Details
-
Bug
-
Resolution: Done
-
Major
-
RH-SSO-7.2.2.GA
-
None
-
Keycloak Sprint 11, Keycloak Sprint 12, Keycloak Sprint 13
Description
The RH-SSO admin console allows the Property setting on a SAML User Property mapper to be empty/blank. This will cause a NullPointerException to be thrown during a login attempt from the client. This causes the authentication request to fail.
2018-06-21 11:57:09,584 ERROR [org.keycloak.protocol.saml.SamlProtocol] (default task-7) failed: java.lang.NullPointerException
at org.keycloak.protocol.ProtocolMapperUtils.getUserModelValue(ProtocolMapperUtils.java:63)
at org.keycloak.protocol.saml.mappers.UserPropertyAttributeStatementMapper.transformAttributeStatement(UserPropertyAttributeStatementMapper.java:82)
at org.keycloak.protocol.saml.SamlProtocol.populateAttributeStatements(SamlProtocol.java:491)
at org.keycloak.protocol.saml.SamlProtocol.authenticated(SamlProtocol.java:418)
at org.keycloak.services.managers.AuthenticationManager.redirectAfterSuccessfulFlow(AuthenticationManager.java:721)
at org.keycloak.services.managers.AuthenticationManager.redirectAfterSuccessfulFlow(AuthenticationManager.java:675)
at org.keycloak.services.managers.AuthenticationManager.finishedRequiredActions(AuthenticationManager.java:801)
at org.keycloak.authentication.AuthenticationProcessor.authenticationComplete(AuthenticationProcessor.java:951)
at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:821)
at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:284)
at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:255)
at org.keycloak.services.resources.LoginActionsService.authenticate(LoginActionsService.java:251)
at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:311)