You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2016/01/06 19:39:40 UTC
[jira] [Commented] (KNOX-641) Support CAS / OAuth / OpenID C / SAML
protocols using pac4j
[ https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15086030#comment-15086030 ]
Larry McCay commented on KNOX-641:
----------------------------------
Hi [~jleleu] - I have successfully verified CAS server and testBasicAuth.
However, when I tried the openidc configuration using the config that you provided the following exception is encountered.
It seems that we are missing a nimbus dependency.
2016-01-06 13:29:10,773 ERROR hadoop.gateway (GatewayServlet.java:service(126)) - Gateway processing failed: javax.servlet.ServletException: java.lang.NoClassDefFoundError: com/nimbusds/jose/proc/JWSKeySelector
javax.servlet.ServletException: java.lang.NoClassDefFoundError: com/nimbusds/jose/proc/JWSKeySelector
at org.apache.hadoop.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:70)
at org.apache.hadoop.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:322)
at org.apache.hadoop.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:222)
at org.apache.hadoop.gateway.GatewayFilter.doFilter(GatewayFilter.java:129)
at org.apache.hadoop.gateway.GatewayServlet.service(GatewayServlet.java:121)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.apache.hadoop.gateway.trace.TraceHandler.handle(TraceHandler.java:51)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.apache.hadoop.gateway.filter.CorrelationHandler.handle(CorrelationHandler.java:39)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:370)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NoClassDefFoundError: com/nimbusds/jose/proc/JWSKeySelector
at org.pac4j.oidc.client.OidcClient.internalInit(OidcClient.java:224)
at org.pac4j.core.util.InitializableWebObject.init(InitializableWebObject.java:39)
at org.pac4j.core.client.IndirectClient.getRedirectAction(IndirectClient.java:123)
at org.pac4j.core.client.IndirectClient.redirect(IndirectClient.java:85)
at org.pac4j.j2e.filter.RequiresAuthenticationFilter.redirectToIdentityProvider(RequiresAuthenticationFilter.java:187)
at org.pac4j.j2e.filter.RequiresAuthenticationFilter.internalFilter(RequiresAuthenticationFilter.java:151)
at org.pac4j.j2e.filter.AbstractConfigFilter.doFilter(AbstractConfigFilter.java:80)
at org.apache.hadoop.gateway.pac4j.filter.Pac4jDispatcherFilter.doFilter(Pac4jDispatcherFilter.java:166)
at org.apache.hadoop.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:322)
at org.apache.hadoop.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:222)
at org.apache.hadoop.gateway.filter.XForwardedHeaderFilter.doFilter(XForwardedHeaderFilter.java:30)
at org.apache.hadoop.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:61)
... 34 more
Caused by: java.lang.ClassNotFoundException: com.nimbusds.jose.proc.JWSKeySelector
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 46 more
I also notice that the twitter integration works but the returned "user" is an id not the "username" for the twitter account. This may not be a problem in itself but it will likely require farther qualification to get a username that can be used inside of the cluster. Perhaps it will mean an additional call to twitter to get profile information? This could potentially be done as part of an identity assertion provider.
I am curious whether this will be similar for other things - in particular openidc which is why I was also trying that just now.
> Support CAS / OAuth / OpenID C / SAML protocols using pac4j
> -----------------------------------------------------------
>
> Key: KNOX-641
> URL: https://issues.apache.org/jira/browse/KNOX-641
> Project: Apache Knox
> Issue Type: New Feature
> Reporter: Jérôme Leleu
> Assignee: Jérôme Leleu
> Fix For: 0.8.0
>
> Attachments: KNOX-641.patch, knox641.patch2
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)