By: Joseph Haun user 21 Apr 2020 at 2:01 p.m. CDT

3 Responses

Expected to be able to login with any available authentication method (passport-social or simple password), but after entering credentials get the following displayed on a web page instead of the normal Casa page which allows the user to change settings. It appears that the authentication is successful, as other user logins are prompted for security credentials, but the following is still displayed for every user. > ****An error occurred**** com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "error" (class org.gluu.oxd.common.response.GetTokensByCodeResponse), not marked as ignorable (5 known properties: "expires_in", "id_token_claims", "id_token", "access_token", "refresh_token"]) at [Source: (ByteArrayInputStream); line: 1, column: 11] (through reference chain: org.gluu.oxd.common.response.GetTokensByCodeResponse["error"]) I saw two mentions of this error related to SCIM, but this instance of the Gluu server does not have SCIM enabled at this time so I am not sure how that could be the case. There is also a repeated error on attempted login which I have included below. Despite this error, I am able to successfully access oxTrust using regular oxAuth and see all non-Casa pages. > 2020-04-21 18:52:40,789 INFO [qtp1590550415-10] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:277) - Authentication success for Client: '683afd6c-ccf6-4538-b5ea-54e5e37bb053' 2020-04-21 18:52:40,819 ERROR [qtp1590550415-10] [org.gluu.oxauth.model.crypto.OxAuthCryptoProvider] (OxAuthCryptoProvider.java:244) - Failed to find private key by kid: 38ec1e7f-a4f0-4541-a3bd-f31ece7e0db9_sig_rs256, signatureAlgorithm: RS256(check whether web keys JSON in persistence corresponds to keystore file.) 2020-04-21 18:52:40,820 ERROR [qtp1590550415-10] [org.gluu.oxauth.model.common.AuthorizationGrant] (AuthorizationGrant.java:266) - Failed to find private key by kid: 38ec1e7f-a4f0-4541-a3bd-f31ece7e0db9_sig_rs256, signatureAlgorithm: RS256(check whether web keys JSON in persistence corresponds to keystore file.) java.lang.RuntimeException: Failed to find private key by kid: 38ec1e7f-a4f0-4541-a3bd-f31ece7e0db9_sig_rs256, signatureAlgorithm: RS256(check whether web keys JSON in persistence corresponds to keystore file.) at org.gluu.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:245) ~[oxauth-model-4.1.0.Final.jar:?] at org.gluu.oxauth.model.crypto.AbstractCryptoProvider$Proxy$_$$_WeldClientProxy.sign(Unknown Source) ~[oxauth-model-4.1.0.Final.jar:?] at org.gluu.oxauth.service.ServerCryptoProvider.sign(ServerCryptoProvider.java:59) ~[classes/:?] at org.gluu.oxauth.model.token.JwtSigner.sign(JwtSigner.java:86) ~[classes/:?] at org.gluu.oxauth.model.token.IdTokenFactory.generateSignedIdToken(IdTokenFactory.java:273) ~[classes/:?] at org.gluu.oxauth.model.token.IdTokenFactory.createJwr(IdTokenFactory.java:518) ~[classes/:?] at org.gluu.oxauth.model.common.AuthorizationGrant.createIdToken(AuthorizationGrant.java:96) ~[classes/:?] at org.gluu.oxauth.model.common.AuthorizationGrant.createIdToken(AuthorizationGrant.java:251) ~[classes/:?] at org.gluu.oxauth.token.ws.rs.TokenRestWebServiceImpl.requestAccessToken(TokenRestWebServiceImpl.java:205) ~[classes/:?] at org.gluu.oxauth.token.ws.rs.TokenRestWebServiceImpl$Proxy$_$$_WeldClientProxy.requestAccessToken(Unknown Source) ~[classes/:?] at sun.reflect.GeneratedMethodAccessor223.invoke(Unknown Source) ~[?:?] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:510) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:401) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:365) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:367) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:339) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:312) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:441) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:231) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:137) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:140) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:217) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[servlet-api-3.1.jar:3.1.0] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:755) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:226) ~[websocket-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.gluu.oxauth.auth.AuthenticationFilter.processBasicAuth(AuthenticationFilter.java:283) ~[classes/:?] at org.gluu.oxauth.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:123) ~[classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.gluu.oxauth.audit.debug.ServletLoggingFilter.doFilter(ServletLoggingFilter.java:67) ~[classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1596) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.gluu.server.filters.AbstractCorsFilter.handleNonCORS(AbstractCorsFilter.java:362) ~[oxcore-server-4.1.0.Final.jar:?] at org.gluu.server.filters.AbstractCorsFilter.doFilter(AbstractCorsFilter.java:139) ~[oxcore-server-4.1.0.Final.jar:?] at org.gluu.oxauth.filter.CorsFilter.doFilter(CorsFilter.java:110) ~[classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:590) ~[jetty-security-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1607) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1577) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:221) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.Server.handle(Server.java:500) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_222] 2020-04-21 18:55:55,485 INFO [qtp1590550415-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:277) - Authentication success for Client: '1501.16c28d4d-ed14-431e-a974-171bfe156198'

CentOS 8.0

closed

By Mohib Zico staff 21 Apr 2020 at 2:59 p.m. CDT

Copy

Hello Joseph, Most probably you have to renew oxauth key; we will share a doc on how to do that.

By Mohib Zico staff 22 Apr 2020 at 6:22 a.m. CDT

Copy

Joseph, 4.1 has GUI to renew oxauth keys. Please try to enable / modify these and see how things go after renewal. Screenshot attached. Log into Gluu Server oxTrust > Configuration > JSON Configuration > 'oxAuth Configuration' tab. Look for 'keyRegenerationEnabled' and 'keyRegenerationInterval' values.

41_key_rotation.PNG

By Joseph Haun user 23 Apr 2020 at 9:49 a.m. CDT

Copy

Thanks for your response, Mohib. I have checked the keyRegenerationEnabled and keyRegenerationInterval values. Both were already set to the same values as shown in your screenshot. I have lowered the interval as a test and that seems to have done it. Unfortunately I did not test before I changed that interval, so it might have been a problem that fixed itself.

You need to Login in order to post an answer

Casa Login Error

By: Joseph Haun user 21 Apr 2020 at 2:01 p.m. CDT

Answers

By Mohib Zico staff 21 Apr 2020 at 2:59 p.m. CDT

By Mohib Zico staff 22 Apr 2020 at 6:22 a.m. CDT

By Joseph Haun user 23 Apr 2020 at 9:49 a.m. CDT

Post an answer