Highlighted

com.adobe.granite.auth.saml.SamlAuthenticationHandler SAML error with reason: user_sync_failed detected

saibul

30-10-2019

Server: AEM-6.5.1 SP-6.5.1

OS: RHEL7

Oak: 1.10.2

We use SAML for authentication, this server is migrated from AEM 6.3 to 6.5 a month back.

The users were able to log in but recently a couple of users not able to log in and the "SamlAuthenticationHandler" error is captured in the error.log.

I have attached the log.

Replies

Highlighted

saibul

30-10-2019

Following is the log from error.log::

30.10.2019 01:25:24.837 *INFO* [qtp748111386-420442] com.adobe.granite.auth.saml.SamlAuthenticationHandler SAML error with reason: user_sync_failed detected, redirect user to: /libs/granite/core/content/login.error.html?j_reason=user_sync_failed

30.10.2019 01:25:24.837 *ERROR* [qtp748111386-420442] org.apache.sling.auth.core.impl.SlingAuthenticator doLogin: Cannot login: Response already committed

30.10.2019 01:25:26.775 *INFO* [10.20.42.43 [1572398726774] POST /bin/receive HTTP/1.1] com.day.cq.replication.impl.servlets.ReplicationServlet Processed replication action in 0ms: TEST of /content

30.10.2019 01:25:41.799 *INFO* [qtp748111386-420467] org.apache.sling.auth.core.impl.SlingAuthenticator getAnonymousResolver: Anonymous access not allowed by configuration - requesting credentials

30.10.2019 01:25:41.801 *WARN* [qtp748111386-420467] org.apache.sling.auth.core.AuthUtil isRedirectValid: Redirect target must not be empty or null

30.10.2019 01:25:42.217 *INFO* [sling-default-5-health-org.apache.sling.discovery.oak.SynchronizedClocksHealthCheck] org.apache.sling.discovery.oak.SynchronizedClocksHealthCheck execute: no topology connectors connected to local instance.

30.10.2019 01:25:48.755 *INFO* [qtp748111386-420467] com.adobe.granite.security.user.internal.audit.AuditGroupAction User 'wun1' was added to the group 'UG-NA-AEM-Member-Role'

30.10.2019 01:25:48.771 *INFO* [sling-oak-observation-9] com.adobe.cq.social.sync.impl.PublisherSyncServiceImpl Handing these paths to the distribution subsystem: [/home/users/M/MhG_r1SwB8knUp_Nqpgi]

30.10.2019 01:25:48.771 *INFO* [sling-oak-observation-9] com.adobe.cq.social.sync.impl.PublisherSyncServiceImpl Could not distribute the requested paths: [/home/users/M/MhG_r1SwB8knUp_Nqpgi] Error was: Agent is not available

30.10.2019 01:25:48.773 *ERROR* [qtp748111386-420467] com.adobe.granite.auth.saml.extidp.DefaultUserSync User synchronization failed: Could not access repository.

javax.jcr.RepositoryException: Failed to generate login-token: Could not access Repository

        at com.day.crx.security.token.TokenUtil.createCredentials(TokenUtil.java:103) [com.day.crx.sling.crx-auth-token:2.5.42]

        at com.adobe.granite.auth.saml.extidp.DefaultUserSync.process(DefaultUserSync.java:108) [com.adobe.granite.auth.saml:1.0.24.CQ650-B0004]

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.syncUser(SamlAuthenticationHandler. java:860) [com.adobe.granite.auth.saml:1.0.24.CQ650-B0004]

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.handleLogin(SamlAuthenticationHandl er.java:852) [com.adobe.granite.auth.saml:1.0.24.CQ650-B0004]

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.extractCredentials(SamlAuthenticati onHandler.java:499) [com.adobe.granite.auth.saml:1.0.24.CQ650-B0004]

        at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(Authenti cationHandlerHolder.java:76) [org.apache.sling.auth.core:1.4.2]

        at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(Ab stractAuthenticationHandlerHolder.java:60) [org.apache.sling.auth.core:1.4.2]

        at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticat or.java:735) [org.apache.sling.auth.core:1.4.2]

        at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.ja va:483) [org.apache.sling.auth.core:1.4.2]

  

        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection .java:220) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.server.Server.handle(Server.java:502) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:370) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:267) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:30 5) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExe cutor.java:366) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765) [org.apache.felix.http.jetty:4.0.8]

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683) [org.apache.felix.http.jetty:4.0.8]

        at java.lang.Thread.run(Thread.java:748)

Caused by: javax.jcr.LoginException: java.lang.UnsupportedOperationException

        at java.util.AbstractCollection.add(AbstractCollection.java:262)

        at org.apache.jackrabbit.oak.security.user.UserPrincipalProvider.getGroupMembership(UserPrin cipalProvider.java:267)

        at org.apache.jackrabbit.oak.security.user.UserPrincipalProvider.getMembershipPrincipals(Use rPrincipalProvider.java:124)

        at org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule.getPrincipals(A bstractLoginModule.java:498)

        at org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl.commit(LoginModule Impl.java:166)

        at org.apache.felix.jaas.boot.ProxyLoginModule.commit(ProxyLoginModule.java:57)

        at sun.reflect.GeneratedMethodAccessor3067.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)

        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)

        at javax.security.auth.login.LoginContext.login(LoginContext.java:588)

        at org.apache.jackrabbit.oak.core.ContentRepositoryImpl.login(ContentRepositoryImpl.java:163 )

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:282)

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:225)

        at org.apache.jackrabbit.oak.jcr.session.SessionImpl.impersonate(SessionImpl.java:275)

        at com.adobe.granite.repository.impl.CRX3SessionImpl.impersonate(CRX3SessionImpl.java:149)

        at com.day.crx.security.token.TokenUtil.createCredentials(TokenUtil.java:90)

        at com.adobe.granite.auth.saml.extidp.DefaultUserSync.process(DefaultUserSync.java:108)

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.syncUser(SamlAuthenticationHandler. java:860)

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.handleLogin(SamlAuthenticationHandl er.java:852)

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.extractCredentials(SamlAuthenticati onHandler.java:499)

        at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(Authenti cationHandlerHolder.java:76)

        at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(Ab stractAuthenticationHandlerHolder.java:60)

        at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticat or.java:735)

        at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.ja va:483)

        at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java :460)

        at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:131)

        at org.apache.felix.http.base.internal.whiteboard.PerBundleServletContextImpl.handleSecurity (PerBundleServletContextImpl.java:82)

        at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.jav a:58)

        at org.apache.felix.http.base.internal.dispatch.Dispatcher$1.doFilter(Dispatcher.java:146)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardMan ager.java:1002)

        at org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:326)

        at org.apache.felix.http.base.internal.handler.PreprocessorHandler.handle(PreprocessorHandle r.java:136)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardMan ager.java:1008)

        at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:97)

        at org.apache.felix.http.base.internal.handler.PreprocessorHandler.handle(PreprocessorHandle r.java:136)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardMan ager.java:1008)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager.invokePreprocessors(Whit eboardManager.java:1012)

        at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:91)

        at org.apache.felix.http.base.internal.dispatch.DispatcherServlet.service(DispatcherServlet. java:49)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)

        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:873)

        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:542)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1701)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1345)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:480)

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1668)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1247)

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)

        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection .java:220)

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)

        at org.eclipse.jetty.server.Server.handle(Server.java:502)

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:370)

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:267)

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:30 5)

        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)

        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)

        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExe cutor.java:366)

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765)

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683)

        at java.lang.Thread.run(Thread.java:748)

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:290) [org.apache.jackrabbit.oak-jcr:1.10.2]

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:225) [org.apache.jackrabbit.oak-jcr:1.10.2]

        at org.apache.jackrabbit.oak.jcr.session.SessionImpl.impersonate(SessionImpl.java:275) [org.apache.jackrabbit.oak-jcr:1.10.2]

        at com.adobe.granite.repository.impl.CRX3SessionImpl.impersonate(CRX3SessionImpl.java:149) [com.adobe.granite.repository:1.6.28]

        at com.day.crx.security.token.TokenUtil.createCredentials(TokenUtil.java:90) [com.day.crx.sling.crx-auth-token:2.5.42]

        ... 52 common frames omitted

Caused by: javax.security.auth.login.LoginException: java.lang.UnsupportedOperationException

        at java.util.AbstractCollection.add(AbstractCollection.java:262)

        at org.apache.jackrabbit.oak.security.user.UserPrincipalProvider.getGroupMembership(UserPrin cipalProvider.java:267)

        at org.apache.jackrabbit.oak.security.user.UserPrincipalProvider.getMembershipPrincipals(Use rPrincipalProvider.java:124)

        at org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule.getPrincipals(A bstractLoginModule.java:498)

        at org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl.commit(LoginModule Impl.java:166)

        at org.apache.felix.jaas.boot.ProxyLoginModule.commit(ProxyLoginModule.java:57)

        at sun.reflect.GeneratedMethodAccessor3067.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)

        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)

        at javax.security.auth.login.LoginContext.login(LoginContext.java:588)

        at org.apache.jackrabbit.oak.core.ContentRepositoryImpl.login(ContentRepositoryImpl.java:163 )

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:282)

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:225)

        at org.apache.jackrabbit.oak.jcr.session.SessionImpl.impersonate(SessionImpl.java:275)

        at com.adobe.granite.repository.impl.CRX3SessionImpl.impersonate(CRX3SessionImpl.java:149)

        at com.day.crx.security.token.TokenUtil.createCredentials(TokenUtil.java:90)

        at com.adobe.granite.auth.saml.extidp.DefaultUserSync.process(DefaultUserSync.java:108)

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.syncUser(SamlAuthenticationHandler. java:860)

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.handleLogin(SamlAuthenticationHandl er.java:852)

        at com.adobe.granite.auth.saml.SamlAuthenticationHandler.extractCredentials(SamlAuthenticati onHandler.java:499)

        at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(Authenti cationHandlerHolder.java:76)

        at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(Ab stractAuthenticationHandlerHolder.java:60)

        at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticat or.java:735)

        at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.ja va:483)

        at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java :460)

        at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:131)

        at org.apache.felix.http.base.internal.whiteboard.PerBundleServletContextImpl.handleSecurity (PerBundleServletContextImpl.java:82)

        at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.jav a:58)

        at org.apache.felix.http.base.internal.dispatch.Dispatcher$1.doFilter(Dispatcher.java:146)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardMan ager.java:1002)

        at org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:326)

        at org.apache.felix.http.base.internal.handler.PreprocessorHandler.handle(PreprocessorHandle r.java:136)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardMan ager.java:1008)

        at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:97)

        at org.apache.felix.http.base.internal.handler.PreprocessorHandler.handle(PreprocessorHandle r.java:136)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardMan ager.java:1008)

        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager.invokePreprocessors(Whit eboardManager.java:1012)

        at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:91)

        at org.apache.felix.http.base.internal.dispatch.DispatcherServlet.service(DispatcherServlet. java:49)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)

        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:873)

        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:542)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1701)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1345)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:480)

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1668)

        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1247)

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)

        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection .java:220)

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)

        at org.eclipse.jetty.server.Server.handle(Server.java:502)

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:370)

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:267)

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:30 5)

        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)

        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)

        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)

        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExe cutor.java:366)

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765)

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683)

        at java.lang.Thread.run(Thread.java:748)

        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856)

        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)

        at javax.security.auth.login.LoginContext.login(LoginContext.java:588)

        at org.apache.jackrabbit.oak.core.ContentRepositoryImpl.login(ContentRepositoryImpl.java:163 ) [org.apache.jackrabbit.oak-core:1.10.2]

        at org.apache.jackrabbit.oak.jcr.repository.RepositoryImpl.login(RepositoryImpl.java:282) [org.apache.jackrabbit.oak-jcr:1.10.2]

        ... 56 common frames omitted

30.10.2019 01:25:48.773 *INFO* [qtp748111386-420467] com.adobe.granite.auth.saml.SamlAuthenticationHandler SAML error with reason: user_sync_failed detected, redirect user to: /libs/granite/core/content/login.error.html?j_reason=user_sync_failed

30.10.2019 01:25:48.773 *ERROR* [qtp748111386-420467] org.apache.sling.auth.core.impl.SlingAuthenticator doLogin: Cannot login: Response already committed

30.10.2019 01:25:50.034 *INFO* [HealthCheck Synchronized Clocks] org.apache.sling.discovery.oak.SynchronizedClocksHealthCheck execute: no topology connectors connected to local instance.

30.10.2019 01:25:52.376 *INFO* [oak-lucene-40697] org.apache.jackrabbit.oak.plugins.blob.AbstractSharedCachingDataStore Added blob [16bf588f0eebc58006e8ce041e3d86a6ba836370da71d362f49c06b1a02c8e6d] to backend

30.10.2019 01:25:52.498 *INFO* [oak-lucene-40697] org.apache.jackrabbit.oak.plugins.blob.AbstractSharedCachingDataStore Added blob [6a88c8c8de9055edfc057588a932e7d23b73db08e4f048f396a313ecdf69a897] to backend

Highlighted

jbrar

Employee

01-11-2019

Do you see anything in the SAML logs?

You can set up a Logger in order to debug any issues that might arise from misconfiguring SAML. You can do this by:

  • Search for and click on the entry called Apache Sling Logging Logger Configuration

  • Create a logger with the following configuration:
    • Log Level: Debug
    • Log File: logs/saml.log
    • Logger: com.adobe.granite.auth.saml