Hello,
currently we're testing V21 for our upgrade plans, including a working SSO login method.
So far, we successfully configured the Kerberos login for V21 and the initial login is indeed working.
After the login, the user is able to navigate within the application, as long as the same browser tab is being used.
But when the user tries to open a new browser tab or reload the page (F5 hotkey), only a empty page is being returned.
The AWI shows us the following error:
2022-03-24 18:06:00,268 qtp1989946738-628 [ERROR] NOLOGIN/- NOUI [com.uc4.ecc.framework.entrypoint.vaadin14.V14VaadinServlet] - ERROR IN SERVET
javax.servlet.ServletException: com.vaadin.flow.server.ServiceException: java.lang.NullPointerException
at com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:249)
at com.uc4.ecc.framework.entrypoint.vaadin14.V14VaadinServlet.service(V14VaadinServlet.java:85)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:791)
at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626)
at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:228)
at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1435)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1350)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:516)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:540)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:395)
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:161)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:383)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:882)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1036)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: com.vaadin.flow.server.ServiceException: java.lang.NullPointerException
at com.vaadin.flow.server.VaadinService.handleExceptionDuringRequest(VaadinService.java:1596)
at com.vaadin.flow.server.VaadinService.handleRequest(VaadinService.java:1559)
at com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:247)
... 40 common frames omitted
Caused by: java.lang.NullPointerException: null
at com.uc4.ecc.plugins.login.behaviours.kerberos.KerberosSSORequestHandler.handleRequest(KerberosSSORequestHandler.java:53)
at com.vaadin.flow.server.communication.SessionRequestHandler.handleRequest(SessionRequestHandler.java:64)
at com.vaadin.flow.server.VaadinService.handleRequest(VaadinService.java:1547)
... 41 common frames omitted
It looks like the AWI/Engine suddenly forgot about the Kerberos session or the Kerberos authentication information is not asked again.
The only way to get rid of this error is to delete all cookies and session data in the browser.
Sessions with username/password authentication are working perfectly, even with page reload / new tab.
Does someone else experience the same issue regarding page reload / new tab on a Kerberos session?
Kind regards
Norbert