xml but I do not think that would be the case.
>>>>>>>
>>>>>>> You can check ours here,
>>>>>>> http://pastebin.com/mHW8hvP4
>>>>>>>
>>>>>>>
>>>>>>> JASON
>>>>>>>
>>>>>>> On Thu, Jun 2, 2016 at 8:40 AM, Roman Pudil - AMI Praha a.s. <
>>>>>>> roman.pudil at ami.cz> wrote:
>>>>>>>
>>>>>>>> Hi Jason,
>>>>>>>> we tried CAS + MidPoint as SSO solution.
>>>>>>>>
>>>>>>>> Here is URL with configuration:
>>>>>>>> https://wiki.evolveum.com/pages/viewpage.action?pageId=17760854
>>>>>>>>
>>>>>>>> Regards
>>>>>>>>
>>>>>>>>
>>>>>>>> Roman Pudil
>>>>>>>> solution architect
>>>>>>>>
>>>>>>>> gsm: [+420] 775 663 666
>>>>>>>> e-mail: roman.pudil at ami.cz
>>>>>>>>
>>>>>>>>
>>>>>>>> AMI Praha a.s.
>>>>>>>> Pláničkova 11
>>>>>>>> 162 00 Praha 6
>>>>>>>> tel./fax: [+420] 274 783 239
>>>>>>>> web: http://www.ami.cz/
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
>>>>>>>>
>>>>>>>> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá
>>>>>>>> za společnost AMI Praha a.s.
>>>>>>>> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
>>>>>>>> výhradně písemnou formu.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ------ Původní zpráva ------
>>>>>>>> Od: "Jason Everling" <jeverling at bshp.edu>
>>>>>>>> Komu: "midPoint General Discussion" <midpoint at lists.evolveum.com>
>>>>>>>> Odesláno: 2.6.2016 15:34:33
>>>>>>>> Předmět: Re: [midPoint] Midpoint and SSO
>>>>>>>>
>>>>>>>>
>>>>>>>> What SSO method are you using or what SSO agent/client?
>>>>>>>>
>>>>>>>> JASON
>>>>>>>>
>>>>>>>> On Thu, Jun 2, 2016 at 3:06 AM, mceylan <mrveceylan at gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> hi,
>>>>>>>>>
>>>>>>>>> I have a problem with  midpoint and SSO. I followed steps on the
>>>>>>>>> https://wiki.evolveum.com/display/midPoint/MidPoint+and+SSO+HOWTO
>>>>>>>>>
>>>>>>>>> When I try to get to https://midpoint/ I get 500 and I can see
>>>>>>>>> stack trace in log (below).
>>>>>>>>>
>>>>>>>>> My configuration files: ctx-web-security.xml and web.xml are in
>>>>>>>>> attachments.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException: SM_USER header not found in request.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Could you help me ?
>>>>>>>>> Thank you very much
>>>>>>>>>
>>>>>>>>>    - <https://jira.evolveum.com/browse/MID-2564#>
>>>>>>>>>
>>>>>>>>> Merve
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> midPoint mailing list
>>>>>>>>> midPoint at lists.evolveum.com
>>>>>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> CONFIDENTIALITY NOTICE:
>>>>>>>> This e-mail together with any attachments is proprietary and
>>>>>>>> confidential; intended for only the recipient(s) named above and may
>>>>>>>> contain information that is privileged. You should not retain, copy or use
>>>>>>>> this e-mail or any attachments for any purpose, or disclose all or any part
>>>>>>>> of the contents to any person. Any views or opinions expressed in this
>>>>>>>> e-mail are those of the author and do not represent those of the Baptist
>>>>>>>> School of Health Professions. If you have received this e-mail in error, or
>>>>>>>> are not the named recipient(s), you are hereby notified that any review,
>>>>>>>> dissemination, distribution or copying of this communication is prohibited
>>>>>>>> by the sender and to do so might constitute a violation of the Electronic
>>>>>>>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>>>>>>>> notify the sender and delete this e-mail and any attachments from your
>>>>>>>> computer.
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> midPoint mailing list
>>>>>>>> midPoint at lists.evolveum.com
>>>>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> CONFIDENTIALITY NOTICE:
>>>>>>> This e-mail together with any attachments is proprietary and
>>>>>>> confidential; intended for only the recipient(s) named above and may
>>>>>>> contain information that is privileged. You should not retain, copy or use
>>>>>>> this e-mail or any attachments for any purpose, or disclose all or any part
>>>>>>> of the contents to any person. Any views or opinions expressed in this
>>>>>>> e-mail are those of the author and do not represent those of the Baptist
>>>>>>> School of Health Professions. If you have received this e-mail in error, or
>>>>>>> are not the named recipient(s), you are hereby notified that any review,
>>>>>>> dissemination, distribution or copying of this communication is prohibited
>>>>>>> by the sender and to do so might constitute a violation of the Electronic
>>>>>>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>>>>>>> notify the sender and delete this e-mail and any attachments from your
>>>>>>> computer.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> CONFIDENTIALITY NOTICE:
>>>>>> This e-mail together with any attachments is proprietary and
>>>>>> confidential; intended for only the recipient(s) named above and may
>>>>>> contain information that is privileged. You should not retain, copy or use
>>>>>> this e-mail or any attachments for any purpose, or disclose all or any part
>>>>>> of the contents to any person. Any views or opinions expressed in this
>>>>>> e-mail are those of the author and do not represent those of the Baptist
>>>>>> School of Health Professions. If you have received this e-mail in error, or
>>>>>> are not the named recipient(s), you are hereby notified that any review,
>>>>>> dissemination, distribution or copying of this communication is prohibited
>>>>>> by the sender and to do so might constitute a violation of the Electronic
>>>>>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>>>>>> notify the sender and delete this e-mail and any attachments from your
>>>>>> computer.
>>>>>>
>>>>>> _______________________________________________
>>>>>> midPoint mailing list
>>>>>> midPoint at lists.evolveum.com
>>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Merve CEYLAN
>>>>>
>>>>> _______________________________________________
>>>>> midPoint mailing list
>>>>> midPoint at lists.evolveum.com
>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> CONFIDENTIALITY NOTICE:
>>>> This e-mail together with any attachments is proprietary and
>>>> confidential; intended for only the recipient(s) named above and may
>>>> contain information that is privileged. You should not retain, copy or use
>>>> this e-mail or any attachments for any purpose, or disclose all or any part
>>>> of the contents to any person. Any views or opinions expressed in this
>>>> e-mail are those of the author and do not represent those of the Baptist
>>>> School of Health Professions. If you have received this e-mail in error, or
>>>> are not the named recipient(s), you are hereby notified that any review,
>>>> dissemination, distribution or copying of this communication is prohibited
>>>> by the sender and to do so might constitute a violation of the Electronic
>>>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>>>> notify the sender and delete this e-mail and any attachments from your
>>>> computer.
>>>>
>>>> _______________________________________________
>>>> midPoint mailing list
>>>> midPoint at lists.evolveum.com
>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>
>>>>
>>>
>>>
>>> --
>>> Merve CEYLAN
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>>
>>
>>
>>
>> CONFIDENTIALITY NOTICE:
>> This e-mail together with any attachments is proprietary and
>> confidential; intended for only the recipient(s) named above and may
>> contain information that is privileged. You should not retain, copy or use
>> this e-mail or any attachments for any purpose, or disclose all or any part
>> of the contents to any person. Any views or opinions expressed in this
>> e-mail are those of the author and do not represent those of the Baptist
>> School of Health Professions. If you have received this e-mail in error, or
>> are not the named recipient(s), you are hereby notified that any review,
>> dissemination, distribution or copying of this communication is prohibited
>> by the sender and to do so might constitute a violation of the Electronic
>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>> notify the sender and delete this e-mail and any attachments from your
>> computer.
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
>
> --
> Merve CEYLAN
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>

-- 


CONFIDENTIALITY NOTICE:
This e-mail together with any attachments is proprietary and confidential; 
intended for only the recipient(s) named above and may contain information 
that is privileged. You should not retain, copy or use this e-mail or any 
attachments for any purpose, or disclose all or any part of the contents to 
any person. Any views or opinions expressed in this e-mail are those of the 
author and do not represent those of the Baptist School of Health 
Professions. If you have received this e-mail in error, or are not the 
named recipient(s), you are hereby notified that any review, dissemination, 
distribution or copying of this communication is prohibited by the sender 
and to do so might constitute a violation of the Electronic Communications 
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the 
sender and delete this e-mail and any attachments from your computer. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160607/05199a64/attachment.htm>


More information about the midPoint mailing list