NullPointerException after successful call to authenticate() in my custom Person Authentication Script

By: Steve Sobol user 04 Sep 2022 at 12:47 a.m. CDT

7 Responses
Steve Sobol gravatar
To check users' login credentials, my script makes a call to a REST API. I have confirmed that the API is working (the script can pass login credentials and receive a response as to whether the credentials are correct). But after successfully authenticating, I get an NPE: ``` java.lang.NullPointerException: null at org.gluu.oxauth.service.AuthenticationService.configureSessionUser(AuthenticationService.java:609) ~[classes/:?] at org.gluu.oxauth.service.AuthenticationService$Proxy$_$$_WeldClientProxy.configureSessionUser(Unknown Source) ~[classes/:?] at org.gluu.oxauth.auth.Authenticator.userAuthenticationInteractive(Authenticator.java:434) ~[classes/:?] at org.gluu.oxauth.auth.Authenticator.authenticateImpl(Authenticator.java:205) ~[classes/:?] at org.gluu.oxauth.auth.Authenticator.authenticate(Authenticator.java:128) ~[classes/:?] at jdk.internal.reflect.GeneratedMethodAccessor348.invoke(Unknown Source) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] ``` My script's `authenticate` method: ``` def authenticate(self, configurationAttributes, requestParameters, step): identity = CdiUtil.bean(Identity) credentials = identity.getCredentials() sessionIdService = CdiUtil.bean(SessionIdService) print 'Authenticating User %s' % (credentials.username) cred_json = json.dumps({ 'login': credentials.username, 'password': credentials.password }) print 'Connecting to authserver' try: response_raw = requests.post('http://localhost:2345/authenticate', data=cred_json, headers={'Content-type': 'application/json'}) except Exception as e: print e return False print 'Parsing response' try: response = json.loads(response_raw.text) except Exception as e: print e return False status = response['status'] if status != 'OK': return False return True ``` Other than a few irrelevant lines I've omitted, this is the entire `authenticate()` method. I installed the LDAP backend when I installed Gluu, but the user I've authenticated does not exist in LDAP. I'm hoping it doesn't have to exist in LDAP... What am I doing wrong?
Gluu 4.4 Ubuntu 22.04
closed

Answers

By Yuriy Zabrovarnyy staff 04 Sep 2022 at 2:03 p.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
Yes, it's exactly the reason. Server unable to find such user in DB. The easiest way to make it work simply put user in DB on successful authentication (right before return `True`). In this way authenticated user will always exist.

By Steve Sobol user 04 Sep 2022 at 3:32 p.m. CDT

Copy
Steve Sobol gravatar
Is an API available that allows me to add and remove users? I'd rather not have to connect directly to the LDAP server, although if I have to, I will...

By Yuriy Zabrovarnyy staff 04 Sep 2022 at 3:35 p.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
Use `UserService` to add user. https://github.com/GluuFederation/oxAuth/blob/e3365dae7a37240710a9280fb1bea7695778f15e/common/src/main/java/org/gluu/oxauth/service/common/UserService.java#L152

By Steve Sobol user 04 Sep 2022 at 3:57 p.m. CDT

Copy
Steve Sobol gravatar
Excellent. Thank you. Is there an API to delete users? If not, can I simply connect to the LDAP server and remove the user from the directory, or are there additional steps I need to take?

By Steve Sobol user 04 Sep 2022 at 9:26 p.m. CDT

Copy
Steve Sobol gravatar
This will probably work. https://gluu.org/docs/oxtrust-api/4.1/#deleteperson

By Yuriy Zabrovarnyy staff 04 Sep 2022 at 11:24 p.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
Exactly, you can also use oxtrust api if needed.

By Steve Sobol user 05 Sep 2022 at 12:35 a.m. CDT

Copy
Steve Sobol gravatar
Thank you for all of your help!

Post an answer