We have established the SSO between Hybris C4C and Hybris commerce (ASM) with MS-ADFS as IDP. The entire flow works fine.
There is a specific use case where if in any case, the C4C agent does not have permissions to access the ASM as an asagent, they must be redirected to the homepage with asm component active so that they may try to access the ASM separately.
Due to the best practice constraints, we are not changing the samlsinglesignon
RedirectionController
, but I have written my own controller.
To redirect to the new controller, I have injected the following property in the spring-security-config.xml
The issue is, after successful authentication from IDP, whenever the call is getting redirected to the new controller, there is a null pointer exception - The authentication attributes are null.
INFO | jvm 1 | main | 2018/08/23 15:05:29.654 |
INFO | jvm 1 | main | 2018/08/23 15:05:48.781 | INFO [ajp-bio-8009-exec-2] [SAMLProtocolMessageXMLSignatureSecurityPolicyRule] SAML protocol message was not signed, skipping XML signature processing
INFO | jvm 1 | main | 2018/08/23 15:05:48.881 | INFO [ajp-bio-8009-exec-2] [10.149.252.34] [ADFSRedirectionController] Inside the ADFSRedirectionController
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | INFO [ajp-bio-8009-exec-2] [10.149.252.34] [ADFSRedirectionController] SecurityContextHolder.getContext():org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | INFO [ajp-bio-8009-exec-2] [10.149.252.34] [ADFSRedirectionController] SecurityContextHolder.getContext().getAuthentication():null
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | Aug 23, 2018 3:05:48 PM org.apache.catalina.core.StandardWrapperValve invoke
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | SEVERE: Servlet.service() for servlet [sso] in context with path [/sso] threw exception [Request processing failed; nested exception is java.lang.NullPointerException] with root cause
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | java.lang.NullPointerException
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at idp.ssotraining.ADFSRedirectionController.redirect(ADFSRedirectionController.java:61)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at java.lang.reflect.Method.invoke(Method.java:497)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
INFO | jvm 1 | main | 2018/08/23 15:05:48.882 | at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
I am not able to understand that if I redirect to the original controller, then the authentication is not null, but if I redirect to the new controller, the authentication is not present.
I am sure I am missing something. Any help in this regard would greatly be appreciated.
