SAML SP for Java reports NullPointerException during logout

Problem

SAML SP fails during logout with the following error with HTTP Status 500:

java.lang.NullPointerException

Solution

This error indicates invalid IDP metadata registered at the SP. The SP is attempting to perform a SOAP logout that is no longer supported by the trusted IDP. This error indicates that the settings at the IDP may have been changed.

Two possible ways to correct configuration

  • Re-enable backchannel logout at the IDP by removing LiteNoBackChannel or similar compatibility flag from Ubisecure SSO management and restart Ubisecure SSO..

Or

  • Copy the IDP metadata to the SP (replace \WEB-INF\saml2\sp\metadata\metadata.xml) and restart the java servlet