DuoOIDC plugin: Bean property 'clockSkew' is not writable or has an invalid setter method
Wessel, Keith
kwessel at illinois.edu
Thu Aug 12 20:28:27 UTC 2021
Hey, all,
We're trying to tinker with the new DuoOIDC plugin (the Nimbus-based version), and when it fires in our MFA flow, we get an error in the browser and this in the log:
2021-08-12 15:14:35,655 - ERROR [net.shibboleth.idp.authn:-2] - Uncaught runtime exception - [session=CCD391658B9495CAA005AEE2092EFB45] [ip=10.251.128.113] org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'shibboleth.authn.DuoOIDC.DefaultDuoTokenClaimsVerifier' defined in URL [jar:file:/usr/local/tomcat/webapps/idp/WEB-INF/lib/idp-plugin-duo-impl-1.1.1.jar!/META-INF/net/shibboleth/idp/flows/authn/DuoOIDC/duo-oidc-authn-beans.xml]: Cannot create inner bean 'authenticationTimeClaimValidator' of type [net.shibboleth.oidc.security.jwt.claims.impl.AuthenticationTimeClaimsValidator] while setting bean property 'claimValidators' with key [7]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationTimeClaimValidator' defined in URL [jar:file:/usr/local/tomcat/webapps/idp/WEB-INF/lib/idp-plugin-duo-impl-1.1.1.jar!/META-INF/net/shibboleth/idp/flows/authn/DuoOIDC/duo-oidc-authn-beans.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'clockSkew' of bean class [net.shibboleth.oidc.security.jwt.claims.impl.AuthenticationTimeClaimsValidator]: Bean property 'clockSkew' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?\n at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:389)\nCaused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationTimeClaimValidator' defined in URL [jar:file:/usr/local/tomcat/webapps/idp/WEB-INF/lib/idp-plugin-duo-impl-1.1.1.jar!/META-INF/net/shibboleth/idp/flows/authn/DuoOIDC/duo-oidc-authn-beans.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'clockSkew' of bean class [net.shibboleth.oidc.security.jwt.claims.impl.AuthenticationTimeClaimsValidator]: Bean property 'clockSkew' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?\n at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1726)\nCaused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'clockSkew' of bean class [net.shibboleth.oidc.security.jwt.claims.impl.AuthenticationTimeClaimsValidator]: Bean property 'clockSkew' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?\n at org.springframework.beans.BeanWrapperImpl.createNotWritablePropertyException(BeanWrapperImpl.java:243)\n
Is this a bug, or do I have something misconfigured that's causing the IdP to choak with this cryptic message?
Thanks,
Keith
More information about the users
mailing list