This is a nice stacktrace from the online banking at BoA, revealing the use of SAML2, http://openam.forgerock.org/ and JBoss Web/2.1.11.GA.
Most puzzling part: Why a big bank cannot configure the servers to display a proper ErrorPage instead of a stacktrace.
HTTP Status 500 –
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: AMSetupFilter.doFilter com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:121) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
org.apache.jasper.JasperException: javax.servlet.ServletException: com.sun.identity.saml2.common.SAML2Exception: The SAMLArt is missing from the HttpRequest. org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:515) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:322) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:249) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44) com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
javax.servlet.ServletException: com.sun.identity.saml2.common.SAML2Exception: The SAMLArt is missing from the HttpRequest. org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:852) org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:781) org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp.java:360) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:369) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:322) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:249) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44) com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
com.sun.identity.saml2.common.SAML2Exception: The SAMLArt is missing from the HttpRequest. com.sun.identity.saml2.profile.SPACSUtils.getResponseFromGet(SPACSUtils.java:278) com.sun.identity.saml2.profile.SPACSUtils.getResponse(SPACSUtils.java:174) org.apache.jsp.saml2.jsp.spAssertionConsumer_jsp._jspService(spAssertionConsumer_jsp.java:183) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:369) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:322) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:249) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44) com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
note The full stack trace of the root cause is available in the JBoss Web/2.1.11.GA logs.
KarstenVoges - Enterprise Architecture, Startup, Lean 