Hi all,
I create an authenticated user like [1]. For my case, I don't have any
claims.
I enabled the debug mode log and get the following log. And you can find
the authenticator code in [3]. There is no entry/association for this user
id. Is this caused due to that? Can anyone guide me to resolve this?
[1] AuthenticatedUser authenticatedUser =
AuthenticatedUser.createFederateAuthenticatedUserFromSubjectIdentifier(authenticatedUserId);
Here I used the tiqr user id as the authenticatedUserId.
[2] log:
[2015-11-12 11:52:03,161] DEBUG
{org.wso2.carbon.identity.authenticator.TiqrAuthenticator} -
Authentication pending...
[2015-11-12 11:52:04,175] DEBUG
{org.wso2.carbon.identity.authenticator.TiqrAuthenticator} - Successfully
authenticated the user associated with the User ID:shaki2
[2015-11-12 11:52:24,269] DEBUG
{org.wso2.carbon.identity.authenticator.TiqrAuthenticator} - The
authenticated subject identifier :shaki2
[2015-11-12 11:52:35,072] INFO
{org.wso2.carbon.identity.authenticator.TiqrAuthenticator} -
authentication success
[2015-11-12 11:52:43,128] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- Tiqr returned: SUCCESS_COMPLETED
[2015-11-12 11:53:41,323] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Step 2 is completed. Going to get the next one.
[2015-11-12 11:53:41,323] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- There are no more steps to execute
[2015-11-12 11:53:41,323] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Request is successfully authenticated
[2015-11-12 11:53:41,324] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Handling Post Authentication tasks
[2015-11-12 11:53:41,324] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Authenticated User: admin
[2015-11-12 11:53:41,324] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Authenticated User Tenant Domain: carbon.super
[2015-11-12 11:53:41,324] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler}
- Executing claim handler. isFederatedClaims = false and remote claims = []
[2015-11-12 11:53:41,324] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching
for user admin
[2015-11-12 11:53:41,325] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - value
after escaping special characters in admin : admin
[2015-11-12 11:53:41,328] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching
for user with SearchFilter: (&(objectClass=person)(uid=admin)) in
SearchBase:
[2015-11-12 11:53:41,330] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Name in
space for admin is uid=admin,ou=Users,dc=WSO2,dc=ORG
[2015-11-12 11:53:41,331] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - User:
admin exist: true
[2015-11-12 11:53:41,335] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching
for user with SearchFilter: (&(objectClass=person)(uid=admin)) in
SearchBase:
[2015-11-12 11:53:41,335] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :uid
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :dateOfBirth
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :streetAddress
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :region
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :postalcode
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :localityName
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :organizationName
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :otherPhone
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :givenName
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :stateOrProvinceName
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :title
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :accountLock
[2015-11-12 11:53:41,336] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :nickName
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :gender
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :role
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :unlockTime
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :oneTimePassword
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :mail
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :sn
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :im
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :url
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :country
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :cn
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :failedLoginAttempts
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :telephoneNumber
[2015-11-12 11:53:41,337] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :displayName
[2015-11-12 11:53:41,338] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting
attribute :mobile
[2015-11-12 11:53:41,342] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler}
- Returning claims from claim handler = []
[2015-11-12 11:53:41,342] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler}
- UNFILTERED_IDP_CLAIM_VALUES map property set to []
[2015-11-12 11:53:41,342] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler}
- UNFILTERED_LOCAL_CLAIM_VALUES map property set to [
http://wso2.org/claims/username:admin,http://wso2.org/claims/lastname:admin,http://wso2.org/claims/role:Application/tiqrSP,admin,Internal/everyone,http://wso2.org/claims/emailaddress:ad...@wso2.com,http://wso2.org/claims/fullname:admin,http://wso2.org/claims/givenname:admin,
]
[2015-11-12 11:53:41,343] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimHandler}
- UNFILTERED_SP_CLAIM_VALUES map property set to [
http://wso2.org/claims/username:admin,http://wso2.org/claims/lastname:admin,http://wso2.org/claims/role:Application/tiqrSP,admin,Internal/everyone,http://wso2.org/claims/emailaddress:ad...@wso2.com,http://wso2.org/claims/fullname:admin,http://wso2.org/claims/givenname:admin,
]
[2015-11-12 11:53:41,343] DEBUG
{org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil}
- JWT Header :{"typ":"JWT", "alg":"none"}
[2015-11-12 11:53:41,343] DEBUG
{org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil}
- JWT Body
:{"iss":"wso2","exp":14473094213433000,"iat":1447309421343,"idps":[{"idp":"LOCAL","authenticator":"BasicAuthenticator"},{"idp":"tiqrIDP","authenticator":"Tiqr"}]}
[2015-11-12 11:53:41,343] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade}
- Trying to find the IdP for name: tiqrIDP
[2015-11-12 11:53:41,343] DEBUG
{org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for
Identity Provider tiqrIDP
[2015-11-12 11:53:41,343] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade}
- A registered IdP was found
[2015-11-12 11:58:35,886] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Step processing is completed
[2015-11-12 11:58:46,557] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler}
- Concluding the Authentication Flow
[2015-11-12 11:58:47,382] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCache}
- Session corresponding to the key : e6d25273-f55b-459a-8df5-f6eebad701e4
cannot be found.
[2015-11-12 11:58:47,384] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask}
- Session Data persisting Task is started to run
[2015-11-12 11:58:47,386] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask}
- Session Data persisting Task is started to run
[2015-11-12 11:58:47,386] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler}
- Sending response back to: /samlsso..._commonAuthAuthenticated:
true_authenticatedUser: admin@carbon.super_authenticatedIdPs:
eyJ0eXAiOiJKV1QiLCAiYWxnIjoibm9uZSJ9.eyJpc3MiOiJ3c28yIiwiZXhwIjoxNDQ3MzA5NDIxMzQzMzAwMCwiaWF0IjoxNDQ3MzA5NDIxMzQzLCJpZHBzIjpbeyJpZHAiOiJMT0NBTCIsImF1dGhlbnRpY2F0b3IiOiJCYXNpY0F1dGhlbnRpY2F0b3IifSx7ImlkcCI6InRpcXJJRFAiLCJhdXRoZW50aWNhdG9yIjoiVGlxciJ9XX0=._sessionDataKey:
20573828-9b56-4b36-a103-5ca16aa767ca (Sanitized)
[2015-11-12 11:59:18,620] DEBUG
{org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Query
string : sessionDataKey=20573828-9b56-4b36-a103-5ca16aa767ca
[2015-11-12 11:59:18,626] DEBUG
{org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for
Identity Provider LOCAL
[2015-11-12 11:59:18,626] DEBUG
{org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} - Validating SAML
Request signature
[2015-11-12 11:59:18,626] DEBUG
{org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} - Request message
<?xml version="1.0" encoding="UTF-8"?><samlp:AuthnRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
AssertionConsumerServiceURL="http://localhost:8081/travelocity.com/home.jsp";
Destination="https://localhost:9443/samlsso"; ForceAuthn="false" ID="0"
IsPassive="false" IssueInstant="2015-11-12T06:21:29.874Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Version="2.0"><samlp:Issuer
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion">travelocity.com</samlp:Issuer><saml2p:NameIDPolicy
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AllowCreate="true"
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
SPNameQualifier="Issuer"/><saml2p:RequestedAuthnContext
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
Comparison="exact"><saml:AuthnContextClassRef
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml2p:RequestedAuthnContext></samlp:AuthnRequest>
Listening for transport dt_socket at address: 5005
[2015-11-12 11:59:18,628] DEBUG
{org.wso2.carbon.identity.sso.saml.validators.SAML2HTTPRedirectDeflateSignatureValidator}
- Constructing signed content string from URL query string
SAMLRequest=nZPdjtMwEIVfJfJ9finQtZqsSqsVlRYIbZYL7ow7pUaOHTyTbvftcZIWsiuoKm49M2fOfDOe3R5rHRzAobImZ2mUsACMtFtlvufsoboLp%2By2mKGodcPnLe3NGn62gBT4OoO8D%2BSsdYZbgQq5ETUgJ8k38w%2F3PIsS3jhLVlrNgjkiOPKNFtZgW4PbgDsoCQ%2Fr%2B5ztiRoex9pKofcWiU%2BTaRqTEwfwb4qeImnreG9riH5gw4KlN6GMoN53V4zPqm8mk1dx5w7RsuDOOgm9%2FZzthEZgwWqZMz%2FsCkuBqA7wJ4DYwsogCUM5y5L0dZimYZpVyRuepTy7iaZvJ19ZUJ7meqfMQOsShG9DEvL3VVWG5adNxYIvZ%2Bo%2BgZ0Z993d9XTFmSkrXrCaxWPFQT9r%2BEcvsVqWViv5NGqTXb9Fre3jwoEgz4xcCz3eWtBlge5FbcNdn8qbbnYkMMSCTdl5%2BtwKrXYKXM4Gxyz%2B7fl0c7DtV%2Bivh%2BBI%2F2V%2BYetGOIUddjgKSSfwfKy80J7qGnajDlcv4WKa5LKT9s%2Fd0T1at%2B2OCKSfrHLCYGMdDWv7q59iiP0LSHHe%2BPifFr8A&SigAlg=http%3A%2F%
2Fwww.w3.org <http://2fwww.w3.org/>
%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=JMPW1S0htJoQwxh582adlXcCcZqgJ7Y5Jyom0PandpRy5XT1Ni8IMNts67zAt%2FZJlnweOxmNrXsxJ5fOhkxMvEHXaSSbEgwN0N%2Bxd0B%2BoD7tmY544G0q%2F1SW6LXt9etOTwgclRjgIXPIEem1quW540bATd2OMY5ByriCb%2BcuLxc%3D
[2015-11-12 11:59:18,629] DEBUG
{org.wso2.carbon.identity.sso.saml.validators.SAML2HTTPRedirectDeflateSignatureValidator}
- Constructed signed content string for HTTP-Redirect DEFLATE
SAMLRequest=nZPdjtMwEIVfJfJ9finQtZqsSqsVlRYIbZYL7ow7pUaOHTyTbvftcZIWsiuoKm49M2fOfDOe3R5rHRzAobImZ2mUsACMtFtlvufsoboLp%2By2mKGodcPnLe3NGn62gBT4OoO8D%2BSsdYZbgQq5ETUgJ8k38w%2F3PIsS3jhLVlrNgjkiOPKNFtZgW4PbgDsoCQ%2Fr%2B5ztiRoex9pKofcWiU%2BTaRqTEwfwb4qeImnreG9riH5gw4KlN6GMoN53V4zPqm8mk1dx5w7RsuDOOgm9%2FZzthEZgwWqZMz%2FsCkuBqA7wJ4DYwsogCUM5y5L0dZimYZpVyRuepTy7iaZvJ19ZUJ7meqfMQOsShG9DEvL3VVWG5adNxYIvZ%2Bo%2BgZ0Z993d9XTFmSkrXrCaxWPFQT9r%2BEcvsVqWViv5NGqTXb9Fre3jwoEgz4xcCz3eWtBlge5FbcNdn8qbbnYkMMSCTdl5%2BtwKrXYKXM4Gxyz%2B7fl0c7DtV%2Bivh%2BBI%2F2V%2BYetGOIUddjgKSSfwfKy80J7qGnajDlcv4WKa5LKT9s%2Fd0T1at%2B2OCKSfrHLCYGMdDWv7q59iiP0LSHHe%2BPifFr8A&SigAlg=http%3A%2F%
2Fwww.w3.org <http://2fwww.w3.org/>%2F2000%2F09%2Fxmldsig%23rsa-sha1
[2015-11-12 11:59:18,629] WARN
{org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor}
- Signature validation for Authentication Request failed.
[2015-11-12 11:59:18,629] DEBUG
{org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for
Identity Provider LOCAL
[2015-11-12 11:59:18,632] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask}
- Session Data removing Task is started to run
[3]
https://github.com/Shakila/Tiqr-IS-5.1.0/blob/master/tiqr-authenticator/org.wso2.carbon.identity.authenticator/src/main/java/org/wso2/carbon/identity/authenticator/TiqrAuthenticator.java
Thank you
--
Shakila Sivagnanarajah
Associate Software Engineer
Mobile :+94 (0) 770 760240
shak...@wso2.com
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
