Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

U2F authn failing #455

Closed
nynymike opened this issue Jan 20, 2017 · 4 comments
Closed

U2F authn failing #455

nynymike opened this issue Jan 20, 2017 · 4 comments
Assignees
@yurem
Labels
bug bug in code high priority resolution must be prioritized
Milestone
CE 3.0.0

Comments

@nynymike
Copy link
Contributor

image

2017-01-20 22:56:00,224 WARN  [pool-2-thread-1] [org.apache.http.client.protocol.ResponseProcessCookies] (ResponseProcessCookies.java:121) - Cookie rejected [JSESSIONID="1hd2anxvrbdci1ot5kphka9pl9", version:0, domain:goblin.gluu.info, path:/oxauth, expiry:null] Illegal path attribute "/oxauth". Path of origin: "/.well-known/fido-u2f-configuration"
2017-01-20 23:01:18,310 ERROR [qtp1100439041-16] [org.xdi.oxauth.service.external.ExternalAuthenticationService] (ExternalAuthenticationService.java:215) - null
org.python.core.PyException: null
        at org.python.core.Py.AttributeError(Py.java:205) ~[jython-2.7.0.jar:?]
        at org.python.core.PyType.noAttributeError(PyType.java:1883) ~[jython-2.7.0.jar:?]
        at org.python.core.PyObject.__getattr__(PyObject.java:1008) ~[jython-2.7.0.jar:?]
        at org.python.pycode._pyx0.prepareForStep$9(<iostream>:185) ~[?:?]
        at org.python.pycode._pyx0.call_function(<iostream>) ~[?:?]
        at org.python.core.PyTableCode.call(PyTableCode.java:167) ~[jython-2.7.0.jar:?]
        at org.python.core.PyBaseCode.call(PyBaseCode.java:307) ~[jython-2.7.0.jar:?]
        at org.python.core.PyBaseCode.call(PyBaseCode.java:198) ~[jython-2.7.0.jar:?]
        at org.python.core.PyFunction.__call__(PyFunction.java:482) ~[jython-2.7.0.jar:?]
        at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237) ~[jython-2.7.0.jar:?]
        at org.python.core.PyMethod.__call__(PyMethod.java:228) ~[jython-2.7.0.jar:?]
        at org.python.core.PyMethod.__call__(PyMethod.java:218) ~[jython-2.7.0.jar:?]
        at org.python.core.PyMethod.__call__(PyMethod.java:213) ~[jython-2.7.0.jar:?]
        at org.python.core.PyObject._jcallexc(PyObject.java:3626) ~[jython-2.7.0.jar:?]
        at org.python.core.PyObject._jcall(PyObject.java:3658) ~[jython-2.7.0.jar:?]
        at org.python.proxies.__builtin__$PersonAuthentication$0.prepareForStep(Unknown Source) ~[?:?]
        at org.xdi.oxauth.service.external.ExternalAuthenticationService.executeExternalPrepareForStep(ExternalAuthenticationService.java:213) [classes/:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112]
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.xdi.oxauth.service.external.ExternalAuthenticationService_$$_javassist_seam_22.executeExternalPrepareForStep(ExternalAuthenticationService_$$_javassist_seam_22.java) [classes/:?]
        at org.xdi.oxauth.auth.Authenticator.prepareAuthenticationForStep(Authenticator.java:493) [classes/:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112]
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
**        at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:79) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:196) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:114) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.xdi.oxauth.auth.Authenticator_$$_javassist_seam_43.prepareAuthenticationForStep(Authenticator_$$_javassist_seam_43.java) [classes/:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_112]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_112]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_112]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_112]
        at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
        at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
        at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
        at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
        at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
        at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:222) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.navigation.Page.preRender(Page.java:311) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.navigation.Pages.preRender(Pages.java:351) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.jsf.SeamPhaseListener.preRenderPage(SeamPhaseListener.java:565) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.jsf.SeamPhaseListener.beforeRenderResponse(SeamPhaseListener.java:476) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.jsf.SeamPhaseListener.beforeServletPhase(SeamPhaseListener.java:147) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:117) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at com.sun.faces.lifecycle.Phase.handleBeforePhase(Phase.java:228) [jsf-impl-2.1.28-jbossorg-1.jar:?]
        at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:99) [jsf-impl-2.1.28-jbossorg-1.jar:?]
        at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139) [jsf-impl-2.1.28-jbossorg-1.jar:?]
        at javax.faces.webapp.FacesServlet.service(FacesServlet.java:594) [jboss-jsf-api_2.1_spec-2.1.28.Final.jar:2.1.28.Final]
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:845) [jetty-servlet-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:584) [jetty-servlet-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:566) [jetty-security-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [jetty-servlet-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.Dispatcher.forward(Dispatcher.java:199) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.eclipse.jetty.server.Dispatcher.forward(Dispatcher.java:74) [jetty-server-9.3.15.v20161220.jar:9.3.15.v20161220]
        at org.jboss.seam.web.RewriteFilter.process(RewriteFilter.java:98) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:57) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
        at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
.
.
.
@nynymike nynymike added bug bug in code high priority resolution must be prioritized labels Jan 20, 2017
@nynymike nynymike added this to the CE 3.0.0 QA milestone Jan 20, 2017
@yurem yurem modified the milestones: CE 3.0.0, CE 3.0.0 QA Jan 22, 2017
yurem added a commit that referenced this issue Jan 23, 2017
@yurem
U2F authn failing #455
6d4d06d
@yurem
Copy link
Contributor

yurem commented Jan 23, 2017

Fixed

@yurem yurem closed this as completed Jan 23, 2017
@nynymike nynymike reopened this Jan 31, 2017
@nynymike
Copy link
Contributor Author

nynymike commented Jan 31, 2017
edited
Loading

Still getting this error...

2017-01-31 19:58:43,531 ERROR [pool-2-thread-1] [org.xdi.service.custom.script.CustomScriptManager] (CustomScriptManager.java:364) - Failed to initialize custom script: 'u2f'
org.jboss.resteasy.client.exception.ResteasyIOException: IOException
        at org.jboss.resteasy.client.exception.mapper.ApacheHttpClient4ExceptionMapper.mapIOException(ApacheHttpClient4ExceptionMapper.java:110) ~[resteasy-jaxrs-2.3.7.Final.jar:?]
        at ...
Caused by: java.net.ConnectException: Connection refused (Connection refused)
 refused (Connection refused)

But weridly, I think it worked the first time I enabled the script... it was after a restart that it failed.

@yurem
Copy link
Contributor

yurem commented Feb 1, 2017

After enabling it it works fine:

2017-02-01 17:37:39,995 TRACE [qtp1100439041-17] [oxauth.ws.rs.fido.u2f.U2fConfigurationWS] (U2fConfigurationWS.java:67) - FIDO U2F configuration: {
  "version" : "2.0",
  "issuer" : "https://u144.gluu.info",
  "registration_endpoint" : "https://u144.gluu.info/oxauth/seam/resource/restv1/fido/u2f/registration",
  "authentication_endpoint" : "https://u144.gluu.info/oxauth/seam/resource/restv1/fido/u2f/authentication"
}

Cheeking how it works after restart

@yurem
Copy link
Contributor

yurem commented Feb 1, 2017

Updated script to re-try OpenId configuration load at restart

@yurem yurem closed this as completed Feb 1, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yurem yurem

Labels
bug bug in code high priority resolution must be prioritized
Projects
None yet
Milestone
CE 3.0.0
Development

No branches or pull requests
2 participants
@nynymike @yurem