Hi Tharindu, On Mon, Apr 16, 2018 at 8:39 AM, Tharindu Edirisinghe <[email protected]> wrote:
> Hi Gayan, > > It seems the error is coming form the consent management feature. If you > don't require this feature, you can simply turn it off from the following > property in identity.xml file. > > <Consent> > <!--Specify whether consent management should be enable during > SSO.--> > <EnableSSOConsentManagement>*false*</EnableSSOConsentManagement> > </Consent> > > Alternatively you can turn off the following listener from identity.xml > file too for getting rid of the issue. > > <EventListener > type="org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" > name="org.wso2.carbon.identity.application.authentication.framework. > handler.request.impl.consent.ConsentMgtPostAuthnHandler" orderId="110" > *enable*="*false*" /> > > I could reproduce the same behavior and by setting any of the above > configs, I could avoid the error and successfully authenticate the SP app > (travelocity) with FB IDP. > Thanks for the explanation. I have already disabled consent management to get it work. I suppose globally disabling consent management feature or disabling the listener would not be a good solution. > > @IAM Team - If we keep using the consent management feature, do we need > any additional configuration? May be claim configuration to map the > particular user claims which should require obtaining user consent? > > Thanks, > TharinduE > > On Sat, Apr 14, 2018 at 9:28 PM, gayan gunawardana < > [email protected]> wrote: > >> Hi All, >> >> I have configured travelocity.com sample application as SAML inbound and >> Facebook as federated authenticator for IS-5.5.0. After adding Facebook >> credentials, got below UI. >> >> >> ​After enabling debug logs found below exception. Is there any further >> configuration I have to do to get it work ? >> >> [2018-04-14 20:25:49,655] ERROR {org.wso2.carbon.user.core.aut >> horization.JDBCAuthorizationManager} - Error occurred while accessing >> Java Security Manager Privilege Block >> [2018-04-14 20:25:49,658] ERROR {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.request.impl.DefaultRequestCoordinator} >> - Error occurred while evaluating post authentication >> org.wso2.carbon.identity.application.authentication.framewor >> k.exception.PostAuthenticationFailedException: Error occurred while >> retrieving consent data of user: [email protected] for service >> provider: CafeLebens-Sample in tenant domain: carbon.super. >> at org.wso2.carbon.identity.application.authentication.framewor >> k.handler.request.impl.consent.ConsentMgtPostAuthnHan >> dler.handlePreConsent(ConsentMgtPostAuthnHandler.java:201) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.handler.request.impl.consent.ConsentMgtPostAuthnHan >> dler.handle(ConsentMgtPostAuthnHandler.java:106) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.services.PostAuthenticationMgtService.executePostAuthnHand >> ler(PostAuthenticationMgtService.java:109) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.services.PostAuthenticationMgtService.handlePostAuthentica >> tion(PostAuthenticationMgtService.java:78) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.handler.request.impl.DefaultAuthenticationRequestHandler.h >> andlePostAuthentication(DefaultAuthenticationRequestHandler.java:165) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.handler.request.impl.DefaultAuthenticationRequestHandler. >> handle(DefaultAuthenticationRequestHandler.java:134) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.handler.request.impl.DefaultRequestCoordinator.handle(Defa >> ultRequestCoordinator.java:157) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.servlet.CommonAuthenticationServlet.doPost(CommonAuthentic >> ationServlet.java:53) >> at org.wso2.carbon.identity.application.authentication.framewor >> k.servlet.CommonAuthenticationServlet.doGet(CommonAuthentica >> tionServlet.java:43) >> >> Thanks, >> Gayan >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > Tharindu Edirisinghe > Senior Software Engineer | WSO2 Inc > Platform Security Team > Blog : http://tharindue.blogspot.com > mobile : +94 775181586 > -- Gayan
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
