IdentityBrokerException->NullPointerException in RH-SSO on SAML IdP Response
Issue
- Authentication fails
-
Log has this exception:
ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-8) Uncaught server error: org.keycloak.broker.provider.IdentityBrokerException: Could not process response from SAML identity provider. at org.keycloak.broker.saml.SAMLEndpoint$Binding.handleLoginResponse(SAMLEndpoint.java:469) at org.keycloak.broker.saml.SAMLEndpoint$Binding.handleSamlResponse(SAMLEndpoint.java:504) at org.keycloak.broker.saml.SAMLEndpoint$Binding.execute(SAMLEndpoint.java:244) at org.keycloak.broker.saml.SAMLEndpoint.postBinding(SAMLEndpoint.java:160) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140) ... Caused by: java.lang.NullPointerException at java.util.regex.Matcher.getTextLength(Unknown Source) at java.util.regex.Matcher.reset(Unknown Source) at java.util.regex.Matcher.<init>(Unknown Source) at java.util.regex.Pattern.matcher(Unknown Source) at java.util.regex.Pattern.split(Unknown Source) at org.keycloak.broker.provider.util.IdentityBrokerState.encoded(IdentityBrokerState.java:41) at org.keycloak.services.resources.IdentityBrokerService.parseEncodedSessionCode(IdentityBrokerService.java:987) at org.keycloak.services.resources.IdentityBrokerService.authenticated(IdentityBrokerService.java:497) at org.keycloak.broker.saml.SAMLEndpoint$Binding.handleLoginResponse(SAMLEndpoint.java:465) ... 74 more
Environment
- Red Hat Single Sign-On (RH-SSO) 7
- SAML
- Brokered Identity/User Federation with SAML Identity Provider
- SAML Post Binding on the Identity Provider
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
