Error loading Okta authenticator for Jira standalone

I have having issues setting up Okta SSO on my Jira standalone instance v7.1.10.

I have followed the direction on the Okta setup page.  I have double checked my config files till I can't see straight.  I have check file ownership and permissions, and now I am out of ideas

2017-12-23 03:05:59,759 localhost-startStop-1 ERROR      [o.a.c.c.C.[Standalone].[localhost].[/]] Exception starting filter trustedapps
java.lang.RuntimeException: Could not load security config 'seraph-config.xml': Error caught in initialisation of authenticator class 'com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30': Okta Authenticator initialization FAILED:  : java.lang.RuntimeException: Okta Authenticator initialization FAILED:
    at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:60)
    at com.atlassian.seraph.config.SecurityConfigFactory.getInstance(SecurityConfigFactory.java:21)
    at com.atlassian.security.auth.trustedapps.seraph.filter.SeraphTrustedApplicationsFilter.<init>(SeraphTrustedApplicationsFilter.java:16)
    at com.atlassian.seraph.filter.TrustedApplicationsFilter.<init>(TrustedApplicationsFilter.java:17)
    at com.atlassian.jira.security.auth.trustedapps.TrustedApplicationFilter.<init>(TrustedApplicationFilter.java:25)
    ... 3 filtered
    at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
    at java.lang.Class.newInstance(Class.java:442)
    ... 8 filtered
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Caused by: com.atlassian.seraph.config.ConfigurationException: Error caught in initialisation of authenticator class 'com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30': Okta Authenticator initialization FAILED:  : java.lang.RuntimeException: Okta Authenticator initialization FAILED:
    at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:345)
    at com.atlassian.seraph.config.SecurityConfigImpl.configureAuthenticator(SecurityConfigImpl.java:258)
    at com.atlassian.seraph.config.SecurityConfigImpl.<init>(SecurityConfigImpl.java:194)
    at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:56)
    ... 21 more
    at com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30.init(OktaJiraAuthenticator30.java:65)
    at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:337)
    ... 24 more
Caused by: java.lang.NullPointerException
    at java.io.File.<init>(File.java:277)
    at com.okta.saml.util.OktaAuthPeer.readFile(OktaAuthPeer.java:89)
    at com.okta.saml.util.OktaAuthPeer.init(OktaAuthPeer.java:51)
    at com.okta.saml.util.OktaAuthPeer.<init>(OktaAuthPeer.java:40)
    at com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30.init(OktaJiraAuthenticator30.java:62)

This section of the error makes me think that the config file name is not being passed.

Caused by: java.lang.NullPointerException
    at java.io.File.<init>(File.java:277)

Anyone have any ideas on how to troubleshoot? Am I chasing the wrong thing?  Any other pointers or suggestions welcome.

 

Thanks in advance.

2 answers

This widget could not be displayed.

Have you tried reaching out to Okta?

 

Alternatively you can try with the same settings using our add-on, and perhaps you get enough clues to make things right.

https://marketplace.atlassian.com/search?query=kantega

(l work for the vendor Kantega Single Sign-on) 

This widget could not be displayed.
Bruno Vincent Community Champion Dec 23, 2017

Hi @Ryan Lucas

Did you check the following post? https://community.atlassian.com/t5/Jira-questions/Issue-trying-integrate-Okta-with-our-JIRA/qaq-p/137615

Your issue seems to be very similar.

Looks like Seraph cannot find your okta-config-jira.xml file. According to that post, you can pass the full path of the file as an init parameter (okta.config.file) in Okta's authenticator element in seraph-config.xml. My understanding is that by default Seraph seems to expect to find the file in the atlassian-jira folder.

Hope this helps.

I did find that post but it seems my issue is different somehow.  I have the config file located in the atlassian-Jira folder and the full path is defined. It’s like the value isn’t being respected. I even tried removing the full path. Also If I change the value of of the config file parameter to a dummy value the error doesn’t change. 

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

112 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you