Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

CrowdHttpAuthenticator usage with Crowd 2.3 REST api (IllegalArgumentException: setAttribute)

I'm working on a servlet filter that uses the CrowdHttpAuthenticator class to operate on a request/response. (It's actually a migration effort from the pre2.1 SOAP api to REST, following

The servlet uses a persistent CrowdHttpAuthenticatorImpl() instance which is initialised in the filter's init() function.

I'm using two functions from this class:

  • isAuthenticated() to test for valid crowd authentication
  • authenticateWithoutValidatingPassword() to forcibly validate a request.

I'm having a problem with the authenticateWithoutValidatingPassword() function - when I call it with a (request, response, username) triplet, I get the following exception:

java.lang.IllegalArgumentException: setAttribute: name parameter cannot be null
        at org.apache.catalina.session.StandardSession.setAttribute(
        at org.apache.catalina.session.StandardSession.setAttribute(
        at org.apache.catalina.session.StandardSessionFacade.setAttribute(
        at com.atlassian.crowd.integration.http.util.CrowdHttpTokenHelperImpl.setCrowdToken(
        at com.atlassian.crowd.integration.http.CrowdHttpAuthenticatorImpl.authenticateWithoutValidatingPassword(

I've pasted below a skeleton example showing how I'm using these classes.

Any idea what's causing the IllegalArgumentException above?

Am I using the CrowdClient/CrowdHttpAuthenticator classes incorrectly?




public class MyFilter implements Filter {

    CrowdClient crowdClient;
    CrowdHttpAuthenticator crowdHttpAuthenticator;

    protected final Logger logger = Logger.getLogger(this.getClass());
    private final static String USERID = "USERID";

    public void init( FilterConfig filterConfig ) throws ServletException 
    	Properties crowd_props = new Properties();
    	ClientProperties clientProperties = ClientPropertiesImpl.newInstanceFromProperties(crowd_props);    	
    	crowdClient = new;
    	crowdHttpAuthenticator = new CrowdHttpAuthenticatorImpl(crowdClient, 

    public void doFilter( ServletRequest request,
                ServletResponse response,
                FilterChain chain ) throws IOException, ServletException
        HttpServletRequest req = (HttpServletRequest)request;
        HttpServletResponse resp = (HttpServletResponse)response;

	String userid = req.getHeader(USERID);

	if (crowdHttpAuthenticator.isAuthenticated(req, resp)) {
            logger.debug("Have crowd token.");
        else {
           logger.debug("Authenticating user '"+userid+"'");
           crowdHttpAuthenticator.authenticateWithoutValidatingPassword(req, resp, userid);
            // Verify
            if (!(crowdHttpAuthenticator.isAuthenticated(req, resp))) {
               	throw new MyFilterException("Authenticated user, but failed in verification.");
	chain.doFilter(req, resp);

1 answer

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Answer accepted

I got some pointers from Atlassian support (thanks Foogie), and I fixed my problem by adding the following line to my file:

session.lastvalidation session.lastvalidation

The exception was being thrown in the following function call in <tt>CrowdHttpTokenHelperImpl.setCrowdToken()</tt>

session.setAttribute(clientProperties.getSessionLastValidation(), new Date());

The call to clientProperties.getSessionLastValidation() was returning null until I amended my file.

Community showcase
Published in Marketplace Apps & Integrations

Delivery and Operations Teams can be more Effective and Profitable

    Managing services end-to-end, optimizing efforts to deliver the best services to customers. This is what team leaders and managers want to achieve. When using a tool like Jira, it...

0 views 0 0
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you