org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed authenticate() test

[mkosla]

I am having trouble successfully authenticating users on my server. I've enabled FINE logging and have noticed the following entries:

org.bsworks.catalina.authenticator.oidc.BaseOpenIDConnectAuthenticator.performAuthentication authentication of "" was successful

org.bsworks.catalina.authenticator.oidc.BaseOpenIDConnectAuthenticator.performAuthentication redirecting to original URI: /

org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed authenticate() test

By my interpretation this is telling me that I'm authenticating using tomcat-oidcauth, but then failing the default authenticator. Is this correct? If so, are there any suggestions on how to debug this issue on my end?

[levahim]

Those username and URI strings in your logs are not supposed to be empty. You're correct by approaching the problem by enabling FINE logging and inspecting the logs. My recommendation, look carefully in your IdP configuration both on the webapp side and how your app is configured on the IdP side. Things like client IDs, allowed redirect URLs--all that stuff.