Skip to content
Advertisement

Unable to get the AuthenticationResult after redirecting to java web-app

I am trying to integrate azure ad into a java web application using openidconnect approach. My web application is deployed on weblogic application server.

Reference: microsoft doc

Base code that I used is from microsoft github repo: Link

After integration, I was able to redirect my login page to Microsoft login page, entered credential and then when Microsoft redirects back to my login page, it lands in below controller which is my redirect reply URL, here the result object (AuthenticationResult) is null. The session object doesn’t seem to have attribute called ‘principle’. I am not sure where I have gone wrong, can anyone please point me in the right direction?

@Controller
@RequestMapping("/jsp/MyClientControllerServlet")
public class AadController {
    
    
    private static Logger logger = Logger.getLogger(AadController.class);
    @RequestMapping(method = { RequestMethod.GET, RequestMethod.POST })
    public String getDirectoryObjects(ModelMap model, HttpServletRequest httpRequest) {
        logger.info("Starting getDirectoryObjects");
        HttpSession session = httpRequest.getSession();
        logger.info("session: "+session);
        //The principle session name variable has the string 'principle'. 
        //I am not sure if this is a static attribute that applies to all applications.
        //I guess this attribute is not available on my HttpSession which is why my AuthenticationResult is null
        AuthenticationResult result = (AuthenticationResult) session.getAttribute(AuthHelper.PRINCIPAL_SESSION_NAME);
        if (result == null) {
            model.addAttribute("error", new Exception("AuthenticationResult not found in session."));
            return "/error";
        } else {
            System.out.println("Login session success");

Update #1: I tried to print contents of my HttpSession by enumerating on it and I find that it has just one attribute called ‘states’ which is empty as well.

From my logs:

INFO  BasicFilter:81 - doFilter
INFO  BasicFilter:134 - processAuthenticationData
INFO  AuthenticationAuthority:149 - [Correlation ID: 546546454-18e3-499e-8cc9-0ABCDf3a3584] Instance discovery was successful
DEBUG DispatcherServlet:693 - DispatcherServlet with name 'mvc-dispatcher' processing POST request for [/myPortal/jsp/MyClientControllerServlet]
DEBUG DefaultAnnotationHandlerMapping:221 - Mapping [/jsp/MyClientControllerServlet] to HandlerExecutionChain with handler [com.microsoft.aad.adal4jsample.AadController@50f6da2b] and 2 interceptors
DEBUG HandlerMethodInvoker:173 - Invoking request handler method: public java.lang.String com.microsoft.aad.adal4jsample.AadController.getDirectoryObjects(org.springframework.ui.ModelMap,javax.servlet.http.HttpServletRequest)
INFO  AadController:54 - Starting getDirectoryObjects
INFO  AadController:56 - session: weblogic.servlet.internal.session.MemorySessionData@17d119dd
INFO  AadController:61 - states : {}

Update #2: I tried to print attributes of HttpServletRequest object by enumerating on it and one of the attribute is called error which has this value.

INFO  AadController:81 - error : com/nimbusds/jose/shaded/json/parser/ParseException

Answer

After adding more logs as suggested by @Allen Wu, I was able to finally obtain a glaring stacktrace :

Caused by: java.lang.UnsupportedClassVersionError: com/nimbusds/jose/shaded/json/parser/ParseException : Unsupported major.minor version 52.0

The nimbusds site says their latest release supports JDK 7+ versions, but the latest jar version 9.9.3 supports from JDK 8+ only, hence the above error. After I replaced with version 7.8 (randomly picked a lower version) the application worked right away.

<dependency>
    <groupId>com.nimbusds</groupId>
    <artifactId>nimbus-jose-jwt</artifactId>
    <version>7.8</version>
</dependency>
Advertisement