By: Burcin Gunay named 07 May 2018 at 8:30 a.m. CDT

3 Responses
Burcin Gunay gravatar
Hi, We have developed a custom script and attempted to dynamically register a user if not defined in Gluu and authenticate the user successfully. But, when we attempt to login with the same user later, we get an NullPointer Exception after clicking on Allow button on the consent page. The stacktrace is as follows: ``` INFO | jvm 1 | 2018/05/07 14:31:00 | WARNING: #{authorizeAction.permissionGranted}: java.lang.NullPointerException INFO | jvm 1 | 2018/05/07 14:31:00 | javax.faces.FacesException: #{authorizeAction.permissionGranted}: java.lang.NullPointerException INFO | jvm 1 | 2018/05/07 14:31:00 | at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:117) INFO | jvm 1 | 2018/05/07 14:31:00 | at javax.faces.component.UICommand.broadcast(UICommand.java:315) INFO | jvm 1 | 2018/05/07 14:31:00 | at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:786) INFO | jvm 1 | 2018/05/07 14:31:00 | at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1251) INFO | jvm 1 | 2018/05/07 14:31:00 | at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) INFO | jvm 1 | 2018/05/07 14:31:00 | at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) INFO | jvm 1 | 2018/05/07 14:31:00 | at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) INFO | jvm 1 | 2018/05/07 14:31:00 | at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:748) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:486) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:411) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:338) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.RewriteFilter.process(RewriteFilter.java:98) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:57) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:190) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.lang.Thread.run(Thread.java:745) INFO | jvm 1 | 2018/05/07 14:31:00 | Caused by: javax.faces.el.EvaluationException: java.lang.NullPointerException INFO | jvm 1 | 2018/05/07 14:31:00 | at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:101) INFO | jvm 1 | 2018/05/07 14:31:00 | at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:101) INFO | jvm 1 | 2018/05/07 14:31:00 | ... 47 more INFO | jvm 1 | 2018/05/07 14:31:00 | Caused by: java.lang.NullPointerException INFO | jvm 1 | 2018/05/07 14:31:00 | at java.util.Arrays$ArrayList.<init>(Arrays.java:2842) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.util.Arrays.asList(Arrays.java:2828) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.xdi.oxauth.service.ClientAuthorizationsService.add(ClientAuthorizationsService.java:88) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.lang.reflect.Method.invoke(Method.java:606) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.xdi.oxauth.service.ClientAuthorizationsService_$$_javassist_seam_43.add(ClientAuthorizationsService_$$_javassist_seam_43.java) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.xdi.oxauth.authorize.ws.rs.AuthorizeAction.permissionGranted(AuthorizeAction.java:666) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.xdi.oxauth.authorize.ws.rs.AuthorizeAction.permissionGranted(AuthorizeAction.java:647) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.lang.reflect.Method.invoke(Method.java:606) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.xdi.oxauth.authorize.ws.rs.AuthorizeAction_$$_javassist_seam_38.permissionGranted(AuthorizeAction_$$_javassist_seam_38.java) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) INFO | jvm 1 | 2018/05/07 14:31:00 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) INFO | jvm 1 | 2018/05/07 14:31:00 | at java.lang.reflect.Method.invoke(Method.java:606) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) INFO | jvm 1 | 2018/05/07 14:31:00 | at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) INFO | jvm 1 | 2018/05/07 14:31:00 | at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) INFO | jvm 1 | 2018/05/07 14:31:00 | at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) ``` The ldif for the client is as follows: ``` Attempting to redirect user: SessionUser: SessionState, dn='uniqueIdentifier=2ba50ff5-cc7a-45bd-a60f-de073d4c4c49,ou=session,o=@!DB1B.D578.FA1B.11FE!0001!BF7D.6C4C,o=gluu', id='2ba50ff5-cc7a-45bd-a60f-de073d4c4c49', isJwt=false, lastUsedAt=Mon May 07 14:58:42 EEST 2018, userDn='inum=@!DB1B.D578.FA1B.11FE!0001!BF7D.6C4C!0000!9517.7EC5,ou=people,o=@!DB1B.D578.FA1B.11FE!0001!BF7D.6C4C,o=gluu', authenticationTime=Mon May 07 14:58:42 EEST 2018, state=authenticated, permissionGranted=null, permissionGrantedMap=null, sessionAttributes={scope=openid tckn profile, response_type=code, redirect_uri=http://keyserver.ekds.gov.tr:8888/ekds/login_result.php, remote_ip=193.140.74.193, auth_step=1, prompt=consent, client_id=@!DB1B.D578.FA1B.11FE!0001!BF7D.6C4C!0008!EA51.1867, acr=idcard, ``` I guess the problem is permissionGranted=null, permissionGrantedMap=null is null and org.xdi.oxauth.authorize.ws.rs.AuthorizeAction.permissionGranted(AuthorizeAction.java:666) method is trying to get permissions from the map. How can I do my configuration to fill the permissionGrantedMap? My Client Conf: Application Type: web Pre-Authorization : enabled subject type: pairwise authentication_method: client-secret-post required-auth-time : true Persist Client Authorizations* : true scopes: openid, profile, tckn (our custom scope) Response Types : code token id_token Grant Types: authorization_code implicit refresh_token Logout Session Required* = true

By Aliaksandr Samuseu staff 07 May 2018 at 9:12 a.m. CDT

Aliaksandr Samuseu gravatar
Hi. Unfortunately, Community Support doesn't cover custom script development. You can check ready scripts [here](https://github.com/GluuFederation/oxAuth/tree/version_2.4.4_sp3/Server/integrations) to confirm that there is no usually any issues with logging out with an enrolled user later on. Make sure you are using the right script as an example, as there is significant differences between scripts in 2.4.4 and 3.x packages, they are not cross-compatible. Place some debug output instructions and `try`/`catch` blocks to see what's going on.

By Burcin Gunay named 08 May 2018 at 3:39 a.m. CDT

Burcin Gunay gravatar
Hi, Actually I am not asking for support on our custom script. The problem is, the script is finallized successfully and authenticate() returns true. The problem starts after clicking allow button on the consent page that belongs to Gluu source code. No problem with the working of the script, I feel so, you keep on writing the same content without reading the problem definition and forward us to get support :( In addition, while searching, I found that there exists a bug already opened in https://github.com/GluuFederation/oxAuth/issues/442 The problem is I do not want to upgrade the version of Gluu but want to be able to get to fix the following bug? Is there any way? Actually, we are doing POC to choose to use Gluu or not for the project. That is why we are not at the position to get support immediately since we are analysing the other products and Gluu as well.

By Aliaksandr Samuseu staff 08 May 2018 at 2:42 p.m. CDT

Aliaksandr Samuseu gravatar
Yes, there indeed was a bug like this, I'm sorry I jumped into conclusions like this. From what I see, the fix was incorporated into SP3 update for 2.4.4 which can be applied using update packages we were providing back then. Steps are listed in [this doc](https://gluu.org/docs/ce/2.4.4/upgrade/updating/). That would be the only recommended way we can offer within the scope of Community Support. I know that in certain cases some fixes were back-ported to old packages and/or custom versions of packages were compiled per customers' direct requests. You could discuss this possibility with William or Michael while deciding the type of contract you would wish to sign, I guess.