@Sahil.Arora: Can you please test this issue when you can manage some time?

``` 2019-11-02 15:42:40,984 INFO [qtp105704967-13] [org.gluu.oxauth.service.AuthenticationService] (AuthenticationService.java:597) - Attempting to redirect user: User: org.gluu.oxauth.model.common.User@7390795f 2019-11-02 15:42:40,989 INFO [qtp105704967-13] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:426) - Authentication success for User: 'admin' 2019-11-02 15:42:41,265 INFO [qtp105704967-13] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:276) - Authentication success for Client: '1001.e6231a4c-014a-458a-9728-e0b32b7d0827' 2019-11-02 15:44:31,299 INFO [metrics-reporter-1-thread-1] [org.gluu.oxauth.service.AppInitializer] (AppInitializer.java:363) - Created persistenceMetricEntryManager: org.gluu.persist.ldap.impl.LdapEntryManager@4a8eb4be with operation service: org.gluu.persist.ldap.operation.impl.LdapOperationsServiceImpl@722451 2019-11-02 16:00:03,524 INFO [qtp105704967-11] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:223) - Authentication failed for 'admin@sample-email.com' 2019-11-02 16:00:10,253 INFO [qtp105704967-12] [org.gluu.oxauth.service.AuthenticationService] (AuthenticationService.java:589) - Attempting to redirect user: SessionUser: SessionState {dn='d0426b29-661d-4a9c-ae4d-07d9677ed9a5', id='d0426b29-661d-4a9c-ae4d-07d9677ed9a5', lastUsedAt=Sat Nov 02 16:00:10 UTC 2019, userDn='inum=7540b7da-b72e-4a23-9f92-43751dbf66f1,ou=people,o=gluu', authenticationTime=Sat Nov 02 16:00:10 UTC 2019, state=authenticated, sessionState='719b523d438293559aabd148cd543a56205098d0a691a26337dab0f0afbefd93.fc87ee95-f893-4ddb-92c3-718d71fed63f', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=org.gluu.oxauth.model.common.SessionIdAccessMap@3d3a7585, involvedClients=null, sessionAttributes={auth_external_attributes=null, opbs=d06accc5-c5c1-4c94-a0e8-1b413dbb5330, response_type=code, nonce=30bfde0d-b791-40e0-9859-cdbf646dde5a, client_id=1001.e6231a4c-014a-458a-9728-e0b32b7d0827, auth_step=1, acr=simple_password_auth, remote_ip=3.82.123.220, auth_user=admin, scope=openid profile email user_name, acr_values=simple_password_auth, redirect_uri=https://.../identity/authcode.htm, state=e6f131fd-54bc-4030-99f0-da423b055420}, persisted=true} 2019-11-02 16:00:10,254 INFO [qtp105704967-12] [org.gluu.oxauth.service.AuthenticationService] (AuthenticationService.java:597) - Attempting to redirect user: User: org.gluu.oxauth.model.common.User@3b04354d 2019-11-02 16:00:10,256 INFO [qtp105704967-12] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:426) - Authentication success for User: 'admin' 2019-11-02 16:00:10,467 INFO [qtp105704967-12] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:276) - Authentication success for Client: '1001.e6231a4c-014a-458a-9728-e0b32b7d0827' ``` This is what oxauth.log has.

Hi Just wondering if anyone was able to find any solution to this? or why this is happening?

Hi Gaurav, After changing Primary Key and Local Primary Key to mail, Please Click on Activate button on same screen (Configuration > Manage Authentication) and wait for 2-3 mins before trying again. Let me know how it goes.

Hi Sahil, I did as you asked, OxAuth is now returning the following error message I try logging in (before the login page even loads) https://prnt.sc/ptadx1 An unexpected error has occured at null login.errorSessionInvalidMessage OxTrust.log ``` 2019-11-06 14:46:05,826 INFO [metrics-reporter-1-thread-1] [org.gluu.oxauth.service.AppInitializer] (AppInitializer.java:363) - Created persistenceMetricEntryManager: org.gluu.persist.ldap.impl.LdapEntryManager@12807a3 with operation service: org.gluu.persist.ldap.operation.impl.LdapOperationsServiceImpl@7e3650ee 2019-11-06 14:47:41,974 INFO [qtp105704967-12] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:223) - Authentication failed for 'admin@example.com' 2019-11-06 14:47:44,933 INFO [qtp105704967-14] [org.gluu.oxauth.service.AuthenticationService] (AuthenticationService.java:589) - Attempting to redirect user: SessionUser: SessionState {dn='68a576f1-dace-4187-abe4-8e68dead97ea', id='68a576f1-dace-4187-abe4-8e68dead97ea', lastUsedAt=Wed Nov 06 14:47:44 UTC 2019, userDn='inum=5bf4cae8-98c0-4214-85ed-bbb29dc5e99f,ou=people,o=gluu', authenticationTime=Wed Nov 06 14:47:44 UTC 2019, state=authenticated, sessionState='b8639e9be80678ef5638c049dbe6fb684b754505d33160f6d0e31327bf1b2fba.99f4b0ec-73be-4667-9a73-013cde38a626', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=org.gluu.oxauth.model.common.SessionIdAccessMap@4b3adb8, involvedClients=null, sessionAttributes={auth_external_attributes=null, opbs=04f512c0-f368-4438-98d7-a85e9a6fc304, response_type=code, nonce=6c344a09-ed48-4319-a8c4-04dacad0ed63, client_id=1001.1234f608-39df-4ec4-89ce-195aea147b37, auth_step=1, acr=simple_password_auth, remote_ip=69.165.170.105, auth_user=admin, scope=openid profile email user_name, acr_values=simple_password_auth, redirect_uri=https://.../identity/authcode.htm, state=603478f3-0f68-4674-9e5b-57ed5277d9ef}, persisted=true} 2019-11-06 14:47:44,934 INFO [qtp105704967-14] [org.gluu.oxauth.service.AuthenticationService] (AuthenticationService.java:597) - Attempting to redirect user: User: org.gluu.oxauth.model.common.User@31bc201c 2019-11-06 14:47:44,936 INFO [qtp105704967-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:426) - Authentication success for User: 'admin' 2019-11-06 14:47:45,254 INFO [qtp105704967-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:276) - Authentication success for Client: '1001.1234f608-39df-4ec4-89ce-195aea147b37' 2019-11-06 14:48:35,626 INFO [Thread-117] [org.gluu.oxauth.service.AppInitializer] (AppInitializer.java:473) - Recreated instance persistenceAuthEntryManager: [org.gluu.persist.ldap.impl.LdapEntryManager@2de71c3e] 2019-11-06 14:49:56,667 ERROR [qtp105704967-14] [gluu.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:251) - Failed to get CustomScriptConfiguration. auth_step: 1, acr_values: simple_password_auth 2019-11-06 14:50:03,380 ERROR [qtp105704967-13] [gluu.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:251) - Failed to get CustomScriptConfiguration. auth_step: 1, acr_values: simple_password_auth 2019-11-06 14:50:12,451 ERROR [qtp105704967-11] [gluu.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:251) - Failed to get CustomScriptConfiguration. auth_step: 1, acr_values: simple_password_auth 2019-11-06 14:50:47,816 ERROR [qtp105704967-17] [gluu.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:251) - Failed to get CustomScriptConfiguration. auth_step: 1, acr_values: simple_password_auth 2019-11-06 14:51:15,738 ERROR [qtp105704967-13] [gluu.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:251) - Failed to get CustomScriptConfiguration. auth_step: 1, acr_values: simple_password_auth ```

Can you please attach the screenshot for `Manage LDAP Authentication`, and `Default Authentication Method` Screens

I know this is an old thread, but I see the exact issue when I changed username to mail so I can login with email. This is on 4.1. I am now totally blocked out and cannot login at all. The browser shows: ``` OOPS An unexpected error has occured at null login.errorSessionInvalidMessage ``` And tailing oxauth.log shows: ``` 2020-06-25 20:12:49,672 ERROR [qtp1590550415-16] [gluu.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:251) - Failed to get CustomScriptConfiguration. auth_step: 1, acr_values: simple_password_auth ``` Any pointers on how I can get the ball rolling agina (using command line)?

Ok, we will test it. Thanks!

Ok, we couldn't reproduce the [issue](https://github.com/GluuFederation/oxAuth/issues/1407).

OK - this "activate" step is critical. The docs do explain the button: https://gluu.org/docs/gluu-server/4.2/admin-guide/oxtrust-ui/#manage-ldap-authentication But it seems counter-intuitive to me that it is not already active - how is the authentication happening prior? I think this is a weak point either in the UI or the documentation. Meanwhile, a mention of "press activate" on this page would be helpful: https://gluu.org/docs/ce/4.2/operation/faq/#request-email-instead-of-username-for-login When I do press 'activate' then I can login via CASA with email/password. But I can't login to oxTrust. With a bit of experimenting I can remain login across reboots (cookies I guess) and poke around the oxTrust UI a little. On the 'default authentication methods' screen - I see that the authentication method for both "Authentication mode:" and "oxTrust authentication mode:" has changed from "simple_password_auth" to "CASA". In the dropdown list, "simple_password_auth" no longer appears. I'm guessing it's not a valid authentication method when the LDAP primary key has changed from uid to mail. The comment above by sved_devs above also mentions an error message in oxauth.log about simple_password_auth not found after changing uid to mail. In oxauth.log I see a different error: ``` 2021-06-13 00:28:17,201 ERROR [qtp831236296-72] [org.gluu.oxauth.service.SessionIdService] (SessionIdService.java:793) - Failed to get session by dn: oxId=6eb08e97-6974-4df3-890a-8e06bd2412ef,ou=sessions,o=gluu org.gluu.persist.exception.EntryPersistenceException: Failed to find entry: oxId=6eb08e97-6974-4df3-890a-8e06bd2412ef,ou=sessions,o=gluu ``` I'm using Ubuntu 18.04.5 and Gluu 4.2.3. with LDAP by opendj - it's pretty much just a default install at this point. Dashboard shows free memory as 29.9% Maybe the solution is to use multiple attributes for authentication using the scripts and howto available in github - I'm going to try that next: https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/basic.multi_auth_conf Any suggestions/recommendations appreciated.