Uploaded image for project: 'OpenId Connect'
  1. OpenId Connect
  2. OIDC-256

Authenticator Callback - Cannot invoke "javax.servlet.http.HttpSession.getId()" because "httpSession" is null

    XMLWordPrintable

Details

    • Bug
    • Resolution: Invalid
    • Major
    • None
    • 2.19.2
    • Authenticator
    • None
    • - Fresh install via xwiki-helm (7.4.4-postgres-tomcat⁠; 7.6.0-postgres-tomcat⁠).
      - OpenID Connect Authenticator installed via UI.
    • Unknown

    Description

      Used OpenID Connect Authenticator with Keycloak as OpenId Connect Provider.

      In the Login process, there is an Internal Server Error (Root Cause: "Cannot invoke "javax.servlet.http.HttpSession.getId()" because "httpSession" is null"), when the user is first redirected to the /oidc/authenticator/callback endpoint coming from Keycloak. See screenshot.

      If the user opens the same URL (https://xwiki/oidc/authenticator/callback?state=llfn0OSHhkmF...&session_state=1a8fcdc3...&iss=https%3A%2F%2Fsso%2Frealms%2Ftest&code=d1e5e24e..) manually via Browser again, the login is successful.

      Tested with xWiki 7.44 and 7.6.0 (installed via https://github.com/xwiki-contrib/xwiki-helm).
       

      Attachments

        Activity

          People

            tmortagne Thomas Mortagne
            michael-schroeder-lave Michael Schröder
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: