Hi all, I create an authenticated user like [1]. For my case, I don't have any claims.
I enabled the debug mode log and get the following log. And you can find the authenticator code in [3]. There is no entry/association for this user id. Is this caused due to that? Can anyone guide me to resolve this? [1] AuthenticatedUser authenticatedUser = AuthenticatedUser.createFederateAuthenticatedUserFromSubjectIdentifier(authenticatedUserId); Here I used the tiqr user id as the authenticatedUserId. [2] log: [2015-11-12 11:52:03,161] DEBUG {org.wso2.carbon.identity.authenticator.TiqrAuthenticator} - Authentication pending... [2015-11-12 11:52:04,175] DEBUG {org.wso2.carbon.identity.authenticator.TiqrAuthenticator} - Successfully authenticated the user associated with the User ID:shaki2 [2015-11-12 11:52:24,269] DEBUG {org.wso2.carbon.identity.authenticator.TiqrAuthenticator} - The authenticated subject identifier :shaki2 [2015-11-12 11:52:35,072] INFO {org.wso2.carbon.identity.authenticator.TiqrAuthenticator} - authentication success [2015-11-12 11:52:43,128] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} - Tiqr returned: SUCCESS_COMPLETED [2015-11-12 11:53:41,323] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Step 2 is completed. Going to get the next one. [2015-11-12 11:53:41,323] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - There are no more steps to execute [2015-11-12 11:53:41,323] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Request is successfully authenticated [2015-11-12 11:53:41,324] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Handling Post Authentication tasks [2015-11-12 11:53:41,324] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Authenticated User: admin [2015-11-12 11:53:41,324] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Authenticated User Tenant Domain: carbon.super [2015-11-12 11:53:41,324] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler} - Executing claim handler. isFederatedClaims = false and remote claims = [] [2015-11-12 11:53:41,324] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user admin [2015-11-12 11:53:41,325] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - value after escaping special characters in admin : admin [2015-11-12 11:53:41,328] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user with SearchFilter: (&(objectClass=person)(uid=admin)) in SearchBase: [2015-11-12 11:53:41,330] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Name in space for admin is uid=admin,ou=Users,dc=WSO2,dc=ORG [2015-11-12 11:53:41,331] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - User: admin exist: true [2015-11-12 11:53:41,335] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user with SearchFilter: (&(objectClass=person)(uid=admin)) in SearchBase: [2015-11-12 11:53:41,335] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :uid [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :dateOfBirth [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :streetAddress [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :region [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :postalcode [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :localityName [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :organizationName [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :otherPhone [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :givenName [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :stateOrProvinceName [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :title [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :accountLock [2015-11-12 11:53:41,336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :nickName [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :gender [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :role [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :unlockTime [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :oneTimePassword [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :mail [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :sn [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :im [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :url [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :country [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :cn [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :failedLoginAttempts [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :telephoneNumber [2015-11-12 11:53:41,337] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :displayName [2015-11-12 11:53:41,338] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :mobile [2015-11-12 11:53:41,342] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler} - Returning claims from claim handler = [] [2015-11-12 11:53:41,342] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler} - UNFILTERED_IDP_CLAIM_VALUES map property set to [] [2015-11-12 11:53:41,342] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler} - UNFILTERED_LOCAL_CLAIM_VALUES map property set to [ http://wso2.org/claims/username:admin,http://wso2.org/claims/lastname:admin,http://wso2.org/claims/role:Application/tiqrSP,admin,Internal/everyone,http://wso2.org/claims/emailaddress:ad...@wso2.com,http://wso2.org/claims/fullname:admin,http://wso2.org/claims/givenname:admin, ] [2015-11-12 11:53:41,343] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler} - UNFILTERED_SP_CLAIM_VALUES map property set to [ http://wso2.org/claims/username:admin,http://wso2.org/claims/lastname:admin,http://wso2.org/claims/role:Application/tiqrSP,admin,Internal/everyone,http://wso2.org/claims/emailaddress:ad...@wso2.com,http://wso2.org/claims/fullname:admin,http://wso2.org/claims/givenname:admin, ] [2015-11-12 11:53:41,343] DEBUG {org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil} - JWT Header :{"typ":"JWT", "alg":"none"} [2015-11-12 11:53:41,343] DEBUG {org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil} - JWT Body :{"iss":"wso2","exp":14473094213433000,"iat":1447309421343,"idps":[{"idp":"LOCAL","authenticator":"BasicAuthenticator"},{"idp":"tiqrIDP","authenticator":"Tiqr"}]} [2015-11-12 11:53:41,343] DEBUG {org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade} - Trying to find the IdP for name: tiqrIDP [2015-11-12 11:53:41,343] DEBUG {org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for Identity Provider tiqrIDP [2015-11-12 11:53:41,343] DEBUG {org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade} - A registered IdP was found [2015-11-12 11:58:35,886] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Step processing is completed [2015-11-12 11:58:46,557] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler} - Concluding the Authentication Flow [2015-11-12 11:58:47,382] DEBUG {org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCache} - Session corresponding to the key : e6d25273-f55b-459a-8df5-f6eebad701e4 cannot be found. [2015-11-12 11:58:47,384] DEBUG {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} - Session Data persisting Task is started to run [2015-11-12 11:58:47,386] DEBUG {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} - Session Data persisting Task is started to run [2015-11-12 11:58:47,386] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler} - Sending response back to: /samlsso..._commonAuthAuthenticated: true_authenticatedUser: admin@carbon.super_authenticatedIdPs: eyJ0eXAiOiJKV1QiLCAiYWxnIjoibm9uZSJ9.eyJpc3MiOiJ3c28yIiwiZXhwIjoxNDQ3MzA5NDIxMzQzMzAwMCwiaWF0IjoxNDQ3MzA5NDIxMzQzLCJpZHBzIjpbeyJpZHAiOiJMT0NBTCIsImF1dGhlbnRpY2F0b3IiOiJCYXNpY0F1dGhlbnRpY2F0b3IifSx7ImlkcCI6InRpcXJJRFAiLCJhdXRoZW50aWNhdG9yIjoiVGlxciJ9XX0=._sessionDataKey: 20573828-9b56-4b36-a103-5ca16aa767ca (Sanitized) [2015-11-12 11:59:18,620] DEBUG {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Query string : sessionDataKey=20573828-9b56-4b36-a103-5ca16aa767ca [2015-11-12 11:59:18,626] DEBUG {org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for Identity Provider LOCAL [2015-11-12 11:59:18,626] DEBUG {org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} - Validating SAML Request signature [2015-11-12 11:59:18,626] DEBUG {org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} - Request message <?xml version="1.0" encoding="UTF-8"?><samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://localhost:8081/travelocity.com/home.jsp" Destination="https://localhost:9443/samlsso" ForceAuthn="false" ID="0" IsPassive="false" IssueInstant="2015-11-12T06:21:29.874Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><samlp:Issuer xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion">travelocity.com</samlp:Issuer><saml2p:NameIDPolicy xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" SPNameQualifier="Issuer"/><saml2p:RequestedAuthnContext xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Comparison="exact"><saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml2p:RequestedAuthnContext></samlp:AuthnRequest> Listening for transport dt_socket at address: 5005 [2015-11-12 11:59:18,628] DEBUG {org.wso2.carbon.identity.sso.saml.validators.SAML2HTTPRedirectDeflateSignatureValidator} - Constructing signed content string from URL query string SAMLRequest=nZPdjtMwEIVfJfJ9finQtZqsSqsVlRYIbZYL7ow7pUaOHTyTbvftcZIWsiuoKm49M2fOfDOe3R5rHRzAobImZ2mUsACMtFtlvufsoboLp%2By2mKGodcPnLe3NGn62gBT4OoO8D%2BSsdYZbgQq5ETUgJ8k38w%2F3PIsS3jhLVlrNgjkiOPKNFtZgW4PbgDsoCQ%2Fr%2B5ztiRoex9pKofcWiU%2BTaRqTEwfwb4qeImnreG9riH5gw4KlN6GMoN53V4zPqm8mk1dx5w7RsuDOOgm9%2FZzthEZgwWqZMz%2FsCkuBqA7wJ4DYwsogCUM5y5L0dZimYZpVyRuepTy7iaZvJ19ZUJ7meqfMQOsShG9DEvL3VVWG5adNxYIvZ%2Bo%2BgZ0Z993d9XTFmSkrXrCaxWPFQT9r%2BEcvsVqWViv5NGqTXb9Fre3jwoEgz4xcCz3eWtBlge5FbcNdn8qbbnYkMMSCTdl5%2BtwKrXYKXM4Gxyz%2B7fl0c7DtV%2Bivh%2BBI%2F2V%2BYetGOIUddjgKSSfwfKy80J7qGnajDlcv4WKa5LKT9s%2Fd0T1at%2B2OCKSfrHLCYGMdDWv7q59iiP0LSHHe%2BPifFr8A&SigAlg=http%3A%2F% 2Fwww.w3.org <http://2fwww.w3.org/> %2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=JMPW1S0htJoQwxh582adlXcCcZqgJ7Y5Jyom0PandpRy5XT1Ni8IMNts67zAt%2FZJlnweOxmNrXsxJ5fOhkxMvEHXaSSbEgwN0N%2Bxd0B%2BoD7tmY544G0q%2F1SW6LXt9etOTwgclRjgIXPIEem1quW540bATd2OMY5ByriCb%2BcuLxc%3D [2015-11-12 11:59:18,629] DEBUG {org.wso2.carbon.identity.sso.saml.validators.SAML2HTTPRedirectDeflateSignatureValidator} - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=nZPdjtMwEIVfJfJ9finQtZqsSqsVlRYIbZYL7ow7pUaOHTyTbvftcZIWsiuoKm49M2fOfDOe3R5rHRzAobImZ2mUsACMtFtlvufsoboLp%2By2mKGodcPnLe3NGn62gBT4OoO8D%2BSsdYZbgQq5ETUgJ8k38w%2F3PIsS3jhLVlrNgjkiOPKNFtZgW4PbgDsoCQ%2Fr%2B5ztiRoex9pKofcWiU%2BTaRqTEwfwb4qeImnreG9riH5gw4KlN6GMoN53V4zPqm8mk1dx5w7RsuDOOgm9%2FZzthEZgwWqZMz%2FsCkuBqA7wJ4DYwsogCUM5y5L0dZimYZpVyRuepTy7iaZvJ19ZUJ7meqfMQOsShG9DEvL3VVWG5adNxYIvZ%2Bo%2BgZ0Z993d9XTFmSkrXrCaxWPFQT9r%2BEcvsVqWViv5NGqTXb9Fre3jwoEgz4xcCz3eWtBlge5FbcNdn8qbbnYkMMSCTdl5%2BtwKrXYKXM4Gxyz%2B7fl0c7DtV%2Bivh%2BBI%2F2V%2BYetGOIUddjgKSSfwfKy80J7qGnajDlcv4WKa5LKT9s%2Fd0T1at%2B2OCKSfrHLCYGMdDWv7q59iiP0LSHHe%2BPifFr8A&SigAlg=http%3A%2F% 2Fwww.w3.org <http://2fwww.w3.org/>%2F2000%2F09%2Fxmldsig%23rsa-sha1 [2015-11-12 11:59:18,629] WARN {org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor} - Signature validation for Authentication Request failed. [2015-11-12 11:59:18,629] DEBUG {org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for Identity Provider LOCAL [2015-11-12 11:59:18,632] DEBUG {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} - Session Data removing Task is started to run [3] https://github.com/Shakila/Tiqr-IS-5.1.0/blob/master/tiqr-authenticator/org.wso2.carbon.identity.authenticator/src/main/java/org/wso2/carbon/identity/authenticator/TiqrAuthenticator.java Thank you -- Shakila Sivagnanarajah Associate Software Engineer Mobile :+94 (0) 770 760240 shak...@wso2.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev