LDAP Authn exception help needed.

[Cantor, Scott]

On 8/5/15, 10:37 AM, "users on behalf of O'Dowd, Josh" <users-bounces at shibboleth.net on behalf of Josh.O'Dowd at mso.umt.edu> wrote:



>You may remember I am customizing our LDAP authn process a little bit to include an intercept.  The intercept appears to be working as expected, when the user credentials are good.  However, if the password is wrong, I am seeing the following
> error-page message:
> 
>java.lang.IllegalArgumentException: Cannot find state with id 'InvalidPassword' in flow 

The code provided uses the event "InvalidCredentials" to deal with a bad password result. Something you did is circumventing that and you haven't provided a transition rule to handle that event. There is no built-in event by that name.

A default transition rule is used to pass control to a state that matches the name of the signaled event, and that's what it's trying to use here and failing.

>I am seeing a similar error for “Cannot find state with id ‘ExpiredPassword’.

That event is routed to an empty/example subflow for handling an expired password because the login flows inherit from flows/authn/conditions/conditions-flow.xml where that transition is defined. That event will "pass-through" that empty subflow and eventually end up back on the login page unless the conditions flow is modified.

Doing anything like what you're doing requires manipulating the conditions flow files to add additional transitions, states, and subflows, or filling in content into the empty subflows predefined for catching a few sample events.

-- Scott