You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Crowd v2.7.2
Client: Poco C++ app
Target resource: /crowd/rest/usermanagement/latest/authentication
Error Response body excerpt:
"{"message":"The validated object is null","status-code":500,"stack-trace":"java.lang.NullPointerException: The validated object is null\n\tat org.apache.commons.lang3.Validate.notNull(Validate.java:222)\n\tat org.apache.commons.lang3.Validate.notNull(Validate.java:203)\n\tat com.atlassian.crowd.manager.application.AliasManagerImpl.findUsernameByAlias(AliasManagerImpl.java:35)...}"
Problem:
This resource is returning an 500 internal server error with the above response body. I've successfully authenticated the same configured user using the "/crowd/rest/usermanagement/latest/session", however I don't need an SSO token, and instead want the configured user attributes which are automatically returned in the .../lastest/authentication resource as described here: crowd_docs_link
The API differences between the two resources as far as I understand are:
/authentication
- uses 'username' query param
- only the password is sent in the request body as JSON with key "value"
/session
- no query param used (tested with defaults)
- username and password are sent in the request body as JSON
Both use Basic Authentication for validating our configured Crowd application.
Again, the /session resource succeeded, and I'd rather not do an additional call to /user/attribute just to get the user info that is available through the /authentication resource.
The chages in our code between the the /session resource and /authentication resource is limited to:
- adding the 'username' query param
- trimming the JSON payload down to one property, with key "value" and its value equal to the same password string.
Question:
Am I using the /authentication resource correctly? As this is the authentication portal, there shouldn't be any cookie requirement, correct? Am I missing something?
Any help would be greatly appreciated.
Thanks!