Solutions

Login page does not load when using authentication trees with custom or Marketplace nodes in AM 6.5

Last updated Dec 21, 2018

The purpose of this article is to provide assistance if the login page does not load when using authentication trees in AM 6.5 and the tree editor in the console is missing nodes. These issues occur when you have custom or Marketplace nodes. You will see "Unsupported node type" errors when this happens.


Symptoms

Note

The Unsupported node type referenced in the following errors does not indicate the custom or Marketplace node causing the issues; instead it refers to one of the nodes in the tree you are accessing.

Login page

The browser shows a Loading... message but nothing else happens.

Errors similar to the following are shown when this happens:  

  • CoreSystem debug log:
    frRest:12/19/2018 02:34:05:080 pm GMT: Thread[http-nio-48080-exec-5,5,main]: TransactionId[8447c05f-4bc1-4d38-bae0-ad6b3cca7b44-69807]
    ERROR: Could not invoke method:
    java.lang.reflect.InvocationTargetException
       at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
       at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
       at java.base/java.lang.reflect.Method.invoke(Method.java:566)
       at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:76)
       at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:64)
       at org.forgerock.http.routing.Router.handle(Router.java:100)
       at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:59)
    Caused by: java.lang.IllegalArgumentException: Unsupported node type ZeroPageLoginNode
       at org.forgerock.openam.auth.trees.engine.NodeFactory.createNode(NodeFactory.java:122)
       at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:97)
       at org.forgerock.openam.core.rest.authn.trees.AuthTrees.processTree(AuthTrees.java:389)
       at org.forgerock.openam.core.rest.authn.trees.AuthTrees.evaluateTreeAndProcessResult(AuthTrees.java:245)
       at org.forgerock.openam.core.rest.authn.trees.AuthTrees.invokeTree(AuthTrees.java:237)
       at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:203)
       at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:164)
       ... 89 more
    
  • Authentication debug log:
    amAuth:12/19/2018 02:34:06:437 pm GMT: Thread[http-nio-48080-exec-7,5,main]: TransactionId[8447c05f-4bc1-4d38-bae0-ad6b3cca7b44-69841]
    ERROR: Unsupported node type ZeroPageLoginNode
    

Console

You will notice one or more of the following symptoms in the AM console when you select a tree to edit:

  • The authentication tree designer is completely empty; it does not include any nodes nor the Start and Failure entry/exit points. An empty pink warning message box briefly displays upon selecting the tree.
  • The Components panel is missing all or some of the available nodes.
  • The required node appears in the Components panel but does not have any outcomes when dragged onto the authentication tree designer. An empty pink warning message box briefly displays upon moving the node.

An error similar to the following may be shown in the CoreSystem debug log when this happens:

frRest:12/19/2018 10:19:59:093 am GMT: Thread[http-nio-48080-exec-7,5,main]: TransactionId[8447c05f-4bc1-4d38-bae0-ad6b3cca7b44-1420]
ERROR: A runtime exception occurred during the CREST request handling
java.lang.IllegalStateException: Exception from invocation expected to be handled by promise
   at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:100)
   at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:65)
   at org.forgerock.json.resource.AnnotationCollectionInstance.handleRead(AnnotationCollectionInstance.java:51)
   at org.forgerock.json.resource.FilterChain$Cursor.handleRead(FilterChain.java:105)
   at org.forgerock.json.resource.Resources$CollectionInstanceIdContextFilter.filterRead(Resources.java:528)
...
Caused by: java.lang.reflect.InvocationTargetException
   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.base/java.lang.reflect.Method.invoke(Method.java:566)
   at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:96)
   ... 141 more
Caused by: java.lang.IllegalArgumentException: Unsupported node type UsernameCollectorNode
   at org.forgerock.openam.auth.trees.engine.NodeFactory.getOutcomeProvider(NodeFactory.java:173)
   at org.forgerock.openam.auth.trees.engine.NodeFactory.getNodeOutcomes(NodeFactory.java:199)
   at org.forgerock.openam.core.rest.sms.AuthTreesCollectionProvider.read(AuthTreesCollectionProvider.java:296)
   ... 146 more

Recent Changes

Upgraded to, or installed AM 6.5.

Installed a custom or Marketplace node. For example, the Have I Been Pwned Authentication Marketplace node. 

Causes

The dependency on forgerock-guava has been removed in AM 6.5 and instead these libraries are retrieved directly from Google Guava. For example, all the node .java files have been updated as follows:

import com.google.common.collect.ImmutableList;
//import org.forgerock.guava.common.collect.ImmutableList;

The custom or Marketplace node fails because it uses one of the 'org.forgerock.guava' classes; these classes have been removed from the classpath since they are no longer supported.

Solution

This issue can be resolved either by updating the node so that it does not use any org.forgerock.guava classes or by adding a dependency on Guava.

Remove org.forgerock.guava classes

You can either use simple replacements from the standard JDK collections classes or one of the following methods:

  • Collections.singletonMap
  • Collections.singletonList
  • Arrays.asList

Add a dependency

If you want to continue using these org.forgerock.guava classes, you should add a dependency on Guava and bundle it properly per the instructions in Authentication Node Development Guide › The Maven Project for an Authentication Node.

Note

Customizing authentication nodes is outside the scope of ForgeRock support; if you want more tailored advice, consider engaging Professional Services.

See Also

Authentication trees in AM

Authentication Node Development Guide

Guava: Google Core Libraries for Java

Using the BackStage Marketplace

Related Training

N/A

Related Issue Tracker IDs

OPENAM-14092 (Custom node can prevent all default nodes appearing in admin view)



Copyright and TrademarksCopyright © 2018 ForgeRock, all rights reserved.
Loading...