Error loading Okta authenticator for Jira standalone

I have having issues setting up Okta SSO on my Jira standalone instance v7.1.10.

I have followed the direction on the Okta setup page.  I have double checked my config files till I can't see straight.  I have check file ownership and permissions, and now I am out of ideas

2017-12-23 03:05:59,759 localhost-startStop-1 ERROR      [o.a.c.c.C.[Standalone].[localhost].[/]] Exception starting filter trustedapps
java.lang.RuntimeException: Could not load security config 'seraph-config.xml': Error caught in initialisation of authenticator class 'com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30': Okta Authenticator initialization FAILED:  : java.lang.RuntimeException: Okta Authenticator initialization FAILED:
    at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:60)
    at com.atlassian.seraph.config.SecurityConfigFactory.getInstance(SecurityConfigFactory.java:21)
    at com.atlassian.security.auth.trustedapps.seraph.filter.SeraphTrustedApplicationsFilter.<init>(SeraphTrustedApplicationsFilter.java:16)
    at com.atlassian.seraph.filter.TrustedApplicationsFilter.<init>(TrustedApplicationsFilter.java:17)
    at com.atlassian.jira.security.auth.trustedapps.TrustedApplicationFilter.<init>(TrustedApplicationFilter.java:25)
    ... 3 filtered
    at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
    at java.lang.Class.newInstance(Class.java:442)
    ... 8 filtered
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Caused by: com.atlassian.seraph.config.ConfigurationException: Error caught in initialisation of authenticator class 'com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30': Okta Authenticator initialization FAILED:  : java.lang.RuntimeException: Okta Authenticator initialization FAILED:
    at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:345)
    at com.atlassian.seraph.config.SecurityConfigImpl.configureAuthenticator(SecurityConfigImpl.java:258)
    at com.atlassian.seraph.config.SecurityConfigImpl.<init>(SecurityConfigImpl.java:194)
    at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:56)
    ... 21 more
    at com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30.init(OktaJiraAuthenticator30.java:65)
    at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:337)
    ... 24 more
Caused by: java.lang.NullPointerException
    at java.io.File.<init>(File.java:277)
    at com.okta.saml.util.OktaAuthPeer.readFile(OktaAuthPeer.java:89)
    at com.okta.saml.util.OktaAuthPeer.init(OktaAuthPeer.java:51)
    at com.okta.saml.util.OktaAuthPeer.<init>(OktaAuthPeer.java:40)
    at com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30.init(OktaJiraAuthenticator30.java:62)

This section of the error makes me think that the config file name is not being passed.

Caused by: java.lang.NullPointerException
    at java.io.File.<init>(File.java:277)

Anyone have any ideas on how to troubleshoot? Am I chasing the wrong thing?  Any other pointers or suggestions welcome.

 

Thanks in advance.

2 answers

Have you tried reaching out to Okta?

 

Alternatively you can try with the same settings using our add-on, and perhaps you get enough clues to make things right.

https://marketplace.atlassian.com/search?query=kantega

(l work for the vendor Kantega Single Sign-on) 

0 vote
Bruno Vincent Community Champion Dec 23, 2017

Hi @Ryan Lucas

Did you check the following post? https://community.atlassian.com/t5/Jira-questions/Issue-trying-integrate-Okta-with-our-JIRA/qaq-p/137615

Your issue seems to be very similar.

Looks like Seraph cannot find your okta-config-jira.xml file. According to that post, you can pass the full path of the file as an init parameter (okta.config.file) in Okta's authenticator element in seraph-config.xml. My understanding is that by default Seraph seems to expect to find the file in the atlassian-jira folder.

Hope this helps.

I did find that post but it seems my issue is different somehow.  I have the config file located in the atlassian-Jira folder and the full path is defined. It’s like the value isn’t being respected. I even tried removing the full path. Also If I change the value of of the config file parameter to a dummy value the error doesn’t change. 

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,305 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot