Error loading Okta authenticator for Jira standalone

I have having issues setting up Okta SSO on my Jira standalone instance v7.1.10.

I have followed the direction on the Okta setup page.  I have double checked my config files till I can't see straight.  I have check file ownership and permissions, and now I am out of ideas

2017-12-23 03:05:59,759 localhost-startStop-1 ERROR      [o.a.c.c.C.[Standalone].[localhost].[/]] Exception starting filter trustedapps
java.lang.RuntimeException: Could not load security config 'seraph-config.xml': Error caught in initialisation of authenticator class 'com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30': Okta Authenticator initialization FAILED:  : java.lang.RuntimeException: Okta Authenticator initialization FAILED:
    at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:60)
    at com.atlassian.seraph.config.SecurityConfigFactory.getInstance(SecurityConfigFactory.java:21)
    at com.atlassian.security.auth.trustedapps.seraph.filter.SeraphTrustedApplicationsFilter.<init>(SeraphTrustedApplicationsFilter.java:16)
    at com.atlassian.seraph.filter.TrustedApplicationsFilter.<init>(TrustedApplicationsFilter.java:17)
    at com.atlassian.jira.security.auth.trustedapps.TrustedApplicationFilter.<init>(TrustedApplicationFilter.java:25)
    ... 3 filtered
    at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
    at java.lang.Class.newInstance(Class.java:442)
    ... 8 filtered
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Caused by: com.atlassian.seraph.config.ConfigurationException: Error caught in initialisation of authenticator class 'com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30': Okta Authenticator initialization FAILED:  : java.lang.RuntimeException: Okta Authenticator initialization FAILED:
    at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:345)
    at com.atlassian.seraph.config.SecurityConfigImpl.configureAuthenticator(SecurityConfigImpl.java:258)
    at com.atlassian.seraph.config.SecurityConfigImpl.<init>(SecurityConfigImpl.java:194)
    at com.atlassian.seraph.config.SecurityConfigFactory.loadInstance(SecurityConfigFactory.java:56)
    ... 21 more
    at com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30.init(OktaJiraAuthenticator30.java:65)
    at com.atlassian.seraph.config.SecurityConfigImpl.configureClass(SecurityConfigImpl.java:337)
    ... 24 more
Caused by: java.lang.NullPointerException
    at java.io.File.<init>(File.java:277)
    at com.okta.saml.util.OktaAuthPeer.readFile(OktaAuthPeer.java:89)
    at com.okta.saml.util.OktaAuthPeer.init(OktaAuthPeer.java:51)
    at com.okta.saml.util.OktaAuthPeer.<init>(OktaAuthPeer.java:40)
    at com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator30.init(OktaJiraAuthenticator30.java:62)

This section of the error makes me think that the config file name is not being passed.

Caused by: java.lang.NullPointerException
    at java.io.File.<init>(File.java:277)

Anyone have any ideas on how to troubleshoot? Am I chasing the wrong thing?  Any other pointers or suggestions welcome.

 

Thanks in advance.

2 answers

Have you tried reaching out to Okta?

 

Alternatively you can try with the same settings using our add-on, and perhaps you get enough clues to make things right.

https://marketplace.atlassian.com/search?query=kantega

(l work for the vendor Kantega Single Sign-on) 

0 vote
Bruno Vincent Community Champion Dec 23, 2017

Hi @Ryan Lucas

Did you check the following post? https://community.atlassian.com/t5/Jira-questions/Issue-trying-integrate-Okta-with-our-JIRA/qaq-p/137615

Your issue seems to be very similar.

Looks like Seraph cannot find your okta-config-jira.xml file. According to that post, you can pass the full path of the file as an init parameter (okta.config.file) in Okta's authenticator element in seraph-config.xml. My understanding is that by default Seraph seems to expect to find the file in the atlassian-jira folder.

Hope this helps.

I did find that post but it seems my issue is different somehow.  I have the config file located in the atlassian-Jira folder and the full path is defined. It’s like the value isn’t being respected. I even tried removing the full path. Also If I change the value of of the config file parameter to a dummy value the error doesn’t change. 

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Monday in Jira Software

How large do you think Jira Software can grow?

Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...

713 views 6 13
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you