Error message with Single-sign on applications

Hi,
I have two applications source1 and source2. I have connected them with single-sign on.
It works well the first time. Once I log into source1 I am automaticaly logged into source2.
But once I’ve logged into source1 once and I log out. When I try to log into source1 again and try to access source2 I get a “Unexpected Error. Please contact system administrator” on the source2 page and it only works after i click the retry button.

My question is: Is there a way to avoid the error message completely and just log in and log out of the applications without any error messages?

Regards

Hi,
Please share your deployment details, what did you set up, log files. It is really hard to say what is going on if we don’t know how it has been deployed.

Hi,

Okay so I made two applications, one being the Service Provider and Identity Provider and another being just a Service Provider.
App 1: source1
Ports: HTTP- 8081
AJP- 8011
Shutdown- 8051
Changes module prefix to sou
so URL would http://localhost:8081/sou/
In the web-app.properties file I added the following properties

    cuba.idp.serviceProviderUrls = http://localhost:8081/sou/,http://127.0.0.1:8082/rce/
    cuba.idp.serviceProviderLogoutUrls = http://localhost:8081/sou/dispatch/idpc/logout,http://127.0.0.1:8082/rce/dispatch/idpc/logout
    cuba.idp.trustedServicePassword = mdgh12SSX_pic2

    cuba.webAppUrl = http://localhost:8081/sou/
    cuba.web.externalAuthentication = true
    cuba.web.externalAuthenticationProviderClass = com.haulmont.cuba.web.auth.IdpAuthProvider
    cuba.web.idp.baseUrl = http://localhost:8081/sou/idp/
    cuba.web.idp.trustedServicePassword = mdgh12SSX_pic2`

App 2: source2
Ports: HTTP- 8082
AJP- 8012
Shutdown- 8052
Changes module prefix to rce
so URL would http://127.0.0.1:8082/rce/
In the web-app.properties file I added the following properties

cuba.webAppUrl = http://127.0.0.1:8082/rce/
cuba.web.externalAuthentication = true
cuba.web.externalAuthenticationProviderClass = com.haulmont.cuba.web.auth.IdpAuthProvider
cuba.web.idp.baseUrl = http://localhost:8081/sou/idp/
cuba.web.idp.trustedServicePassword = mdgh12SSX_pic2

source2
localhost_access_log.2018-01-15.txt (12.6 KB)

source1
localhost_access_log.2018-01-15.txt (24.9 KB)

I have attached my log files for both applications

So when I run both applications. It works, it logs into both applications as its supposed to do. But if I try to log out of the first application, the (Service Provider and Identity Provider) and I exit the tab of the application. When I open the application again and log in, with a different user. Opening the second application in a new tab, it shows this error:

Regards

Could you please share stdout / catalina.out / app.log files since all the application logs are logged to app.log?

1st Application
app.log (104.0 KB)

2nd Application
app.log (34.1 KB)

It seems that the attached logs are incomplete. There are no logout events / exceptions

Hi,
In my log folder, there are app files with a date. Maybe those are the ones you need?

Application 1
app.2018-01-15.log (153.9 KB)

Application 2
app.2018-01-15.log (58.9 KB)

If those are not the right ones, can you guide me on where to find this files.

Regards

As I see, someone has killed the session right during UI initialization:

2018-01-15 09:25:23.161 DEBUG [http-nio-8082-exec-10/rce-core/admin] com.haulmont.cuba.security.app.UserSessions - Killed session: 512c5618-fddb-9950-2f0c-b5dd78987570 [admin], since: Mon Jan 15 09:03:55 WAST 2018, lastUsed: Mon Jan 15 09:25:18 WAST 2018
2018-01-15 09:25:53.784 INFO  [http-nio-8082-exec-9/rce-core/admin] com.haulmont.cuba.core.sys.ServiceInterceptor - Exception in UserSettingService.loadSetting(..): com.haulmont.cuba.security.global.NoUserSessionException: User session not found: 512c5618-fddb-9950-2f0c-b5dd78987570
2018-01-15 09:25:53.859 ERROR [http-nio-8082-exec-9/rce/admin] com.haulmont.cuba.web.AppUI - Unable to init ui
com.haulmont.cuba.security.global.NoUserSessionException: User session not found: 512c5618-fddb-9950-2f0c-b5dd78987570
	at com.haulmont.cuba.core.sys.ServiceInterceptor.aroundInvoke(ServiceInterceptor.java:107) ~[na:na]
	at sun.reflect.GeneratedMethodAccessor119.invoke(Unknown Source) ~[na:na]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_121]
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:629) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:618) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.10.RELEASE.jar:4.3.10.RELEASE]
	at com.sun.proxy.$Proxy200.loadSetting(Unknown Source) ~[na:na]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_121]
	at com.haulmont.cuba.core.sys.remoting.LocalServiceInvokerImpl.invoke(LocalServiceInvokerImpl.java:94) ~[na:na]
	at com.haulmont.cuba.web.sys.remoting.LocalServiceProxy$LocalServiceInvocationHandler.invoke(LocalServiceProxy.java:148) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.sun.proxy.$Proxy26.loadSetting(Unknown Source) ~[na:na]
	at com.haulmont.cuba.web.app.UserSettingsTools.loadAppWindowTheme(UserSettingsTools.java:76) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.haulmont.cuba.web.AppUI.updateUiTheme(AppUI.java:499) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.haulmont.cuba.web.AppUI.beforeTopLevelWindowInit(AppUI.java:480) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.haulmont.cuba.web.WebWindowManager.createTopLevelWindow(WebWindowManager.java:1586) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.haulmont.cuba.web.App.createTopLevelWindow(App.java:308) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.haulmont.cuba.web.AppUI.setupUI(AppUI.java:265) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.haulmont.cuba.web.AppUI.init(AppUI.java:202) ~[cuba-web-6.7.6.jar:6.7.6]
	at com.vaadin.ui.UI.doInit(UI.java:693) [vaadin-server-7.7.10.cuba.9.jar:7.7.10.cuba.9]
	at com.vaadin.server.communication.UIInitHandler.getBrowserDetailsUI(UIInitHandler.java:216) [vaadin-server-7.7.10.cuba.9.jar:7.7.10.cuba.9]
	at com.vaadin.server.communication.UIInitHandler.synchronizedHandleRequest(UIInitHandler.java:74) [vaadin-server-7.7.10.cuba.9.jar:7.7.10.cuba.9]
	at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:41) [vaadin-server-7.7.10.cuba.9.jar:7.7.10.cuba.9]
	at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1436) [vaadin-server-7.7.10.cuba.9.jar:7.7.10.cuba.9]
	at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:361) [vaadin-server-7.7.10.cuba.9.jar:7.7.10.cuba.9]
	at 

Id’ recommend to enable TRACE log level for com.haulmont.cuba.web.controllers and check log files for the following statement:

Logout user session by IDP session

IdpLogoutCallbackController performs session kill if IDP session has been expired or logged out.