Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

"validated object is null" error using crowd authentication rest api

Jonathon Learmond
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 14, 2017

Crowd v2.7.2

Client: Poco C++ app

Target resource: /crowd/rest/usermanagement/latest/authentication

Error Response body excerpt:
"{"message":"The validated object is null","status-code":500,"stack-trace":"java.lang.NullPointerException: The validated object is null\n\tat org.apache.commons.lang3.Validate.notNull(Validate.java:222)\n\tat org.apache.commons.lang3.Validate.notNull(Validate.java:203)\n\tat com.atlassian.crowd.manager.application.AliasManagerImpl.findUsernameByAlias(AliasManagerImpl.java:35)...}"

Problem:
This resource is returning an 500 internal server error with the above response body. I've successfully authenticated the same configured user using the "/crowd/rest/usermanagement/latest/session", however I don't need an SSO token, and instead want the configured user attributes which are automatically returned in the .../lastest/authentication resource as described here: crowd_docs_link

The API differences between the two resources as far as I understand are:
/authentication
- uses 'username' query param
- only the password is sent in the request body as JSON with key "value"

/session
- no query param used (tested with defaults)
- username and password are sent in the request body as JSON

Both use Basic Authentication for validating our configured Crowd application.

Again, the /session resource succeeded, and I'd rather not do an additional call to /user/attribute just to get the user info that is available through the /authentication resource.

The chages in our code between the the /session resource and /authentication resource is limited to:
- adding the 'username' query param
- trimming the JSON payload down to one property, with key "value" and its value equal to the same password string.

Question:

Am I using the /authentication resource correctly? As this is the authentication portal, there shouldn't be any cookie requirement, correct? Am I missing something?

Any help would be greatly appreciated.

Thanks!

0 answers

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events