OpenAM 12 Authentication error with expired password and Chrome

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OpenAM 12 Authentication error with expired password and Chrome

Mori Michele

Hello guys,

we have an integration with openAM 12 UI, Active Directory AUTH chain in ssl and Chrome issue.

 

In case of an user has expired password on Active Directory and try to login (AD auth chain) with OpenAM, we receive the form to change the expired password but we are not able to finish the task because we receive an authentication error. The password policy are ok.

 

Firefox shows  a popup where It ask me to choice the user to use for the authentication.

 

With IE 8 the procedure works correctly.

 

 

The authentication error’s logs are:

 

amAuthContextLocal:04/04/2016 11:20:23:321 AM CEST: Thread[http-bio-8443-exec-25,5,main]
AuthContextLocal:: Status : in_progress
amAuthUtils:04/04/2016 11:20:23:321 AM CEST: Thread[http-bio-8443-exec-25,5,main]
AuthUtils:input url is :/config/auth/default/Login.jsp
amAuthUtils:04/04/2016 11:20:23:321 AM CEST: Thread[http-bio-8443-exec-25,5,main]
AuthUtils:encoded url is :/config/auth/default/Login.jsp
amAuthClientUtils:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
clientDetectionEnabled = false
amAuthClientUtils:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getDefaultClientType, ClientType = genericHTML
amAuthClientUtils:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
clientDetectionEnabled = false
amLoginViewBean:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
In setPageEncoding - charset : UTF-8
amLoginViewBean:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
In setPageEncoding - JCharset : UTF-8
amAuthUtils:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
AuthUtils:input url is :null
amAuthUtils:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
AuthUtils:encoded url is :null
amLoginViewBean:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getValidatedInputURL:returnURL :
amLoginViewBean:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getValidatedInputURL:returnURL :
amLoginViewBean:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:IDToken2
amLoginViewBean:04/04/2016 11:20:23:322 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:IDButton
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:gx_charset
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:IDToken1
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:gotoOnFail
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:goto
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:encoded
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: parameter is:SunQueryParamsString
amLoginViewBean:04/04/2016 11:20:23:323 AM CEST: Thread[http-bio-8443-exec-25,5,main]
getEncodedQueryParams: failed to decode SunQueryParamsString.
java.lang.ArrayIndexOutOfBoundsException: 1
    at com.sun.identity.authentication.UI.AuthViewBeanBase.getEncodedQueryParams(AuthViewBeanBase.java:156)
    at org.apache.jsp.config.auth.default_.Login_jsp._jspService(Login_jsp.java:169)
    at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
    at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
    at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
    at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:748)
    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:486)
    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:411)
    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:338)
    at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
    at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
    at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:636)
    at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
    at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
    at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.forgerock.openam.xui.XUIFilter.doFilter(XUIFilter.java:112)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:100)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:745)

 

Do you have any tips?

Thanks a lot for your support

Michele

 

 

 


______________________________________________________________________
Disclaimer: This email and any attachments are sent in strictest confidence
for the sole use of the addressee and may contain legally privileged,
confidential, and proprietary data. If you are not the intended recipient,
please advise the sender by replying promptly to this email and then delete
and destroy this email and any attachments without any further use, copying
or forwarding.

_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam