CODEWITHSUNDEEP
wso2scimwso2-identity-server
aizquier
aizquier

Reputation: 567

WSO2 IS v5.3.0 fails to update of user infos using SCIM

I am trying to use WSO2 v5.3.0 to perform user provisioning under the SCIM protocol. Every works fine when I add users and delete them:

create user:

>> curl -v -k --user user:passwd  --data "{"schemas":[],"name":{"familyName":"somefamily","givenName":"somename"},"userName":"[email protected]","password":"abc123","emails":[{"primary":true,"value":"fulano.com","type":"home"},{"value":"hasini_work.com","type":"work"}]}" --header "Content-Type:application/json"   https://wso2-server/wso2/scim/Users

the server sucessfully sends a json reply:

<< {"emails":[{"type":"home","value":"fulano.com"},{"type":"work","value":"hasini_work.com"}],"meta":{"created":"2017-09-27T19:46:59","location":"https://wso2-server/wso2/scim/Users/8459be3e-1950-4c0d-8833-9d789dc2eabb","lastModified":"2017-09-27T19:46:59"},"schemas":["urn:scim:schemas:core:1.0"],"name":{"familyName":"somefamily","givenName":"somename"},"id":"8459be3e-1950-4c0d-8833-9d789dc2eabb","userName":"PRIMARY/[email protected]"}

The problem arises when I try to update the info of an existing user:

>> curl -v -k --user user:passwd -X PUT --data "{"schemas":[],"name":{"familyName":"somefamily","givenName":"somename"},"userName":"[email protected]","password":"abc123bca","emails":[{"primary":true,"value":"[email protected]","type":"home"},{"value":"hasini_work.com","type":"work"}]}" --header "Content-Type:application/json"   https://wso2-server/wso2/scim/Users/8459be3e-1950-4c0d-8833-9d789dc2eabb

the server complains with:

<< {"Errors":[{"code":"500","description":"Error while updating attributes of user: [email protected]"}]}

Notice that if I authenticate using OAuth,

first get the auth token,

>> curl -v -X POST -H "Authorization: Basic XXXXKEYXXXXXX" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=client_credentials"  https://wso2-server/oauth2/token

<< {"access_token":"xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx","token_type":"Bearer","expires_in":1147}

>> curl -v -k -X PUT  -d '{"schemas":[],"userName":"[email protected]","mail":"[email protected]", "password": "2345acdr"}'  --header "Authorization: Bearer xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx" --header "Content-Type:application/json"  https://wso2-server/wso2/scim/Users/8459be3e-1950-4c0d-8833-9d789dc2eabb

the server complains again with status 500 and a java exception dump: 

<< <html><head><title>Apache Tomcat/7.0.73 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - org.apache.cxf.interceptor.Fault</h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u>org.apache.cxf.interceptor.Fault</u></p><p><b>description</b> <u>The server encountered an internal error that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>java.lang.RuntimeException: org.apache.cxf.interceptor.Fault
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:336)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249)
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153)
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:289)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPut(AbstractHTTPServlet.java:226)
javax.servlet.http.HttpServlet.service(HttpServlet.java:653)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
</pre></p><p><b>root cause</b> <pre>org.apache.cxf.interceptor.Fault
org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:170)
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:136)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101)
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249)
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153)
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:289)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPut(AbstractHTTPServlet.java:226)
javax.servlet.http.HttpServlet.service(HttpServlet.java:653)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
</pre></p><p><b>root cause</b> <pre>java.lang.NullPointerException
org.wso2.carbon.identity.core.util.IdentityUtil.extractDomainFromName(IdentityUtil.java:588)
org.wso2.carbon.identity.scim.provider.impl.SCIMUserManager.getAuthorizedDomainUser(SCIMUserManager.java:1666)
org.wso2.carbon.identity.scim.provider.impl.SCIMUserManager.getUser(SCIMUserManager.java:224)
org.wso2.carbon.identity.scim.provider.impl.SCIMUserManager.updateUser(SCIMUserManager.java:395)
org.wso2.charon.core.protocol.endpoints.UserResourceEndpoint.updateWithPUT(UserResourceEndpoint.java:522)
org.wso2.carbon.identity.scim.provider.resources.UserResource.updateUser(UserResource.java:261)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:498)
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:188)
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:104)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101)
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249)
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153)
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:289)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPut(AbstractHTTPServlet.java:226)
javax.servlet.http.HttpServlet.service(HttpServlet.java:653)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)

However the user can be deleted sucessfully via a DELETE request

>> curl -v -k --user user:passwd -X DELETE https://wso2-server/wso2/scim/Users/8459be3e-1950-4c0d-8833-9d789dc2eabb -H "Accept: application/json"

So my question is: This strange behaviour is caused due to a bad configuration, or it is a bug in WSO2-IS?

Upvotes: 0

Views: 239

Answers (1)

Jeff LOMBARDO
Jeff LOMBARDO

Reputation: 334

Two things :

Jeff

Upvotes: 0

Related Questions