Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator

2011-04-06T17:41:00
ID ATLASSIAN:CONFSERVER-22266
Type atlassian
Reporter gswduke
Modified 2017-02-17T05:22:02

Description

Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is:

{noformat} Caused by: org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [com.atlassian.seraph.service.rememberme.DefaultRememberMeConfiguration]: Constructor threw exception; nested exception is java.lang.RuntimeException: Could not load security config 'seraph-config.xml': Exception configuring from 'seraph-config.xml'. : com.atlassian.seraph.config.ConfigurationException: Could not create: authenticator : java.lang.InstantiationException: Unable to instantiate class 'shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator' Caused by: java.lang.RuntimeException: Could not load security config 'seraph-config.xml': Exception configuring from 'seraph-config.xml'. : com.atlassian.seraph.config.ConfigurationException: Could not create: authenticator : java.lang.InstantiationException: Unable to instantiate class 'shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator' at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:60) ... Caused by: com.atlassian.seraph.config.ConfigurationException: Exception configuring from 'seraph-config.xml'. : com.atlassian.seraph.config.ConfigurationException: Could not create: authenticator : java.lang.InstantiationException: Unable to instantiate class 'shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator' at com.atlassian.seraph.config.SecurityConfigImpl.<init>(SecurityConfigImpl.java:170) ... Caused by: com.atlassian.seraph.config.ConfigurationException: Could not create: authenticator : java.lang.InstantiationException: Unable to instantiate class 'shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator' at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:288) ... Caused by: java.lang.InstantiationException: Unable to instantiate class 'shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator' at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:278) ... {noformat}

According to Atlassian 3.5 documentation: http://confluence.atlassian.com/display/DOC/Confluence+3.5+Upgrade+Notes#Confluence3.5UpgradeNotes-ForCustomersUsingCustomAuthenticators

{quote} For Customers Using Custom Authenticators

Custom authenticators, as defined in seraph-config.xml, are not affected and should work in the same way as in earlier versions of Confluence. {quote}

That does not seem to be accurate, as there is work that needs to be done to authenticators in order to update them such that they will work in Confluence 3.5, even just in regard to Seraph.

Note: this plugin is mentioned in Atlassian documentation as example of custom authenticator: http://confluence.atlassian.com/display/DEV/Single+Sign-on+Integration+with+JIRA+and+Confluence

See ticket for details and built plugin jar: https://studio.plugins.atlassian.com/browse/SHBL-47

Current version of plugin showing this problem attached to that ticket. Source is here for review: https://studio.plugins.atlassian.com/svn/SHBL/trunk/

Is likely that part of issue is how plugin is declared in atlassian-plugin.xml: https://studio.plugins.atlassian.com/svn/SHBL/trunk/src/main/resources/atlassian-plugin.xml

Specifically, I'm not sure how to declare the authenticator as a resource so that it can be loaded via seraph config, since using OSGi now. It isn't a component, I think, because should be loading by fully-qualified classname in seraph config, not via component key:

{noformat} <component key="remoteUserAuth" class="shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator"> <description>Shibboleth authenticator.</description> <interface>shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator</interface> </component> {noformat}

Help would be appreciated as this is keeping those using Shibboleth from upgrading to Confluence 3.5.

Have seen bugs in Seraph, etc. that could be related, but don't see a duplicate of this issue.

Much thanks, Gary