Idp throws 500 error on single sign on with couchbase backend on 4.3.0

Question

Idp throws 500 error on single sign on with couchbase backend on 4.3.0

Closed this issue 3 years ago · 2 comments

MohitMaliFtechiz commented 3 years ago

Describe the issue

Idp throws 500 error on single sign on

How to reproduce

go to admin console
go to saml -> add new trust relationship
test trust relationship with samltest.id or any sp

Expected behaviour

Sso needs to be completed

Actual behaviour

Gets 500 error on sign on

System

Gluu-version:-4.3.0 + couchbase
OS :- Ubuntu20.04

error on log

2021-07-13 07:22:37,392 -  - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver:592] - Metadata Resolver FileBackedHTTPMetadataResolver SiteSP1: New metadata successfully loaded for 'https://samltest.id/saml/sp'
2021-07-13 07:22:37,394 -  - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver:397] - Metadata Resolver FileBackedHTTPMetadataResolver SiteSP1: Next refresh cycle for metadata provider 'https://samltest.id/saml/sp' will occur on '2021-07-13T13:22:36.186619Z' ('2021-07-13T13:22:36.186619Z[Etc/UTC]' local time)
2021-07-13 07:26:44,793 - 10.179.235.1 - WARN [DEPRECATED:125] - Java class method 'requestContext.getPrincipalName()': This will be removed in the next major version of this software; replacement is resolutionContext.getPrincipal()
2021-07-13 07:26:44,877 - 10.179.235.1 - ERROR [net.shibboleth.idp.profile.impl.ResolveAttributes:293] - Profile Action ResolveAttributes: Error resolving attributes
net.shibboleth.idp.attribute.resolver.ResolutionException: Data Connector 'siteDataConnector': Unable to execute SQL query
        at net.shibboleth.idp.attribute.resolver.dc.rdbms.impl.RDBMSDataConnector.retrieveAttributes(RDBMSDataConnector.java:154)
Caused by: java.sql.SQLException: User does not have credentials to run SELECT queries on the gluu_user bucket. Add role query_select on gluu_user to allow the query to run.
        at com.couchbase.jdbc.core.ProtocolImpl.fillSQLException(ProtocolImpl.java:623)
2021-07-13 07:26:45,159 - 10.179.235.1 - INFO [org.gluu.idp.consent.processor.GluuReleaseAttributesPostProcessor:65] - Executing external IDP script
2021-07-13 07:26:45,171 - 10.179.235.1 - ERROR [net.shibboleth.idp.profile.interceptor:-2] - Uncaught runtime exception
java.lang.NullPointerException: null
        at org.gluu.idp.consent.processor.GluuReleaseAttributesPostProcessor.doExecute(GluuReleaseAttributesPostProcessor.java:69)
2021-07-13 07:26:45,189 - 10.179.235.1 - WARN [org.opensaml.profile.action.impl.LogEvent:101] - A non-proceed event occurred while processing the request: RuntimeException

Answer 1 · 2021-12-07T14:48:48.000Z

I reproduced the issue.
The missing item in the issue description is the mention that this is a local Couchbase installation.
This isn't a bug per se.
When Gluu is installed with a local couchbase installation , you have to explicitly create the couchbase user,
You can find instructions for that once the installation is done. (Will update the documentation to make it explicit).

This is shown in the screenshot above.
That should solve the issue

Answer 2 · 2021-12-08T10:32:26.000Z

@uprightech ok i have implemented the fix as you said saml sso working fine we can close this issue .