Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-51

UserManager is null despite being defined

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Workaround exists
    • Major
    • None
    • None
    • None
    • None
    • linux, java 1.8, tomcat 9

    Description

      Steps to reproduce

      1. Install magnolia-sso-connector module version 2.7.2 (maven dependency)
      2. setup mymodule/decorations/sso-connector/config.yaml defining an authentication service `fusionOpenIdConnect` (example attached)
      3. update jaas.config, defining `fusionOpenIdConnect` realm
      4. configure `/server/filters/login/loginHandlers/SSOConnector` with `jaasChain: fusionOpenIdConnect`
      5. configure `/server/filters/securityCallback/clientCallbacks/fusionOpenIdConnect` with `authenticationServiceName: fusionOpenIdConnect` and appropriate class
      6. update `/server/security/userManagers/sso-authentication` setting `realmName: fusionOpenIdConnect`
      7. order `fusionOpenIdConnect` above `form` under `/server/filters/securityCallback/clientCallbacks/fusionOpenIdConnect`
      8. Open a new private browser window and attempt login to /magnoliaAuthor/

      Expected results

      Successful login to Magnolia admin central

      Actual results

      Infinite redirect loop between Magnolia and Azure AD.

      Debugging has identified that userManager is null in the lines shown below below from `info.magnolia.connector.sso.util.UserAccountUtils`.
      Also realmName is `fusionOpenIdConnect`, matching the value set above

      ```
      ExternalUserManager userManager = (ExternalUserManager) securitySupport.getUserManager(realmName);
      return userManager.getUser(userDetails, groupList, roleList);
      ```

      Workaround

      None found as of yet

      Development notes


      Update: Request to improve documentation, especially that found on this page: https://documentation.magnolia-cms.com/display/SERVICES/SSO+Admincentral+Login

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              ben.newsome Alex Day
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Task DoD