Hello All,
i am pretty new to SLO implementation in Siteminder and not able to make it work. We are using Siteminder 12.52 and always get a Error when the SP initiates the SLO on the logout button click. SP sends the SAML logout request as HTTP Redirect i.e. GET as below and request is signed:
<saml2p:LogoutRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
Destination="https://xyz.com/affwebservices/public/saml2slo"
ID="a3ie9j5ga97gdhj41f2cab28ihca9i2"
IssueInstant="2020-07-14T12:59:45.668Z"
Version="2.0"
>
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">xxx:8080/saml/SSO</saml2:Issuer>
<saml2:NameID xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
>bZot0021</saml2:NameID>
<saml2p:SessionIndex>cojnsyx0q2q/oLCrw6x1PBhUX1M=MuHOHA==</saml2p:SessionIndex>
</saml2p:LogoutRequest>
Now, once we i.e IDP receive the SAML logout request we Get HTTP 500 error with transaction ID and we see the below error in our logs:
Logs:-
Smdefaulttrace.log :-
grep '95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f' smtracedefault.log[07/14/2020][09:04:31][09:04:31.478][12315][3421096848][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][][CServer.cpp:6050][CServer::Tunnel][][Resolved all the input parameters][][][][][][][][][][][][][][::ffff:172.19.80.136][][Lib='smjavaapi', Func='JavaTunnelService', Params='com.netegrity.saml2ps.tunnel.SAMLSingleLogoutTunnelService', Server='', Device=''][][][][][][][][][07/14/2020][09:04:31][09:04:31.478][12315][3421096848][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][][SingleLogoutTunnelServiceHandler.java][setupLogout][][ENTER: setupLogout][][][][][][][][][][][][][][][][][][][][][][][][][$
Affwebservices.log :-
[5472/1236][Tue Jul 14 2020 09:04:31][SLOService.java][ERROR][sm-FedClient-02890] Transaction with ID: 95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f failed. Reason: SLO_GET_EXCEPTION (, , )[5472/1236][Tue Jul 14 2020 09:04:31][SLOService.java][ERROR][sm-FedClient-01660] Exception caught in class com.netegrity.affiliateminder.webservices.saml2.SLOService, method doGet, message java.lang.NullPointerException. (, )
FWSTrace.log:-
[07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][FWSBase.java][getSessionFromCookie][Fetching session details from cookie [CHECKPOINT = SLO_SESSION_FETCH]]
[07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][FWSBase.java][getSessionCookie][SMSESSION Cookie found.]
[07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][SLOService.java][handleLogout][Reading session id from cookie data for session termination [CHECKPOINT = SLOSAML2_SESSIONIDFROMCOOKIEDATA_READ]]
[07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][SLOService.java][handleLogout][Performing tunnel call for SAML1 SLO [CHECKPOINT = SLOSAML2_TUNNEL_REQUEST]]
TUNNEL STATUS: status : 8 message : Error executing a Session Server API call: getStatus Session ID: uoDh0uZLvAhuRmSD8SDLph5Dm98= Status: 0][07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][SLOService.java][doGet][Transaction with ID: 95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f failed. Reason: SLO_GET_EXCEPTION]
[07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][SLOService.java][doGet][Exception caught in class com.netegrity.affiliateminder.webservices.saml2.SLOService, method doGet: java.lang.NullPointerExceptionjava.lang.NullPointerException at com.netegrity.affiliateminder.webservices.saml2.SLOService.a(DashoA10*..:1111) at com.netegrity.affiliateminder.webservices.saml2.SLOService.a(DashoA10*..:844) at com.netegrity.affiliateminder.webservices.saml2.SLOService.c(DashoA10*..:805) at com.netegrity.affiliateminder.webservices.saml2.SLOService.doGet(DashoA10*..:240) at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.netegrity.affiliateminder.webservices.CAFedFilter.doFilter(DashoA10*..:58) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:856) at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:566) at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1508) at java.lang.Thread.run(Thread.java:662)][07/14/2020][09:04:31][5472][1236][95a8d79f-e3836a13-05f429f0-63235689-d8852aa6-8f][SLOService.java][doGet][Stack Trace: java.lang.NullPointerException
Can anyone please help what i am missing here?
Thank You
Ankur Taneja