Getting issue after successfully passing the authentication from IDP in Picketlink with EAP 5.

Solution Unverified - Updated -

Issue

  • Getting issue after successfully passing the authentication from IDP(Identity Provider) in Picketlink with EAP 5.2 as follows :-

    • The SP(Service Provider) Instance where SP side war is deployed, the following security domain in the JBoss_HOME/server/sp/conf/login-config.xml file was added :-

    <application-policy name="sp"> <authentication> <login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule" flag="required"/> </authentication> </application-policy>
    • On Identity Provider instance the following settings has been done in JBoss_HOME/server/idp/conf/login-config.xml:-
    <application-policy name="idp">
        <authentication>
            <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
                <module-option name="usersProperties">props/idp-users.properties</module-option>
                <module-option name="rolesProperties">props/idp-roles.properties</module-option>
            </login-module>
        </authentication>
    </application-policy>
    
    • When the correct credentials are being provided at the Identity Provider site login page the the following error appears immediately:-
    ERROR [org.apache.catalina.connector.CoyoteAdapter] (http-10.x.x.x-28080-2) An exception or error occurred in the container during the request processing
    java.lang.IllegalStateException: getOutputStream() has already been called for this response
        at org.apache.catalina.connector.Response.getWriter(Response.java:621)
        at org.picketlink.identity.federation.web.util.PostBindingUtil.sendPost(PostBindingUtil.java:104)
        at org.picketlink.identity.federation.web.util.IDPWebRequestUtil.send(IDPWebRequestUtil.java:231)
        at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.processSAMLRequestMessage(AbstractIDPValve.java:640)
        at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.invoke(AbstractIDPValve.java:383)
        at org.picketlink.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve.invoke(IDPSAMLDebugValve.java:57)
        at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:95)
        at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
        at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.internalProcess(ActiveRequestResponseCacheValve.java:74)
        at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:47)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:599)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:451)
        at java.lang.Thread.run(Thread.java:722)
    

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 5.2.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In