Tagged: #OpenAM, logout, session terminate
This topic has 1 reply, 1 voice, and was last updated 5 years, 9 months ago by soma.
-
AuthorPosts
-
October 11, 2016 at 6:03 pm #13624
soma
ParticipantHi All,
I have a strange issue after log user out. I use OpenAM 13.0 + Tomcat + J2EE Agent 3.5.0 + OpenAM rest api.
My web application has own login/logout pages. For login I call POST /openam/json/authenticate rest with X-OpenAM-Username and X-OpenAM-Password. For logout I use POST /openam/json/session/?_action=logout.
My own logout restapi receives the request, calls the mentioned logout OpenAM api and deletes the iPlanetDirectoryPro cookie.
After a successful logout everything seems perfect:
* I can see on the OpenAM console that my ‘demo’ user just disappeared from the Session list
* iPlanetDirectoryPro cookie is removed from client sideBut when I hit refresh in the web browser or try to open again the index page of my web application (which is on the list of the not enforced URIs) then I am redirected to the access-denied page with endless goto url params.
After logout I have only one cookie. It is the JSESSIONID cookie. When I delete manually this cookie from the web browser then I am able to open the index page of my app without this issue.
I can see in the debug.out log file a lot of strange but same exceptions when I try to open the index page of my app:
ERROR: AmFilter: Error while delegating to inbound handler: Not Enforced List Task Handler, access will be denied java.lang.NullPointerException at com.iplanet.dpro.session.SesionId.hashCode(SessionID.java:334) ...
When JSESSIONID cookie is deleted by me then everything works fine again till the next logout.
Do u have any idea what is wrong here?
October 22, 2016 at 7:53 pm #13837soma
ParticipantThis is the full log:
No configuration value found for: com.sun.identity.agents.config.amFilter.logout.application.handler, or: com.sun.identity.agents.config.logout.application.handler amFilter:10/22/2016 07:46:12:678 PM CEST: Thread[http-nio-8080-exec-17,5,main] ERROR: AmFilter: Error while delegating to inbound handler: Not Enforced List Task Handler, access will be denied java.lang.NullPointerException at com.iplanet.dpro.session.SessionID.hashCode(SessionID.java:334) at java.util.Hashtable.get(Hashtable.java:363) at com.iplanet.dpro.session.Session.readSession(Session.java:2178) at com.iplanet.dpro.session.Session.removeSID(Session.java:1042) at com.sun.identity.agents.filter.LogoutHelper.removeSSOToken(LogoutHelper.java:174) at com.sun.identity.agents.filter.LogoutHelper.doLogout(LogoutHelper.java:63) at com.sun.identity.agents.filter.NotenforcedListTaskHandler.process(NotenforcedListTaskHandler.java:144) at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:194) at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:157) at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:70) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:614) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) amFilter:10/22/2016 07:46:12:679 PM CEST: Thread[http-nio-8080-exec-17,5,main] AmFilter: now processing: Audit Result Handler amFilter:10/22/2016 07:46:12:679 PM CEST: Thread[http-nio-8080-exec-17,5,main] AmFilter: result => ----------------------------------------------------------- FilterResult: Status : REDIRECT ProcessResponse : false RedirectURL : http://web.example.com:8080/admin-console/authentication/access-denied.jsp?goto=http%3A%2F%2Fweb.example.com%3A8080%2Fadmin-console%2Fauthentication%2Faccess-denied.jsp%3Fgoto%3Dhttp%253A%252F%252Fweb.example.com%253A8080%252Fadmin-console%252Fauthentication%252Faccess-denied.jsp%253Fgoto%253Dhttp%25253A%25252F%25252Fweb.example.com%25253A8080%25252Fadmin-console%25252Fauthentication%25252Faccess-denied.jsp%25253Fgoto%25253Dhttp%2525253A%2525252F%2525252Fweb.example.com%2525253A8080%2525252Fadmin-console%2525252Fauthentication%2525252Faccess-denied.jsp%2525253Fgoto%2525253Dhttp%252525253A%252525252F%252525252Fweb.example.com%252525253A8080%252525252Fadmin-console%252525252Fauthentication%252525252Faccess-denied.jsp%252525253Fgoto%252525253Dhttp%25252525253A%25252525252F%25252525252Fweb.example.com%25252525253A8080%25252525252Fadmin-console%25252525252Fauthentication%25252525252Faccess-denied.jsp%25252525253Fgoto%25252525253Dhttp%2525252525253A%2525252525252F%2525252525252Fweb.example.com%2525252525253A8080%2525252525252Fadmin-console%2525252525252Fauthentication%2525252525252Faccess-denied.jsp%2525252525253Fgoto%2525252525253Dhttp%252525252525253A%252525252525252F%252525252525252Fweb.example.com%252525252525253A8080%252525252525252Fadmin-console%252525252525252Fauthentication%252525252525252Faccess-denied.jsp%252525252525253Fgoto%252525252525253Dhttp%25252525252525253A%25252525252525252F%25252525252525252Fweb.example.com%25252525252525253A8080%25252525252525252Fadmin-console%25252525252525252Fauthentication%25252525252525252Faccess-denied.jsp%25252525252525253Fgoto%25252525252525253Dhttp%2525252525252525253A%2525252525252525252F%2525252525252525252Fweb.example.com%2525252525252525253A8080%2525252525252525252Fadmin-console%2525252525252525252Fauthentication%2525252525252525252Faccess-denied.jsp%2525252525252525253Fgoto%2525252525252525253Dhttp%252525252525252525253A%252525252525252525252F%252525252525252525252Fweb.example.com%252525252525252525253A8080%252525252525252525252Fadmin-console%252525252525252525252Fauthentication%252525252525252525252Faccess-denied.jsp%252525252525252525253Fgoto%252525252525252525253Dhttp%25252525252525252525253A%25252525252525252525252F%25252525252525252525252Fweb.example.com%25252525252525252525253A8080%25252525252525252525252Fadmin-console%25252525252525252525252Fauthentication%25252525252525252525252Faccess-denied.jsp%25252525252525252525253Fgoto%25252525252525252525253Dhttp%2525252525252525252525253A%2525252525252525252525252F%2525252525252525252525252Fweb.example.com%2525252525252525252525253A8080%2525252525252525252525252Fadmin-console%2525252525252525252525252Fauthentication%2525252525252525252525252Faccess-denied.jsp%2525252525252525252525253Fgoto%2525252525252525252525253Dhttp%252525252525252525252525253A%252525252525252525252525252F%252525252525252525252525252Fweb.example.com%252525252525252525252525253A8080%252525252525252525252525252Fadmin-console%252525252525252525252525252Fauthentication%252525252525252525252525252Faccess-denied.jsp%252525252525252525252525253Fgoto%252525252525252525252525253Dhttp%25252525252525252525252525253A%25252525252525252525252525252F%25252525252525252525252525252Fweb.example.com%25252525252525252525252525253A8080%25252525252525252525252525252Fadmin-console%25252525252525252525252525252Fauthentication%25252525252525252525252525252Faccess-denied.jsp%25252525252525252525252525253Fgoto%25252525252525252525252525253Dhttp%2525252525252525252525252525253A%2525252525252525252525252525252F%2525252525252525252525252525252Fweb.example.com%2525252525252525252525252525253A8080%2525252525252525252525252525252Fadmin-console%2525252525252525252525252525252Fauthentication%2525252525252525252525252525252Faccess-denied.jsp%2525252525252525252525252525253Fgoto%2525252525252525252525252525253Dhttp%252525252525252525252525252525253A%252525252525252525252525252525252F%252525252525252525252525252525252Fweb.example.com%252525252525252525252525252525253A8080%252525252525252525252525252525252Fadmin-console%252525252525252525252525252525252Fauthentication%252525252525252525252525252525252Faccess-denied.jsp%252525252525252525252525252525253Fgoto%252525252525252525252525252525253Dhttp%25252525252525252525252525252525253A%25252525252525252525252525252525252F%25252525252525252525252525252525252Fweb.example.com%25252525252525252525252525252525253A8080%25252525252525252525252525252525252Fadmin-console%25252525252525252525252525252525252Fauthentication%25252525252525252525252525252525252Faccess-denied.jsp%25252525252525252525252525252525253Fgoto%25252525252525252525252525252525253Dhttp%2525252525252525252525252525252525253A%2525252525252525252525252525252525252F%2525252525252525252525252525252525252Fweb.example.com%2525252525252525252525252525252525253A8080%2525252525252525252525252525252525252Fadmin-console%2525252525252525252525252525252525252Fauthentication%2525252525252525252525252525252525252Faccess-denied.jsp%2525252525252525252525252525252525253Fgoto%2525252525252525252525252525252525253Dhttp%252525252525252525252525252525252525253A%252525252525252525252525252525252525252F%252525252525252525252525252525252525252Fweb.example.com%252525252525252525252525252525252525253A8080%252525252525252525252525252525252525252Fadmin-console%252525252525252525252525252525252525252Fauthentication%252525252525252525252525252525252525252Faccess-denied.jsp%252525252525252525252525252525252525253Fgoto%252525252525252525252525252525252525253Dhttp%25252525252525252525252525252525252525253A%25252525252525252525252525252525252525252F%25252525252525252525252525252525252525252Fweb.example.com%25252525252525252525252525252525252525253A8080%25252525252525252525252525252525252525252Fadmin-console%25252525252525252525252525252525252525252Fauthentication%25252525252525252525252525252525252525252Faccess-denied.jsp RequestURL : null RequestHelper: null Data: null -----------------------------------------------------------
Any idea what to check?
-
This reply was modified 5 years, 9 months ago by
soma.
-
This reply was modified 5 years, 9 months ago by
-
AuthorPosts
You must be logged in to reply to this topic.