Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Errors with SSO configuration using ADFS as IDP

TimoR
Regular Contributor
Regular Contributor

We set up the SSO on the Saviynt side as well as the ADFS side, and exchanged XML files from the systems that we uploaded. The configuration looks ok and as per Saviynt documentation (https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter06-EIC-Configurations/Config...).

When we activate SSO, Saviynt correctly redirects us to our ADFS IDP where we can authenticate, but when our IDP redirects us back to Saviynt, we only get a generic error message that something went wrong, and we also get these errors in the Saviynt logs:

"ecm","2023-07-17T08:23:12.804+00:00","{"log":"2023-07-17 08:23:12,380 [http-nio-8080-exec-3] DEBUG auth.LoginController - thresholdcount...3\n","stream":"stdout","time":"2023-07-17T08:23:12.380808673Z"}"

"ecm","2023-07-17T08:23:12.804+00:00","{"log":"2023-07-17 08:23:12,382 [http-nio-8080-exec-3] ERROR errors.GrailsExceptionResolver - NullPointerException occurred when processing request: [POST] /ECM/saml/SSO/alias/saviyntdev\n","stream":"stdout","time":"2023-07-17T08:23:12.382784816Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"Cannot get property 'principal' on null object. Stacktrace follows:\n","stream":"stdout","time":"2023-07-17T08:23:12.382795249Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"java.lang.NullPointerException: Cannot get property 'principal' on null object\n","stream":"stdout","time":"2023-07-17T08:23:12.382799153Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at com.saviynt.auth.LoginController.authfail(LoginController.groovy:359)\n","stream":"stdout","time":"2023-07-17T08:23:12.382803382Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at grails.plugin.springsecurity.web.authentication.AjaxAwareAuthenticationFailureHandler.onAuthenticationFailure(AjaxAwareAuthenticationFailureHandler.java:48)\n","stream":"stdout","time":"2023-07-17T08:23:12.382807745Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)\n","stream":"stdout","time":"2023-07-17T08:23:12.382811361Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69)\n","stream":"stdout","time":"2023-07-17T08:23:12.382814659Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)\n","stream":"stdout","time":"2023-07-17T08:23:12.382826953Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at java.lang.Thread.run(Thread.java:750)\n","stream":"stdout","time":"2023-07-17T08:23:12.382830578Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"2023-07-17 08:23:12,420 [http-nio-8080-exec-3] ERROR error.ErrorController - Exception\n","stream":"stdout","time":"2023-07-17T08:23:12.420765993Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"org.codehaus.groovy.grails.web.errors.GrailsWrappedRuntimeException: Cannot get property 'principal' on null object\n","stream":"stdout","time":"2023-07-17T08:23:12.420788458Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at grails.plugin.springsecurity.web.authentication.AjaxAwareAuthenticationFailureHandler.onAuthenticationFailure(AjaxAwareAuthenticationFailureHandler.java:48)\n","stream":"stdout","time":"2023-07-17T08:23:12.420792713Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)\n","stream":"stdout","time":"2023-07-17T08:23:12.420796633Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69)\n","stream":"stdout","time":"2023-07-17T08:23:12.420799462Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)\n","stream":"stdout","time":"2023-07-17T08:23:12.420802805Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at java.lang.Thread.run(Thread.java:750)\n","stream":"stdout","time":"2023-07-17T08:23:12.420805586Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"Caused by: java.lang.NullPointerException: Cannot get property 'principal' on null object\n","stream":"stdout","time":"2023-07-17T08:23:12.420809244Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009at com.saviynt.auth.LoginController.authfail(LoginController.groovy:359)\n","stream":"stdout","time":"2023-07-17T08:23:12.420812448Z"}"
"ecm","2023-07-17T08:23:12.804+00:00","{"log":"\u0009... 5 more\n","stream":"stdout","time":"2023-07-17T08:23:12.420815446Z"}"
 
 
Any idea what this exactly means?
1 REPLY 1

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @TimoR,

As mentioned earlier, Saviynt successfully redirects you to the ADFS IDP for authentication. This indicates that the issue does not lie with Saviynt. To resolve the problem, please review the configuration on the Azure side, specifically checking the "named" configuration you have selected. Additionally, it is recommended to examine the Azure logs for further insights into the issue.

Thanks,

 
If you find the above response useful, Kindly Mark it as "Accept As Solution".