Exception while testing the openam from adfs network

Question

We had made all the necessary changes for the openam and adfs setup and used this link : https://wikis.forgerock.org/confluence/display/openam/OpenAM+and+ADFS2+configuration as our reference , but when we are testing our setup from the adfs network we are getting the following exception :

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: AMSetupFilter.doFilter com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:117) root cause

org.apache.jasper.JasperException: An exception occurred processing JSP page /saml2/jsp/spAssertionConsumer.jsp at line 158

155: se.getMessage()); 156: return; 157: } 158: respInfo = SPACSUtils.getResponse( 159: request, response, orgName, hostEntityId, metaManager); 160: 161: String ecpRelayState = respInfo.getRelayState();

Stacktrace: org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:524) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:417) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:91) root cause

javax.servlet.ServletException: com.sun.identity.saml2.common.SAML2Exception: java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:850) org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:779) org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp.java:360) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:91) root cause

com.sun.identity.saml2.common.SAML2Exception: java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed com.sun.identity.saml2.profile.SPACSUtils.getResponseFromArtifact(SPACSUtils.java:417) com.sun.identity.saml2.profile.SPACSUtils.getResponseFromGet(SPACSUtils.java:282) com.sun.identity.saml2.profile.SPACSUtils.getResponse(SPACSUtils.java:174) org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp.java:183) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:91) note The full stack trace of the root cause is available in the Apache Tomcat/6.0.14 logs.

Please can anyone help me with this exception and tell me what is its error in the setup and the possible solution to solve this problem.

Thanks in advance,

Answer 1

OpenAM is unable to send a SOAP message to the ADFS endpoint most likely because the JVM truststores are incorrectly set up. If you are not using HTTPS at ADFS, then probably some network component is blocking the traffic from OpenAM to ADFS. Check Federation debug log for further details.