When upgrading to the new version for both bundle(3.0.0) and submodule(3.6.1) from current bundle(2.0.0) + pac4j-saml(2.3.1), I am facing issues.
There is no more redirection happening to my SAML authentication and I am getting 404 for my login endpoint. (source code below).
The same code works with the library versions mentioned above. Was there some breaking change introduced with the major version upgrade for both?
@GET
@Path(LOGIN)
@Pac4JSecurity(clients = "SAML2Client", authorizers = “mustBeAuth")
@Pac4JLogout(localLogout = false, defaultUrl = "/#")
public void login(@Pac4JProfileManager ProfileManager<CommonProfile> pm) {
}
DEBUG [2019-11-21 15:06:57,605] org.pac4j.core.engine.DefaultSecurityLogic: === SECURITY ===
DEBUG [2019-11-21 15:06:57,605] org.pac4j.core.engine.DefaultSecurityLogic: url: http://localhost:8080/service/auth/login
DEBUG [2019-11-21 15:06:57,605] org.pac4j.core.engine.DefaultSecurityLogic: matchers:
DEBUG [2019-11-21 15:06:57,605] org.pac4j.core.engine.DefaultSecurityLogic: clients: SAML2Client
DEBUG [2019-11-21 15:06:57,605] org.pac4j.core.client.finder.DefaultSecurityClientFinder: Provided clientNames: SAML2Client
DEBUG [2019-11-21 15:06:57,606] org.pac4j.core.client.finder.DefaultSecurityClientFinder: clientNameOnRequest: null
DEBUG [2019-11-21 15:06:57,609] org.pac4j.core.client.finder.DefaultSecurityClientFinder: result: [SAML2Client]
DEBUG [2019-11-21 15:06:57,609] org.pac4j.core.engine.DefaultSecurityLogic: currentClients: [#SAML2Client# | name: SAML2Client | callbackUrl: /service/auth/callback | urlResolver: org.pac4j.jax.rs.pac4j.JaxRsUrlResolver@341ead4 | callbackUrlResolver: null | ajaxRequestResolver: org.pac4j.jax.rs.pac4j.JaxRsAjaxRequestResolver@4bf0f27e | redirectActionBuilder: null | credentialsExtractor: null | authenticator: null | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@2fc314a5 | logoutActionBuilder: org.pac4j.core.logout.NoLogoutActionBuilder@3995aa17 | authorizationGenerators: [] |]
DEBUG [2019-11-21 15:06:57,609] org.pac4j.core.engine.DefaultSecurityLogic: loadProfilesFromSession: true
DEBUG [2019-11-21 15:06:57,611] org.pac4j.core.engine.DefaultSecurityLogic: profiles: []
DEBUG [2019-11-21 15:06:57,611] org.pac4j.core.engine.DefaultSecurityLogic: Starting authentication
DEBUG [2019-11-21 15:06:57,612] org.pac4j.core.engine.DefaultSecurityLogic: requestedUrl: http://localhost:8080/service/auth/login
INFO [2019-11-21 15:06:57,613] org.pac4j.saml.config.SAML2Configuration: Bootstrapped Blacklisted Algorithms
INFO [2019-11-21 15:06:57,613] org.pac4j.saml.config.SAML2Configuration: Bootstrapped Signature Algorithms
INFO [2019-11-21 15:06:57,613] org.pac4j.saml.config.SAML2Configuration: Bootstrapped Signature Reference Digest Methods
INFO [2019-11-21 15:06:57,613] org.pac4j.saml.config.SAML2Configuration: Bootstrapped Canonicalization Algorithm
INFO [2019-11-21 15:06:57,649] org.pac4j.saml.metadata.SAML2ServiceProviderMetadataResolver: Using SP entity ID PDA
INFO [2019-11-21 15:06:57,702] org.pac4j.saml.client.SAML2Client: AJAX request detected -> returning the appropriate action
DEBUG [2019-11-21 15:06:57,704] org.pac4j.saml.context.SAML2ContextProvider: Creating message storage by org.pac4j.saml.storage.EmptyStorageFactory
INFO [2019-11-21 15:06:57,760] org.pac4j.saml.crypto.DefaultSignatureSigningParametersProvider: Created signature signing parameters.
Signature algorithm: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
Signature canonicalization algorithm: http://www.w3.org/2001/10/xml-exc-c14n#
Signature reference digest methods: http://www.w3.org/2001/04/xmlenc#sha256
DEBUG [2019-11-21 15:06:57,762] org.pac4j.saml.transport.Pac4jHTTPPostEncoder: Initialized Pac4jHTTPPostEncoder
DEBUG [2019-11-21 15:06:57,762] org.pac4j.saml.transport.Pac4jHTTPPostEncoder: Invoking Velocity template to create POST body
DEBUG [2019-11-21 15:06:57,764] org.pac4j.saml.transport.Pac4jHTTPPostEncoder: Encoding action url of '<redected>' with encoded value '<redected>'
DEBUG [2019-11-21 15:06:57,764] org.pac4j.saml.transport.Pac4jHTTPPostEncoder: Marshalling and Base64 encoding SAML message
DEBUG [2019-11-21 15:06:57,764] org.pac4j.saml.transport.Pac4jHTTPPostEncoder: Marshalling message
DEBUG [2019-11-21 15:06:57,765] org.pac4j.saml.transport.Pac4jHTTPPostEncoder: Setting RelayState parameter to: 'http://localhost:8080/service/auth/callback?client_name=SAML2Client', encoded as 'http://localhost:8080/service/auth/callback?client_name=SAML2Client'
DEBUG [2019-11-21 15:06:57,778] org.pac4j.core.engine.DefaultSecurityLogic: extra HTTP action required in security: 401
java.lang.NoClassDefFoundError: org/hibernate/bytecode/instrumentation/internal/FieldInterceptionHelper
at org.hibernate.jpa.internal.util.PersistenceUtilHelper.isLoadedWithoutReference(PersistenceUtilHelper.java:113)
at org.hibernate.jpa.HibernatePersistenceProvider$1.isLoadedWithoutReference(HibernatePersistenceProvider.java:188)
at javax.persistence.Persistence$1.isLoaded(Persistence.java:111)
at org.hibernate.validator.internal.engine.resolver.JPATraversableResolver.isReachable(JPATraversableResolver.java:47)
at org.hibernate.validator.internal.engine.resolver.DefaultTraversableResolver.isReachable(DefaultTraversableResolver.java:128)
at org.hibernate.validator.internal.engine.resolver.CachingTraversableResolverForSingleValidation.isReachable(CachingTraversableResolverForSingleValidation.java:36)
at org.hibernate.validator.internal.engine.ValidatorImpl.isReachable(ValidatorImpl.java:1612)
at org.hibernate.validator.internal.engine.ValidatorImpl.isValidationRequired(ValidatorImpl.java:1597)
at org.hibernate.validator.internal.engine.ValidatorImpl.validateMetaConstraint(ValidatorImpl.java:609)
at org.hibernate.validator.internal.engine.ValidatorImpl.validateConstraint(ValidatorImpl.java:582)
at org.hibernate.validator.internal.engine.ValidatorImpl.validateConstraintsForSingleDefaultGroupElement(ValidatorImpl.java:528)
at org.hibernate.validator.internal.engine.ValidatorImpl.validateConstraintsForDefaultGroup(ValidatorImpl.java:496)
at org.hibernate.validator.internal.engine.ValidatorImpl.validateConstraintsForCurrentGroup(ValidatorImpl.java:461)
at org.hibernate.validator.internal.engine.ValidatorImpl.validateInContext(ValidatorImpl.java:411)
at org.hibernate.validator.internal.engine.ValidatorImpl.validate(ValidatorImpl.java:208)
at io.dropwizard.configuration.BaseConfigurationFactory.validate(BaseConfigurationFactory.java:236)
at io.dropwizard.configuration.BaseConfigurationFactory.build(BaseConfigurationFactory.java:128)
Caused by: java.lang.ClassNotFoundException: org.hibernate.bytecode.instrumentation.internal.FieldInterceptionHelper
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:335)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 26 more