My Oracle Support Banner

Federation Fails On Null Attribute Value (Doc ID 2017178.1)

Last updated on FEBRUARY 03, 2019

Applies to:

Oracle Identity Federation - Version 11.1.2.0.0 and later
Information in this document applies to any platform.

Symptoms

OAM11gR2(11.1.2.0) as SP with remote IDP. When IDP pass and attribute with "null" value to OAM, OAM SP throws following exception and federation failed



[2015-05-13T09:47:55.683-04:00] [wls_oam1] [ERROR] [FEDSTS-12064] [oracle.security.fed.controller.ActionStateMachine] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000FryMA8Bp4ioH6yvU^MG0000cG0004m5,0:1] [APP: oam_server#11.1.2.0.0] [URI: /oam/server/fed/sp/sso] Exception: {0}[[
java.lang.NullPointerException
at oracle.security.fed.fed.msgengine.attribute.AttributeValueContentFactory.getSAML2AttributeContent(AttributeValueContentFactory.java:165)
at oracle.security.fed.fed.msgengine.attribute.AttributeValueContentFactory.getAttributeContent(AttributeValueContentFactory.java:63)
at oracle.security.fed.fed.msgengine.attribute.saml20.IncomingMapAttrEngine.processAttributes(IncomingMapAttrEngine.java:80)
at oracle.security.fed.fed.msgengine.util.AssertionUtils.translateAndAggregateSAML2Attributes(AssertionUtils.java:77)
at oracle.security.fed.eventhandler.fed.profiles.sp.sso.assertion.Saml20AssertionProcessor.processAssertion(Saml20AssertionProcessor.java:287)
at oracle.security.fed.eventhandler.fed.profiles.sp.sso.v20.ProcessResponseEventHandler.perform(ProcessResponseEventHandler.java:265)
at oracle.security.fed.controller.ActionStateMachine.processEvent(ActionStateMachine.java:172)
at oracle.security.fed.controller.EventControllerImpl.processEvent(EventControllerImpl.java:89)
at oracle.security.fed.controller.ApplicationController.publishEvent(ApplicationController.java:345)
at oracle.security.fed.controller.frontend.action.RequestHandlerContext.publishEvent(RequestHandlerContext.java:50)
at oracle.security.fed.controller.frontend.action.RequestHandlerSupport.perform(RequestHandlerSupport.java:15)
at oracle.security.fed.controller.library.api.FedEngineInstance.processCall(FedEngineInstance.java:260)
at oracle.security.fed.controller.library.api.FedEngineInstance.processCall(FedEngineInstance.java:164)
at oracle.security.fed.controller.library.api.FedEngineSPInstance.validateAndMapAssertion(FedEngineSPInstance.java:148)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at oracle.security.am.engine.authn.internal.plugin.FedUserAuthenticationPlugin.invokeValidateAndMapAssertion(FedUserAuthenticationPlugin.java:284)
at oracle.security.am.engine.authn.internal.plugin.FedUserAuthenticationPlugin.process(FedUserAuthenticationPlugin.java:162)
at oracle.security.am.engine.authn.internal.executor.PlugInExecutor.execute(PlugInExecutor.java:197)
at oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor.execute(AuthenticationSchemeExecutor.java:101)
at oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl.validateUser(AuthenticationEngineControllerImpl.java:265)
at oracle.security.am.engines.enginecontroller.AuthnEngineController.authenticateUser(AuthnEngineController.java:714)
at oracle.security.am.engines.enginecontroller.AuthnEngineController.processEvent(AuthnEngineController.java:303)
at oracle.security.am.controller.MasterController.processEvent(MasterController.java:572)
at oracle.security.am.controller.MasterController.processRequest(MasterController.java:763)
at oracle.security.am.controller.MasterController.process(MasterController.java:684)
at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLFlowManager.java:209)
at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.java:147)
at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.java:107)
at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServlet.java:178)
at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java:137)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3748)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3714)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2283)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2182)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1491)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

]]

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.