PrinterOn KB Powered By ePRINTit USA

  1. Support
  2. PrinterOn Enterprise
  3. Authentication Loop seen when using Azure AD as identity management provider - c06343630

Authentication Loop seen when using Azure AD as identity management provider - c06343630

Authentication for accessing PrinterOn has been configured for Azure AD. After entering user name (Email address) and the correct password, the server prompts for log in again looping back to the authentication screen, never continuing to the Select Printers page. When entering the wrong username/password, the user is shown an authentication error which indicates the Azure configuration and the user credentials are correct.

This behaviour is caused when there is no IMCAS installed, or functioning. The first indication is that when enabling Azure AD as the identity provider and saving, a Users tab should appear. IMCASDB should require no configuration by the administrator, similar to the CPSDB when installed from PSIM.exe using SQL Express 2014.

The below log line references will be seen in CPS logs. The key thing we see here is that an imcas oauth token can't be created (among other imcas errors), and the redirect is attempting to send the user to http on port 80 instead of the configured https on port 443 that is default.

24/Nov/2017 19:24:03,030 - [DEBUG] LoginServlet: ====================================================

24/Nov/2017 19:24:03,030 - [DEBUG] LoginServlet: ========== LoginServlet: Starting DoPost() =========

24/Nov/2017 19:24:03,030 - [DEBUG] LoginServlet: ====================================================

24/Nov/2017 19:24:03,965 - [DEBUG] AzureAdService: User Name : useremail@domain.com

24/Nov/2017 19:24:03,965 - [DEBUG] AzureAdService: First Name : User

24/Nov/2017 19:24:03,965 - [DEBUG] AzureAdService: Last Name : Email

24/Nov/2017 19:24:03,965 - [DEBUG] AzureAdService: User email : useremail@domain.com

24/Nov/2017 19:24:04,035 - [ERROR] LoginServlet: An unexpected exception occurred during login. Dumping stack trace. com.printeron.rest.client.RestClientException

at com.printeron.rest.client.AbstractRestClient.sendRequestDirect(AbstractRestClient.java:294) ~[restful-4.0.2-RELEASE.jar:?]

at com.printeron.rest.client.AbstractRestClient.sendRequest(AbstractRestClient.java:93) ~[restful-4.0.2-RELEASE.jar:?]

at com.printeron.rest.client.AbstractRestClient.sendRequest(AbstractRestClient.java:73) ~[restful-4.0.2-RELEASE.jar:?]

at com.printeron.common.imcas.client.auth.oauth.ImcasOAuthTokenClient.getToken(ImcasOAuthTokenClient.java:50) ~[imcas-client-4.0.2-RELEASE.jar:?]

at com.printeron.common.imcas.client.auth.oauth.AbstractImcasTokenProvider.init(AbstractImcasTokenProvider.java:83) ~[imcas-client-4.0.2-RELEASE.jar:?]

at com.printeron.rest.client.AbstractRestClient.sendRequest(AbstractRestClient.java:86) ~[restful-4.0.2-RELEASE.jar:?]

at com.printeron.common.imcas.client.ImcasClient.sendRequest(ImcasClient.java:362) ~[imcas-client-4.0.2-RELEASE.jar:?]

at com.printeron.rest.client.AbstractRestClient.sendRequest(AbstractRestClient.java:73) ~[restful-4.0.2-RELEASE.jar:?]

at com.printeron.common.imcas.client.ImcasClient.sendRequest(ImcasClient.java:347) ~[imcas-client-4.0.2-RELEASE.jar:?]

at com.printeron.common.imcas.client.request.ImcasRequest.execute(ImcasRequest.java:79) ~[imcas-client-4.0.2-RELEASE.jar:?]

at com.printeron.common.imcas.client.request.user.ImcasUsersRequest.create(ImcasUsersRequest.java:44) ~[imcas-client-4.0.2-RELEASE.jar:?]

at com.printeron.cps.authentication.openid.AzureAdService.saveAzureUserInToImcas(AzureAdService.java:346) ~[cps-web-4.0.2-RELEASE.jar:4.0.2-RELEASE]

at com.printeron.cps.authentication.openid.AzureAdService.createImcasUser(AzureAdService.java:281) ~[cps-web-4.0.2-RELEASE.jar:4.0.2-RELEASE]

at com.printeron.cps.authentication.AuthenticationManager.createAzureAdResult(AuthenticationManager.java:1027) ~[cps-web-4.0.2-RELEASE.jar:4.0.2-RELEASE]

at com.printeron.cps.mvc.controllers.LoginServlet.doPost(LoginServlet.java:429) ~[cps-web-4.0.2-RELEASE.jar:4.0.2-RELEASE]

at com.printeron.cps.mvc.controllers.LoginServlet.doGet(LoginServlet.java:86) ~[cps-web-4.0.2-RELEASE.jar:4.0.2-RELEASE]

at sun.reflect.GeneratedMethodAccessor777.invoke(Unknown Source) ~[?:?]

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]

at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]

at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221) ~[spring-web-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136) ~[spring-web-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:114) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) ~[servlet-api.jar:?]

at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) ~[servlet-api.jar:?]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[catalina.jar:8.5.11]

at org.sitemesh.webapp.contentfilter.ContentBufferingFilter.bufferAndPostProcess(ContentBufferingFilter.java:169) ~[sitemesh-3.0.0.jar:?]

at org.sitemesh.webapp.contentfilter.ContentBufferingFilter.doFilter(ContentBufferingFilter.java:126) ~[sitemesh-3.0.0.jar:?]

at org.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:120) ~[sitemesh-3.0.0.jar:?]

at org.sitemesh.config.ConfigurableSiteMeshFilter.doFilter(ConfigurableSiteMeshFilter.java:163) ~[sitemesh-3.0.0.jar:?]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[catalina.jar:8.5.11]

at com.printeron.cps.mvc.filters.WebPrintDisabledFilter.doFilter(WebPrintDisabledFilter.java:43) ~[cps-web-4.0.2-RELEASE.jar:4.0.2-RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[catalina.jar:8.5.11]

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-websocket.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[catalina.jar:8.5.11]

at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:186) ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]

at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) ~[spring-security-web-3.2.5.RELEASE.jar:3.2.5.RELEASE]

at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[catalina.jar:8.5.11]

at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.3.RELEASE.jar:4.3.3.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[catalina.jar:8.5.11]

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) ~[catalina.jar:8.5.11]

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) ~[catalina.jar:8.5.11]

at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624) ~[catalina.jar:8.5.11]

at org.apache.catalina.valves.rewrite.RewriteValve.invoke(RewriteValve.java:580) ~[catalina.jar:8.5.11]

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) ~[catalina.jar:8.5.11]

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349) ~[catalina.jar:8.5.11]

at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783) ~[tomcat-coyote.jar:8.5.11]

at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-coyote.jar:8.5.11]

at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798) ~[tomcat-coyote.jar:8.5.11]

at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1434) ~[tomcat-coyote.jar:8.5.11]

at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote.jar:8.5.11]

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_121]

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_121]

at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util.jar:8.5.11]

at java.lang.Thread.run(Thread.java:745) [?:1.8.0_121] 24/Nov/2017 19:24:04,036 - [DEBUG] LoginServlet: Redirecting to: http://printeron.printanywhere.com:80/cps/Login

NOTE:

Applies to PrinterOn Enterprise 4.x and later