Null pointer exception on login - blank page displayed

[lukweza]

Hello,

I'm trying to get pentaho 8.1 to run with a postgresql backend.
I am using jdbc security.

I see no exceptions during startup.
When logging on ( http://localhost:8080/pentaho ) as admin, I can see in the pentaho.log that the admin has been logged in, followed by an exception:

2019-01-04 16:03:47,022 DEBUG [org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache] Cache hit: false; username: admin 2019-01-04 16:03:47,028 DEBUG [org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache] Cache put: admin 2019-01-04 16:03:47,030 DEBUG [org.pentaho.platform.engine.security.event.PentahoAuthenticationSuccessListener] received AuthenticationSuccessEvent 2019-01-04 16:03:47,030 DEBUG [org.pentaho.platform.engine.security.event.PentahoAuthenticationSuccessListener] synchronizing current IPentahoSession with SecurityContext 2019-01-04 16:03:47,034 INFO [org.pentaho.platform.engine.security.event.PentahoAuthenticationSuccessListener] The user "admin" connected to server with session ID 9F28843FD481A60E87DE9A9ED7C8DBF7 2019-01-04 16:03:47,040 DEBUG [org.pentaho.platform.engine.security.SecurityHelper] rolesForUser:[Authenticated, admin, Anonymous] 2019-01-04 16:03:47,041 ERROR [org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener] null java.lang.NullPointerException at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener$1.call(BackingRepositoryLifecycleManagerAuthenticationSuccessListener.java:86) at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener$1.call(BackingRepositoryLifecycleManagerAuthenticationSuccessListener.java:82) at org.pentaho.platform.engine.security.SecurityHelper.runAsSystem(SecurityHelper.java:421) at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener.onApplicationEvent(BackingRepositoryLifecycleManagerAuthenticationSuccessListener.java:82)

As I couldn't figure out what is going wrong, I decided to compile it myself.
My setup:
Apache Maven 3.6.0 (97c98ec64a1fdfee7767ce5ffb20918da4f719f3; 2018-10-24T20:41:47+02:00)
Maven home: xxx/lib/apache-maven-3.6.0
Java version: 1.8.0_191, vendor: Oracle Corporation, runtime: xxx/lib/jdk1.8.0_191/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "4.18.0-2-amd64", arch: "amd64", family: "unix"

.. this produces a successful build of Pentaho BI Platform Community Edition 8.3.0.0-SNAPSHOT

When running the tests - I can see the same exception occurring:
[INFO] Running org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListenerTest 17:27:05,223 INFO [BackingRepositoryLifecycleManagerAuthenticationSuccessListener] The user "testCurrentUser-/pentaho/testTenant" connected to repository 17:27:05,224 ERROR [BackingRepositoryLifecycleManagerAuthenticationSuccessListener] Unit Test Exception java.lang.RuntimeException: Unit Test Exception at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListenerTest$MockBackingRepositoryLifecycleManager.newTenant(BackingRepositoryLifecycleManagerAuthenticationSuccessListenerTest.java:126) at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener$1.call(BackingRepositoryLifecycleManagerAuthenticationSuccessListener.java:86) at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener$1.call(BackingRepositoryLifecycleManagerAuthenticationSuccessListener.java:82) at org.pentaho.test.platform.engine.security.MockSecurityHelper.runAsSystem(MockSecurityHelper.java:111) at org.pentaho.platform.repository2.unified.spring.BackingRepositoryLifecycleManagerAuthenticationSuccessListener.onApplicationEvent(BackingRepositoryLifecycleManagerAuthenticationSuccessListener.java:82)

However, the tests all pass.

Could this be a bug ?

Cheers,
/m

[pamval]

I think it's probably a configuration issue. Why don't you post this question at our community forums? Maybe someone there can help figure it out. Thanks!

https://community.hitachivantara.com/community/products-and-solutions/pentaho

[lukweza]

Hello pamval,
Yes, I came to the same conclusion and revisited my configuration and managed to find an incorrect local jackrabbit setting (in repository.xml) that, when reverted, made this error go away.
Once the exception went away, I was able to logon with the admin user.
Unfortunately, jackrabbit appears to be unable to realise that admin is actually an admin and assumes its a regular user (no exceptions though), which means none of the admin functionality is displayed in the PUC.
I'm sure this is yet another configuration issue and not an actual bug.

I tried to logon to the forums but the sso logon fails with this error in my browser debugger:
Access to XMLHttpRequest at 'https://hitachivantara.okta.com/api/v1/authn' from origin 'https://sso.hitachivantara.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

I have tried to email hitachi support but as my email is not on some magic white list, it bounces.

When configuring spring security with jdbc auth, I followed this instruction: https://support.pentaho.com/hc/en-us/article_attachments/360004675592/Configuring_Pentaho_to_Use_Database-Based_Security.pdf
The pdf brought me to a point very close to having it running successfully with a DB backend (only the issue mentioned above remains).

So to summarise:
1 - its not a bug
2 - the forums are unreachable with no way to report it, perhaps there are other forums that work better ?
3 - does anyone know any docs that would describe how to modify the jackrabbit/repository configuration so that it recognizes / maps the logged in user correctly (using the db backend as described in the pdf) ?
Cheers,
/m

[pamval]

something's weird with your access to forums. You're not in the hitachi vantara network, are you?
If you're not it should not fwd you to the sso page, that+s for internal use only.

About your issue, that seems like the admin role mapping is not kicking in for some reason. Are you sure you followed the instructions on the "Map the Administrator Role" section? You can try setting the log level to debug and try to figure out what the issue might be with the admin role mapping.

[lukweza]

About my issue - it was a typo in applicationContext-pentaho-security-jdbc.xml that caused the issue.
Once corrected - it worked without any further issues.
I also did a setup with a MariaDB backend without any issues - so I have no further issues apart from forum access.
I'm not in the Hitachi vantara network .. weird (!)