Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-84540

Missing NameID format causes NullPointerException

    Details

      Description

      Reproduction steps:

      1. Set up an IdP and an SP
      2. Start up the SP in debug mode and add a breakpoint at line 242 in the DefaultUserResolver class
      3. On the SP, click on Sign In in the top right corner and log in
      4. As you can see in Eclipse the value of format is emailAddress (if you selected that for the Name Identifier Format)
      5. Manually change it to null

      Experienced behavior: The following exception is thrown:

      2018-08-16 13:35:42.492 ERROR [http-nio-7070-exec-5][BaseSamlStrutsAction:54] com.liferay.saml.runtime.SamlException: java.lang.NullPointerException
      com.liferay.saml.runtime.SamlException: java.lang.NullPointerException
              at com.liferay.saml.opensaml.integration.internal.profile.ExceptionHandlerUtil.handleException(ExceptionHandlerUtil.java:34)
              at com.liferay.saml.opensaml.integration.internal.profile.WebSsoProfileImpl.processResponse(WebSsoProfileImpl.java:172)
              at com.liferay.saml.web.internal.portlet.action.AssertionConsumerServiceAction.doExecute(AssertionConsumerServiceAction.java:59)
              at com.liferay.saml.web.internal.portlet.action.BaseSamlStrutsAction.execute(BaseSamlStrutsAction.java:51)
              at com.liferay.portal.kernel.struts.BaseStrutsAction.execute(BaseStrutsAction.java:39)
              at com.liferay.portal.struts.ActionAdapter.execute(ActionAdapter.java:50)
              at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
              at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
              at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:170)
              at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
              at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
              at com.liferay.portal.servlet.MainServlet.callParentService(MainServlet.java:608)
              at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:585)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
              at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:119)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.frontend.compatibility.ie.servlet.filter.IEMimeTypeCompatibilityFilter.processFilter(IEMimeTypeCompatibilityFilter.java:48)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.servlet.filters.uploadservletrequest.UploadServletRequestFilter.processFilter(UploadServletRequestFilter.java:93)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.servlet.filters.strip.StripFilter.processFilter(StripFilter.java:343)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.servlet.filters.secure.BaseAuthFilter.processFilter(BaseAuthFilter.java:340)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.servlet.filters.jsoncontenttype.JSONContentTypeFilter.processFilter(JSONContentTypeFilter.java:42)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:88)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:263)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)
              at com.liferay.portal.monitoring.internal.servlet.filter.MonitoringFilter.processFilter(MonitoringFilter.java:181)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
              at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)
              at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)
              at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)
              at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:394)
              at com.liferay.portal.servlet.filters.urlrewrite.UrlRewriteFilter.processFilter(UrlRewriteFilter.java:65)
              at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)
              at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilter.doFilter(InvokerFilter.java:100)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
              at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
              at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095)
              at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
              at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
              at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
              at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
              at java.lang.Thread.run(Thread.java:748)
      Caused by: java.lang.NullPointerException
              at com.liferay.saml.opensaml.integration.internal.resolver.DefaultUserResolver.getSubjectNameIdentifierType(DefaultUserResolver.java:242)
              at com.liferay.saml.opensaml.integration.internal.resolver.DefaultUserResolver.resolveUser(DefaultUserResolver.java:91)
              at com.liferay.saml.opensaml.integration.internal.profile.WebSsoProfileImpl.doProcessResponse(WebSsoProfileImpl.java:629)
              at com.liferay.saml.opensaml.integration.internal.profile.WebSsoProfileImpl.processResponse(WebSsoProfileImpl.java:169)
              ... 96 more

      Expected behavior: The NullPointerException shouldn't be thrown

      Please see the getSubjectNameIdentifierType method in the DefaultUserResolver class

      	protected String getSubjectNameIdentifierType(
      		UserResolverSAMLContext userResolverSAMLContext) {
      
      		String format = userResolverSAMLContext.resolveSubjectNameFormat();
      
      		if (format.equals(NameIDType.EMAIL)) {
      			return _SUBJECT_NAME_TYPE_EMAIL_ADDRESS;
      		}
      
      		return _SUBJECT_NAME_TYPE_SCREENNAME;
      	}

      The NullPointerException is thrown because the format is null which according to the SAML 2.0 specification is an optional attribute of the nameID element

      Maybe we can try to modify the if statement the following way:

      if (NameIDType.EMAIL.equals(format)) {
      			return _SUBJECT_NAME_TYPE_EMAIL_ADDRESS;
      		}
      
      		return _SUBJECT_NAME_TYPE_SCREENNAME;
      	}

      After checking the DefaultUserResolver class on master I believe the same issue occurs there.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  1 year, 2 weeks, 4 days ago

                  Packages

                  Version Package
                  7.0.X
                  7.1.X
                  Master