Skip to Main Content
Forums

Identity & Platform

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

OAM 11.1.2.3.0 as IdP is failing with java.lang.NullPoniterException at oracle.security.fed.util.common.Base64.fromBase64

user10635085Jun 25 2024

Hi,

We are using OAM 11.1.2.3.0 with OIF, an IdP has been configured with SAML 2.0 metadata retrieve from Configuration - Federation Settings, the SSO test page (oamfed/user/testspsso) was enabled, and everything works as expected, a response is getting shown in SSO test page.

Even though the SSO test page is working, externals SP (Spring boot module, or Adobe Pass Authentication) are failing, trying to view a secured resource is getting redirected to OAM SSO login page, credentials are provided, and login form is submitted, but after that, the following error is shown in OAM SSO login page “System error. Please re-try your action. If you continue to get this error, please contact the Administrator”, and the error that appears in oam servers is:

If a request to SSO test page is submitted first, and in the same browser in different tab, we try to access an SP protected resource, the authentication flow completes without any error, it seems that all cookies and information that the request to SSO test page seeds let that all authentication flow ends as expected.

java.lang.NullPointerException: null
at oracle.security.fed.util.common.Base64.fromBase64(Base64.java:210) ~[sts-common.jar:na]
at oracle.security.fed.frontend.fed.translator.saml.SAMLProtocolMessageTranslator.translateMessage(SAMLProtocolMessageTranslator.java:107) ~[fed.jar:na]
at oracle.security.fed.frontend.fed.requesthandler.profiles.idp.SAMLV20RequestHandler.parseProtocolMessage(SAMLV20RequestHandler.java:50) ~[fed.jar:na]
at oracle.security.fed.controller.web.action.EventFactoryRequestHandlerSupport.generateEvent(EventFactoryRequestHandlerSupport.java:31) ~[fed.jar:na]
at oracle.security.fed.frontend.fed.requesthandler.profiles.idp.SAMLV20RequestHandler.perform(SAMLV20RequestHandler.java:59) ~[fed.jar:na]
at oracle.security.fed.controller.web.servlet.FederationServlet.processServletRequest(FederationServlet.java:386) [fed.jar:na]
at oracle.security.fed.controller.web.servlet.FederationServlet.doGet(FederationServlet.java:194) [fed.jar:na]
at oracle.security.fed.controller.web.servlet.FederationServlet.doPost(FederationServlet.java:133) [fed.jar:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) [javax.servlet_1.0.0.0_2-5.jar:2.5]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) [javax.servlet_1.0.0.0_2-5.jar:2.5]
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) [weblogic.jar:10.3.6.0]
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) [weblogic.jar:10.3.6.0]
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301) [weblogic.jar:10.3.6.0]
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) [weblogic.jar:10.3.6.0]
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60) [BUG30109677_10360191015.jar:10.3.6.0]
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:138) [jps-ee.jar:na]
at java.security.AccessController.doPrivileged(Native Method) [na:1.7.0_241]
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324) [jps-api.jar:na]
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:464) [jps-ee.jar:na]
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:121) [jps-ee.jar:na]
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:211) [jps-ee.jar:na]
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71) [jps-ee.jar:na]
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60) [BUG30109677_10360191015.jar:10.3.6.0]
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163) [dms.jar:ADMINSERVER_11.1.1.9.0_GENERIC_150218.0045]
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60) [BUG30109677_10360191015.jar:10.3.6.0]
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3748) [BUG30109677_10360191015.jar:10.3.6.0]
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3714) [BUG30109677_10360191015.jar:10.3.6.0]
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) [com.bea.core.weblogic.security.identity_1.2.0.0.jar:1.2.0.0]
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120) [com.bea.core.weblogic.security.wls_1.0.0.0_6-2-0-0.jar:6.2.0.0]
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2283) [BUG30109677_10360191015.jar:10.3.6.0]
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2182) [BUG30109677_10360191015.jar:10.3.6.0]
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1499) [BUG30109677_10360191015.jar:10.3.6.0].

Any help here would be really appreciated.

Thanks,
Comments
Post Details
Added on Jun 25 2024
#oam, #oif
0 comments
443 views