NullPointerException Logging in via SSO in Confluence Data Center

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Server and Data Center Only - This article only applies to Atlassian products on the server and data center platforms.

Summary

Logging in via SAML to Confluence produces a NullPointerException and the following stack trace in the UI and atlassian-confluence.log:

2020-11-06 15:37:52,504 ERROR [http-nio-8090-exec-3] [ContainerBase.[Standalone].[localhost].[/]] log Unhandled exception occurred whilst decorating page
 -- referer: https://sso.google.com/ | url: /plugins/servlet/samlconsumer | traceId: 7c45b7ec46e13fe8 | userName: anonymous
java.lang.NullPointerException
	at com.google.common.collect.Iterables.getOnlyElement(Iterables.java:254)
	at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.getAttributeOrNameId(SamlConsumerServlet.java:150)
	at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.lambda$getUsername$1(SamlConsumerServlet.java:146)
	at java.base/java.util.stream.Collectors.lambda$uniqKeysMapAccumulator$1(Unknown Source)
	at java.base/java.util.stream.ReduceOps$3ReducingSink.accept(Unknown Source)
	at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(Unknown Source)
	at java.base/java.util.stream.AbstractPipeline.copyInto(Unknown Source)
	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source)
	at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(Unknown Source)
	at java.base/java.util.stream.AbstractPipeline.evaluate(Unknown Source)
	at java.base/java.util.stream.ReferencePipeline.collect(Unknown Source)
	at com.atlassian.plugins.authentication.impl.web.usercontext.impl.jit.mapping.MappingExpression.evaluateWithValues(MappingExpression.java:97)
	at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.getUsername(SamlConsumerServlet.java:146)
	at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.doPost(SamlConsumerServlet.java:99)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:652)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
	at com.atlassian.plugin.servlet.DelegatingPluginServlet.service(DelegatingPluginServlet.java:37)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
	at com.atlassian.plugin.servlet.ServletModuleContainerServlet.service(ServletModuleContainerServlet.java:46)
	at com.atlassian.confluence.servlet.ServletModuleContainerServlet.service(ServletModuleContainerServlet.java:47)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
  ...


Environment

  • Confluence Data Center 
  • Data Center SAML 

Cause


The Username Mapping attribute defined under   > General Configuration > SAML 2.0 cannot be found in the list of attributes returned from the Identity Provider's SAML assertion.

Solution

Capture the IdP's response logging in as a test user (How to view SAML responses in your browser for troubleshooting) and locate the Attribute Statement section.

Find the AttributeValue that matches the user's Confluence username and copy the corresponding Attribute Name over to  > General Configuration > SAML 2.0 > Username Mapping



Last modified on Jan 21, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.