000022113 - Error: 'user property not found in ClearTrust: samlattr1' in RSA Federated Identity Manager (FIM) 2.5

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022113
Applies ToRSA Federated Identity Manager (FIM) 2.5
RSA ClearTrust Agent 4.6 for Microsoft IIS

Microsoft Windows 2000 Professional
Microsoft Internet Information Server (IIS)
IssueError: "user property not found in ClearTrust: samlattr1" in RSA Federated Identity Manager (FIM) 2.5
Complete the setup in appendix D in the RSA Federated Identity Manager (FIM) 2.5 Planning and Installation Guide. After navigating to http://machinename.com:7001/samlassertingparty/SamlSsoDemo.jsp, click on the Employee Login link of 
http://machinename.com/cleartrust/ct_logon.asp?CTAuthMode=BASIC&ct_orig_uri=http://machinename.com:7001/samlassertingparty/SamlSsoDemo.jsp and authenticate at the ClearTrust prompt using userID "user". Once completed, navigate back to http://machinename.com:7001/samlassertingparty/SamlSsoDemo.jsp and click on the Partner Link of 
http://machinename.com:7001/samlassertingparty/AP?TARGET=http://machinename.com/protectedpage.html and the browser shows:

Error 500 - Internal Server Error

The server encountered the following unexpected condition: Error in RSA Federated Identity Manager: Error encountered in Relying Party servlet: com.rsa.csf.common.exceptionbase.CsfApplicationException: Error in Relying Party while processing Asserting Party response: ; nested exception is: com.rsa.csf.common.exceptionbase.CsfApplicationException: Cannot process SAML Attribute. ; nested exception is: com.rsa.csf.techservice.saml.plugins.AttributePluginException: user property not found in ClearTrust: samlattr1

stack trace of outer exception:
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyServiceBean.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyService_h7evde_EOImpl.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(SamlSsoRelyingPartyService_h7evde_EOImpl.java:46)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyServiceProxyClient.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.application.saml.SamlSsoRelyingPartyServlet.doGet(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(Unknown Source)
javax.servlet.http.HttpServlet.service(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(HttpServlet.java:740)
javax.servlet.http.HttpServlet.service(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(HttpServlet.java:853)
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run()Ljava.lang.Object;(ServletStubImpl.java:971)
weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;Lweblogic.servlet.internal.FilterChainImpl;)V(ServletStubImpl.java:402)
weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(ServletStubImpl.java:305)
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run()Ljava.lang.Object;(WebAppServletContext.java:6350)
weblogic.security.acl.internal.AuthenticatedSubject.doAs(Lweblogic.security.subject.AbstractSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(AuthenticatedSubject.java:317)
weblogic.security.service.SecurityManager.runAs(Lweblogic.security.acl.internal.AuthenticatedSubject;Lweblogic.security.acl.internal.AuthenticatedSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(SecurityManager.java:118)
weblogic.servlet.internal.WebAppServletContext.invokeServlet(Lweblogic.servlet.internal.ServletRequestImpl;Lweblogic.servlet.internal.ServletResponseImpl;)V(WebAppServletContext.java:3635)
weblogic.servlet.internal.ServletRequestImpl.execute(Lweblogic.kernel.ExecuteThread;)V(ServletRequestImpl.java:2585)
weblogic.kernel.ExecuteThread.execute(Lweblogic.kernel.ExecuteRequest;)V(ExecuteThread.java:197)
weblogic.kernel.ExecuteThread.run()V(ExecuteThread.java:170)
java.lang.Thread.startThreadFromVM(Ljava.lang.Thread;)V(Unknown Source)

stack trace of inner exception:
com.rsa.csf.techservice.saml.common.SamlAssertionProcessor.processAttributeStatement([Lcom.rsa.csf.techservice.saml.opensaml.SAMLAttributeStatement;Lcom.rsa.csf.techservice.saml.common.WebSsoContext;Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;Lcom.rsa.csf.domain.objects.RPAPWebSso;)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlAssertionProcessor.processSsoAssertion([Lcom.rsa.csf.techservice.saml.opensaml.SAMLAssertion;Lcom.rsa.csf.domain.objects.RPAssertingParty;Ljava.lang.String;)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlProtocolProcessor.processSsoResponse(Lcom.rsa.csf.techservice.saml.opensaml.SAMLResponse;Ljava.lang.String;Lcom.rsa.csf.techservice.saml.signature.XMLSecurityProvider;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlProtocolProcessor.processSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyServiceBean.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyService_h7evde_EOImpl.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(SamlSsoRelyingPartyService_h7evde_EOImpl.java:46)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyServiceProxyClient.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.application.saml.SamlSsoRelyingPartyServlet.doGet(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(Unknown Source)
javax.servlet.http.HttpServlet.service(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(HttpServlet.java:740)
javax.servlet.http.HttpServlet.service(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(HttpServlet.java:853)
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run()Ljava.lang.Object;(ServletStubImpl.java:971)
weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;Lweblogic.servlet.internal.FilterChainImpl;)V(ServletStubImpl.java:402)
weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(ServletStubImpl.java:305)
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run()Ljava.lang.Object;(WebAppServletContext.java:6350)
weblogic.security.acl.internal.AuthenticatedSubject.doAs(Lweblogic.security.subject.AbstractSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(AuthenticatedSubject.java:317)
weblogic.security.service.SecurityManager.runAs(Lweblogic.security.acl.internal.AuthenticatedSubject;Lweblogic.security.acl.internal.AuthenticatedSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(SecurityManager.java:118)
weblogic.servlet.internal.WebAppServletContext.invokeServlet(Lweblogic.servlet.internal.ServletRequestImpl;Lweblogic.servlet.internal.ServletResponseImpl;)V(WebAppServletContext.java:3635)
weblogic.servlet.internal.ServletRequestImpl.execute(Lweblogic.kernel.ExecuteThread;)V(ServletRequestImpl.java:2585)
weblogic.kernel.ExecuteThread.execute(Lweblogic.kernel.ExecuteRequest;)V(ExecuteThread.java:197)
weblogic.kernel.ExecuteThread.run()V(ExecuteThread.java:170)
java.lang.Thread.startThreadFromVM(Ljava.lang.Thread;)V(Unknown Source)

stack trace of inner exception:
com.rsa.csf.techservice.saml.plugins.CtAttributePluginRP.setCtUserProperty(Ljava.lang.String;Ljava.lang.String;[Ljava.lang.Object;)V(Unknown Source)
com.rsa.csf.techservice.saml.plugins.CtAttributePluginRP.processAttribute(Lcom.rsa.csf.techservice.saml.opensaml.SAMLAttribute;Lcom.rsa.csf.techservice.saml.opensaml.SAMLSubject;Lcom.rsa.csf.techservice.saml.common.WebSsoContext;Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlAssertionProcessor.processAttributeStatement([Lcom.rsa.csf.techservice.saml.opensaml.SAMLAttributeStatement;Lcom.rsa.csf.techservice.saml.common.WebSsoContext;Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;Lcom.rsa.csf.domain.objects.RPAPWebSso;)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlAssertionProcessor.processSsoAssertion([Lcom.rsa.csf.techservice.saml.opensaml.SAMLAssertion;Lcom.rsa.csf.domain.objects.RPAssertingParty;Ljava.lang.String;)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlProtocolProcessor.processSsoResponse(Lcom.rsa.csf.techservice.saml.opensaml.SAMLResponse;Ljava.lang.String;Lcom.rsa.csf.techservice.saml.signature.XMLSecurityProvider;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.techservice.saml.common.SamlProtocolProcessor.processSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyServiceBean.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyService_h7evde_EOImpl.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(SamlSsoRelyingPartyService_h7evde_EOImpl.java:46)
com.rsa.csf.clientservice.saml.SamlSsoRelyingPartyServiceProxyClient.processSamlSsoResponse(Ljava.lang.String;Ljava.lang.String;Z)Lcom.rsa.csf.techservice.saml.common.RelyingPartySsoResult;(Unknown Source)
com.rsa.csf.application.saml.SamlSsoRelyingPartyServlet.doGet(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(Unknown Source)
javax.servlet.http.HttpServlet.service(Ljavax.servlet.http.HttpServletRequest;Ljavax.servlet.http.HttpServletResponse;)V(HttpServlet.java:740)
javax.servlet.http.HttpServlet.service(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(HttpServlet.java:853)
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run()Ljava.lang.Object;(ServletStubImpl.java:971)
weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;Lweblogic.servlet.internal.FilterChainImpl;)V(ServletStubImpl.java:402)
weblogic.servlet.internal.ServletStubImpl.invokeServlet(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;)V(ServletStubImpl.java:305)
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run()Ljava.lang.Object;(WebAppServletContext.java:6350)
weblogic.security.acl.internal.AuthenticatedSubject.doAs(Lweblogic.security.subject.AbstractSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(AuthenticatedSubject.java:317)
weblogic.security.service.SecurityManager.runAs(Lweblogic.security.acl.internal.AuthenticatedSubject;Lweblogic.security.acl.internal.AuthenticatedSubject;Ljava.security.PrivilegedAction;)Ljava.lang.Object;(SecurityManager.java:118)
weblogic.servlet.internal.WebAppServletContext.invokeServlet(Lweblogic.servlet.internal.ServletRequestImpl;Lweblogic.servlet.internal.ServletResponseImpl;)V(WebAppServletContext.java:3635)
weblogic.servlet.internal.ServletRequestImpl.execute(Lweblogic.kernel.ExecuteThread;)V(ServletRequestImpl.java:2585)
weblogic.kernel.ExecuteThread.execute(Lweblogic.kernel.ExecuteRequest;)V(ExecuteThread.java:197)
weblogic.kernel.ExecuteThread.run()V(ExecuteThread.java:170)
java.lang.Thread.startThreadFromVM(Ljava.lang.Thread;)V(Unknown Source)
Event.log shows the following:

2005-07-07 16:17:09,222 CRITICAL - [SAML-StartApBapSsoExcep: SamlSsoAssertingPartyServiceBean.startSamlAssertingPartySso(); No ClearTrust cookie found in cookie map] method SamlSsoAssertingPartyServiceBean.startSamlAssertingPartySso(): unexpected exception received by the start AP SSO code: No ClearTrust cookie found in cookie map

2005-07-07 16:17:09,222 CRITICAL - [SAML-NoCookieGiven: CtTicketPlugin.createWebSsoContextFromCookie()] method CtTicketPlugin.createWebSsoContextFromCookie(): No ClearTrust cookie found in map passed to ticket plugin

2005-07-07 16:17:09,222 CRITICAL - [SAML-StartApBapSsoExcep: SamlSsoAssertingPartyServiceBean.startSamlAssertingPartySso(); Unable to process a security token\; nested exception is: com.rsa.csf.techservice.saml.plugins.TicketPluginException: No ClearTrust cookie found in cookie map] method SamlSsoAssertingPartyServiceBean.startSamlAssertingPartySso(): unexpected exception received by the start AP SSO code: Unable to process a security token; nested exception is: com.rsa.csf.techservice.saml.plugins.TicketPluginException: No ClearTrust cookie found in cookie map

2005-07-07 16:17:24,347 CRITICAL - [SAML-ApSsoBapStarted: AAHAOWFStCxKh/pYAKdQqworYCLkRSmF8Q5INCUJFgRkBzFrWWUbxbJH; appdrp; TargetURL='http://jwai-t.na.rsa.net/protectedpage.html', AssertionID='_4c016b38f5b099a381671f086dc9c317f53687cd', LocalSubject='SAMLSubject nameQualifier=null format=#CTUID 'user''] AssertingParty created artifact=AAHAOWFStCxKh/pYAKdQqworYCLkRSmF8Q5INCUJFgRkBzFrWWUbxbJH, for RelyinParty=appdrp. Additional info: TargetURL='http://jwai-t.na.rsa.net/protectedpage.html', AssertionID='_4c016b38f5b099a381671f086dc9c317f53687cd', LocalSubject='SAMLSubject nameQualifier=null format=#CTUID 'user''

2005-07-07 16:17:24,425 CRITICAL - [SAML-RpSsoArtifactRequestCreated: _4dfef60844558b805e22c3b1cdaaab7cdcd72bd4; appdap; Artifact='AAHAOWFStCxKh/pYAKdQqworYCLkRSmF8Q5INCUJFgRkBzFrWWUbxbJH', ] RelyingParty created Request Id=_4dfef60844558b805e22c3b1cdaaab7cdcd72bd4, sent to AssertingParty=appdap. Additonal Info: Artifact='AAHAOWFStCxKh/pYAKdQqworYCLkRSmF8Q5INCUJFgRkBzFrWWUbxbJH',

2005-07-07 16:17:24,566 CRITICAL - [SAML-ApRequestReceived: _4dfef60844558b805e22c3b1cdaaab7cdcd72bd4; appdrp; RPLookupKey='MapHttpBasicAuthnId'] AssertingParty received Request Id=_4dfef60844558b805e22c3b1cdaaab7cdcd72bd4, from RelyingParty=appdrp. Additional Info: RPLookupKey='MapHttpBasicAuthnId'

2005-07-07 16:17:24,566 CRITICAL - [SAML-ApRequestReceived: _4dfef60844558b805e22c3b1cdaaab7cdcd72bd4; appdrp; RequestType='ArtifactRequest'] AssertingParty received Request Id=_4dfef60844558b805e22c3b1cdaaab7cdcd72bd4, from RelyingParty=appdrp. Additional Info: RequestType='ArtifactRequest'

2005-07-07 16:17:24,581 CRITICAL - [SAML-ApResponseCreated: _14d844fd85782b29825f57d55152908eb1033804; _4dfef60844558b805e22c3b1cdaaab7cdcd72bd4; appdrp; ResponseStatusXML='<samlp:Status><samlp:StatusCode Value="samlp:Success"></samlp:StatusCode></samlp:Status>', AssertionId='_4c016b38f5b099a381671f086dc9c317f53687cd', ] AssertionParty created Response Id=_14d844fd85782b29825f57d55152908eb1033804, for Request Id=_4dfef60844558b805e22c3b1cdaaab7cdcd72bd4, for RelyingParty=appdrp. Additional Info: ResponseStatusXML='<samlp:Status><samlp:StatusCode Value="samlp:Success"></samlp:StatusCode></samlp:Status>', AssertionId='_4c016b38f5b099a381671f086dc9c317f53687cd',

2005-07-07 16:17:25,628 CRITICAL - [SAML-CtPropNotFound: CtAttributePluginRP.setCtUserProperty(); samlattr1; user2] method CtAttributePluginRP.setCtUserProperty(): Property samlattr1 not found for ClearTrust user user2; unable to store SAML attributes for this user

2005-07-07 16:17:25,628 CRITICAL - [SAML-RpSsoResponseExcep: SamlSsoRelyingPartyServiceBean.processSamlSsoResponse(); Cannot process SAML Attribute. \; nested exception is: com.rsa.csf.techservice.saml.plugins.AttributePluginException: user property not found in ClearTrust: samlattr1] method SamlSsoRelyingPartyServiceBean.processSamlSsoResponse(): unexpected exception received by the RP when processing the SSO response message: Cannot process SAML Attribute. ; nested exception is: com.rsa.csf.techservice.saml.plugins.AttributePluginException: user property not found in ClearTrust: samlattr1
CauseThe RSA ClearTrust user property samlattr1 was not set up
ResolutionAccording to Appendix D, page 124 of the RSA Federated Identity Manager (FIM) 2.5 Planning and Installation Guide, the following steps need to be completed:

6. Add a new property named "samlattr1" using the following information. For further instructions, see your RSA ClearTrust documentation.

? For the Data Type, select String

? Clear the Read Only checkbox, if it is selected

? Select Export/Publish
Legacy Article IDa26964

Attachments

    Outcomes