By: Norman King user 03 Jun 2020 at 10:31 a.m. CDT

2 Responses

Hi. I'm trying to set up front channel logout for my discourse forum. In discourse i set the logout redirect url to the gluu end session endpoint. In gluu the client has a redirect uri as discourse.example.com/auth/oidc/callback and logout uri as discourse.example.com. When i log out in discourse i get the following in the oxauth.log file. 2020-06-03 15:08:58,459 ERROR [qtp1590550415-18] [gluu.oxauth.session.ws.rs.EndSessionRestWebServiceImpl] (EndSessionRestWebServiceImpl.java:187) - Session was removed successfully but post_logout_redirect_uri validation fails since AS failed to validate it against clients associated with session (which was just removed). javax.ws.rs.WebApplicationException: HTTP 400 Bad Request at org.gluu.oxauth.model.error.ErrorResponseFactory.createWebApplicationException(ErrorResponseFactory.java:94) ~[classes/:?] at org.gluu.oxauth.model.error.ErrorResponseFactory$Proxy$_$$_WeldClientProxy.createWebApplicationException(Unknown Source) ~[classes/:?] at org.gluu.oxauth.service.RedirectionUriService.validatePostLogoutRedirectUri(RedirectionUriService.java:149) ~[classes/:?] at org.gluu.oxauth.session.ws.rs.EndSessionRestWebServiceImpl.validatePostLogoutRedirectUri(EndSessionRestWebServiceImpl.java:180) ~[classes/:?] at org.gluu.oxauth.session.ws.rs.EndSessionRestWebServiceImpl.httpBased(EndSessionRestWebServiceImpl.java:196) ~[classes/:?] at org.gluu.oxauth.session.ws.rs.EndSessionRestWebServiceImpl.requestEndSession(EndSessionRestWebServiceImpl.java:108) ~[classes/:?] at org.gluu.oxauth.session.ws.rs.EndSessionRestWebServiceImpl$Proxy$_$$_WeldClientProxy.requestEndSession(Unknown Source) ~[classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_222] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_222] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:510) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:401) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:365) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:367) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:339) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:312) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:441) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:231) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:137) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:140) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:217) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[servlet-api-3.1.jar:3.1.0] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:755) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:226) ~[websocket-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.gluu.oxauth.audit.debug.ServletLoggingFilter.doFilter(ServletLoggingFilter.java:67) ~[classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1596) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.gluu.server.filters.AbstractCorsFilter.handleNonCORS(AbstractCorsFilter.java:362) ~[oxcore-server-4.1.0.Final.jar:?] at org.gluu.server.filters.AbstractCorsFilter.doFilter(AbstractCorsFilter.java:139) ~[oxcore-server-4.1.0.Final.jar:?] at org.gluu.oxauth.filter.CorsFilter.doFilter(CorsFilter.java:110) ~[classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:590) ~[jetty-security-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1607) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1577) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:221) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.Server.handle(Server.java:500) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_222] Any suggestions?

Ubuntu 18.04

closed

By Aliaksandr Samuseu staff 03 Jun 2020 at 10:50 a.m. CDT

Copy

Hi, Norman. We need to test it, to confirm the issue. Could you also provide a HAR file of the failing flow? You can use steps listed [here](https://www.inflectra.com/support/knowledgebase/kb254.aspx) - please use Firefox for that task, Chrome's HARs are flawed. Also don't forget to set "Persist log" and "Disable cache" checkboxes in the console to save everything, not just the recently loaded page. When sharing the HAR file, please also add fresh `oxauth.log` as well.

By Norman King user 03 Jun 2020 at 12:58 p.m. CDT

Copy

You can download the har file from here. https://cloud.thekingstech.com/nc/index.php/s/8sNtaqf6mJf3PXd

You need to Login in order to post an answer

issues with the end session endpoint.

By: Norman King user 03 Jun 2020 at 10:31 a.m. CDT

Answers

By Aliaksandr Samuseu staff 03 Jun 2020 at 10:50 a.m. CDT

By Norman King user 03 Jun 2020 at 12:58 p.m. CDT

Post an answer