Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Identity Server setup as WS-FED IDentity Server
Sharepoint 2010 Server setup as WS-FED Service Provider
NetIQ Access Manager 3.2 Identity Server setup as WS-FED IDentity Server
Sharepoint 2010 Server setup as WS-FED Service Provider
Situation
When SP2013 generates the AuthnRequest to the IDP server, the NAM Identity server respond with a 500 internal error, caused by a null pointer exception. The catalina log files shows the following: <amLogEntry> 2013-06-06T16:03:02Z DEBUG NIDS Application: Method: NIDPProxyableServlet.myDoGetWithProxy Thread: http-bio-147.2.16.135-8443-exec-7 ****** HttpServletRequest Information: Method: GET Scheme: https Context Path: /nidp Servlet Path: /wsfed Query String: wa=wsignin1.0&wtrealm=urn%3afederation%3asp2013&wctx=https%3a%2f%2fwin2k12dc.win2k12lab.info%3a24094%2f_layouts%2f15%2fAuthenticate.aspx% 3fSource%3d%252F&wreply=https%3a%2f%2fwin2k12dc.win2k12lab.info%3a24094%2f_trust%2fdefault.aspx Path Info: /ep Server Name: nam32phys.lab.novell.com Server Port: 8443 Content Length: -1 Content Type: null Auth Type: null Request URL: https://nam32phys.lab.novell.com:8443/nidp/wsfed/ep Host IP Address: 147.2.16.135 Remote Client IP Address: 147.2.47.17 Header: Name: accept, Value: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-application, application/ x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Header: Name: accept-language, Value: en-ie Header: Name: user-agent, Value: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3 .5.30729; .NET CLR 1.1.4322; MS-RTC LM 8) Header: Name: accept-encoding, Value: gzip, deflate Header: Name: host, Value: nam32phys.lab.novell.com:8443 Header: Name: connection, Value: Keep-Alive Session Id: 6873C46DCE85D60643F8F65580F0F7E5 Session Last Accessed Time: 1370534582750 </amLogEntry> : : <amLogEntry> 2013-06-06T16:03:02Z DEBUG NIDS Application: Method: CacheMap.A Thread: http-bio-147.2.16.135-8443-exec-7 Retrieval of object from cache session failed using key 6873C46DCE85D60643F8F65580F0F7E5. Cache size is 0 </amLogEntry> <amLogEntry> 2013-06-06T16:03:02Z DEBUG NIDS Application: Method: CacheMap.A Thread: http-bio-147.2.16.135-8443-exec-7 Retrieval of object from cache ancestralsession failed using key 6873C46DCE85D60643F8F65580F0F7E5. Cache size is 0 </amLogEntry> <amLogEntry> 2013-06-06T16:03:02Z DEBUG NIDS Application: AM#600105011: AMDEVICEID#DB7471BE99DE2C40: AMAUTHID#6873C46DCE85D60643F8F65580F0F7E5: IDP ws fed handler to process request received for /nidp/wsfed </amLogEntry> : : <amLogEntry> 2013-06-06T16:03:02Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry> Added claim http://schemas.xmlsoap.org/claims/emailAddress Added claim http://schemas.xmlsoap.org/claims/roles <amLogEntry> 2013-06-06T16:03:02Z INFO NIDS Application: AM#500105016: AMDEVICEID#DB7471BE99DE2C40: AMAUTHID#6873C46DCE85D60643F8F65580F0F7E5: Process ing login resulting from Service Provider authentication request. </amLogEntry> <amLogEntry> 2013-06-06T16:03:02Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry> <amLogEntry> 2013-06-06T16:03:02Z INFO NIDS Application: AM#500105009: AMDEVICEID#DB7471BE99DE2C40: AMAUTHID#6873C46DCE85D60643F8F65580F0F7E5: Executi ng contract Name/Password - Form. </amLogEntry> : : <amLogEntry> 2013-06-06T16:03:02Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry> <amLogEntry> 2013-06-06T16:03:02Z VERBOSE NIDS Application: Executing authentication method Introduction </amLogEntry> Jun 06, 2013 5:03:02 PM org.apache.catalina.core.StandardWrapperValve invoke SEVERE: Servlet.service() for servlet [NIDPServlet] in context with path [/nidp] threw exception java.lang.NullPointerException at com.novell.nidp.saml2.authentication.card.SAML2IDPAuthenticationCard.isProxyable(y:2996) at com.novell.nidp.authentication.AuthenticationManager.getProviderCards(y:1401) at com.novell.nidp.authentication.AuthenticationManager.getCards(y:496) at com.novell.nidp.authentication.local.CardBasedClass.getCards(y:2928) at com.novell.nidp.authentication.local.IntroductionClass.authenticate(y:803) at com.novell.nidp.authentication.ContractExecutionState.A(y:1056) at com.novell.nidp.authentication.ContractExecutionState.doContract(y:3524) at com.novell.nidp.authentication.ContractExecutionState.exec(y:1262) at com.novell.nidp.authentication.ContractExecutionState.execute(y:788) at com.novell.nidp.common.profile.LoginProfile.C(y:3546) at com.novell.nidp.common.profile.LoginProfile.executeContract(y:2397) at com.novell.nidp.common.profile.LoginProfile.executeContract(y:2869) at com.novell.nidp.common.profile.LoginProfile.spLogin(y:3360) at com.novell.nidp.wsfed.profile.WSFedSSOProfile.doAuthentication(y:1899) at com.novell.nidp.wsfed.profile.WSFedSSOProfile.processRST(y:360) at com.novell.nidp.wsfed.profile.WSFedSSOProfile.processRequest(y:1836) at com.novell.nidp.wsfed.WSFedHandler.k(y:320) at com.novell.nidp.wsfed.WSFedHandler.handleRequest(y:1884) at com.novell.nidp.wsfed.WSFedMeDescriptor.handleRequest(y:2007) at com.novell.nidp.servlets.NIDPServlet.myDoGet(y:866) at com.novell.nidp.servlets.NIDPBaseServlet.doGet(y:1516) at javax.servlet.http.HttpServlet.service(HttpServlet.java:621) at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
Resolution
Fixed in 3.2.2 IR1.