Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10816

Amster - SAML2 Entity fails to import

    Details

    • Support Ticket IDs:

      Description

      To reproduce:

      • Set up a simple SAML2 federation between 2 AM servers.
        • CoT
        • The IDP is the AM server that we later export from
        • The SP is another AM server.
      • test federation this works.
      • export the entire config of the IDP using amster export-config
        • The attached exported configuration includes the SAML2 federation information.
      • Stop AM
      • remove the AM config (rm -rf ~/openam)
      • Start AM
      • amster install-openam
      • copy transport keys
      • bounce AM
      • Now try to import the attached config
        • Amster is unable to import the SAML entity information:
      ahall@AndyHallMac ~/amster (master % u=)$ ./amster import_local.amster 
      Amster OpenAM Shell (14.0.0-SNAPSHOT build 70b288dac7, JVM: 1.8.0_66)
      Type ':help' or ':h' for help.
      ---------------------------------------------------------------------------------------------------------------
      am> :load import_local.amster
      Importing directory /Users/ahall/am-config/local
      Imported /Users/ahall/am-config/local/global/AgentService.json
      Imported /Users/ahall/am-config/local/global/AuditLogging.json
      Imported /Users/ahall/am-config/local/global/AuthenticatorOath.json
      Imported /Users/ahall/am-config/local/global/AuthenticatorPush.json
      Imported /Users/ahall/am-config/local/global/BaseUrlSource.json
      Imported /Users/ahall/am-config/local/global/ClientDetection.json
      Imported /Users/ahall/am-config/local/global/CommonFederationConfiguration.json
      Imported /Users/ahall/am-config/local/global/Dashboard.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Calendar.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Docs.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Drive.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Expensify.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Gmail.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Google.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Hangouts.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/SalesForce.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/Sheets.json
      Imported /Users/ahall/am-config/local/global/DashboardInstance/ZenDesk.json
      Imported /Users/ahall/am-config/local/global/DefaultAdvancedProperties.json
      Imported /Users/ahall/am-config/local/global/DefaultCtsDataStoreProperties.json
      Imported /Users/ahall/am-config/local/global/DefaultGeneralProperties.json
      Imported /Users/ahall/am-config/local/global/DefaultSdkProperties.json
      Imported /Users/ahall/am-config/local/global/DefaultSecurityProperties.json
      Imported /Users/ahall/am-config/local/global/DefaultSessionProperties.json
      Imported /Users/ahall/am-config/local/global/EmailService.json
      Imported /Users/ahall/am-config/local/global/Globalization.json
      Imported /Users/ahall/am-config/local/global/GlobalScripts/157298c0-7d31-4059-a95b-eeb08473b7e5.json
      Imported /Users/ahall/am-config/local/global/GlobalScripts/36863ffb-40ec-48b9-94b1-9a99f71cc3b5.json
      Imported /Users/ahall/am-config/local/global/GlobalScripts/703dab1a-1921-4981-98dd-b8e5349d8548.json
      Imported /Users/ahall/am-config/local/global/GlobalScripts/7e3d7067-d50f-4674-8c76-a3e13a810c33.json
      Imported /Users/ahall/am-config/local/global/GlobalScripts/9de3eb62-f131-4fac-a294-7bd170fd4acb.json
      Imported /Users/ahall/am-config/local/global/GlobalScripts/c827d2b4-3608-4693-868e-bbcf86bd87c7.json
      Imported /Users/ahall/am-config/local/global/IdRepository.json
      Imported /Users/ahall/am-config/local/global/IdRepositoryUser/amAdmin.json
      Imported /Users/ahall/am-config/local/global/IdRepositoryUser/amService-URLAccessAgent.json
      Imported /Users/ahall/am-config/local/global/IdRepositoryUser/anonymous.json
      Imported /Users/ahall/am-config/local/global/IdRepositoryUser/dsameuser.json
      Imported /Users/ahall/am-config/local/global/Json/Global JSON Handler.json
      Imported /Users/ahall/am-config/local/global/LegacyUserSelfService.json
      Imported /Users/ahall/am-config/local/global/Logging.json
      Imported /Users/ahall/am-config/local/global/Monitoring.json
      Imported /Users/ahall/am-config/local/global/MultiFederationProtocol.json
      Imported /Users/ahall/am-config/local/global/Naming.json
      Imported /Users/ahall/am-config/local/global/Platform.json
      Imported /Users/ahall/am-config/local/global/PolicyConfiguration.json
      Imported /Users/ahall/am-config/local/global/PushNotification.json
      Imported /Users/ahall/am-config/local/global/RadiusServer.json
      Imported /Users/ahall/am-config/local/global/RestApis.json
      Imported /Users/ahall/am-config/local/global/SamlV2ServiceConfiguration.json
      Imported /Users/ahall/am-config/local/global/SamlV2SoapBinding.json
      Imported /Users/ahall/am-config/local/global/Scripting.json
      Imported /Users/ahall/am-config/local/global/Session.json
      Imported /Users/ahall/am-config/local/global/SessionPropertyWhiteList.json
      Imported /Users/ahall/am-config/local/global/SocialAuthentication.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/agent.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/agentgroup.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/agentonly.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/filteredrole.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/group.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/realm.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/role.json
      Imported /Users/ahall/am-config/local/global/SupportedIds/user.json
      Imported /Users/ahall/am-config/local/global/UmaProvider.json
      Imported /Users/ahall/am-config/local/global/User.json
      Imported /Users/ahall/am-config/local/global/UserSelfService.json
      Imported /Users/ahall/am-config/local/global/ValidationService.json
      Imported /Users/ahall/am-config/local/global/Servers/01.json
      Imported /Users/ahall/am-config/local/global/Servers/01/GeneralProperties.json
      Imported /Users/ahall/am-config/local/global/Servers/01/AdvancedProperties.json
      Imported /Users/ahall/am-config/local/global/Servers/01/DirectoryConfiguration.json
      Imported /Users/ahall/am-config/local/global/Servers/01/SessionProperties.json
      Imported /Users/ahall/am-config/local/global/Servers/01/CtsDataStoreProperties.json
      Imported /Users/ahall/am-config/local/global/Servers/01/SecurityProperties.json
      Imported /Users/ahall/am-config/local/global/Servers/01/SdkProperties.json
      Imported /Users/ahall/am-config/local/global/Servers/01/UmaDataStoreProperties.json
      Imported /Users/ahall/am-config/local/global/ScriptTypes/AUTHENTICATION_CLIENT_SIDE.json
      Imported /Users/ahall/am-config/local/global/ScriptTypes/AUTHENTICATION_SERVER_SIDE.json
      Imported /Users/ahall/am-config/local/global/ScriptTypes/OIDC_CLAIMS.json
      Imported /Users/ahall/am-config/local/global/ScriptTypes/POLICY_CONDITION.json
      Imported /Users/ahall/am-config/local/global/ScriptingEngineConfiguration/AUTHENTICATION_SERVER_SIDE.json
      Imported /Users/ahall/am-config/local/global/ScriptingEngineConfiguration/OIDC_CLAIMS.json
      Imported /Users/ahall/am-config/local/global/ScriptingEngineConfiguration/POLICY_CONDITION.json
      Imported /Users/ahall/am-config/local/global/ActiveDirectoryModule.json
      Imported /Users/ahall/am-config/local/global/AdaptiveRiskModule.json
      Imported /Users/ahall/am-config/local/global/AmsterModule.json
      Imported /Users/ahall/am-config/local/global/AnonymousModule.json
      Imported /Users/ahall/am-config/local/global/AuthenticatorOathModule.json
      Imported /Users/ahall/am-config/local/global/AuthenticatorPushModule.json
      Imported /Users/ahall/am-config/local/global/AuthenticatorPushRegistrationModule.json
      Imported /Users/ahall/am-config/local/global/CertificateModule.json
      Imported /Users/ahall/am-config/local/global/DataStoreModule.json
      Imported /Users/ahall/am-config/local/global/DeviceIdMatchModule.json
      Imported /Users/ahall/am-config/local/global/DeviceIdSaveModule.json
      Imported /Users/ahall/am-config/local/global/FederationModule.json
      Imported /Users/ahall/am-config/local/global/HotpModule.json
      Imported /Users/ahall/am-config/local/global/HttpBasicModule.json
      Imported /Users/ahall/am-config/local/global/JdbcModule.json
      Imported /Users/ahall/am-config/local/global/LdapModule.json
      Imported /Users/ahall/am-config/local/global/MembershipModule.json
      Imported /Users/ahall/am-config/local/global/MsisdnModule.json
      Imported /Users/ahall/am-config/local/global/OathModule.json
      Imported /Users/ahall/am-config/local/global/OAuth2Module.json
      Imported /Users/ahall/am-config/local/global/OpenIdConnectModule.json
      Imported /Users/ahall/am-config/local/global/PersistentCookieModule.json
      Imported /Users/ahall/am-config/local/global/RadiusModule.json
      Imported /Users/ahall/am-config/local/global/SaeModule.json
      Imported /Users/ahall/am-config/local/global/Saml2Module.json
      Imported /Users/ahall/am-config/local/global/WindowsDesktopSsoModule.json
      Imported /Users/ahall/am-config/local/global/WindowsNtModule.json
      Imported /Users/ahall/am-config/local/global/AuthenticationChains.json
      Imported /Users/ahall/am-config/local/global/Authentication.json
      Imported /Users/ahall/am-config/local/global/ScriptedModule.json
      Imported /Users/ahall/am-config/local/global/OAuth2Provider.json
      Imported /Users/ahall/am-config/local/global/Realms/root-Customers.json
      Imported /Users/ahall/am-config/local/global/Realms/root-Employee.json
      Imported /Users/ahall/am-config/local/global/Realms/root.json
      Imported /Users/ahall/am-config/local/realms/root/AuditLogging.json
      Imported /Users/ahall/am-config/local/realms/root/CircleOfTrust/CoT.json
      Imported /Users/ahall/am-config/local/realms/root/Dashboard.json
      Imported /Users/ahall/am-config/local/realms/root/Json/json-audit.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Clients/iPlayer.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Clients/myClientID.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Clients/MyDevice.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Clients/postman.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Clients/UmaClient.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Clients/UmaRS.json
      Imported /Users/ahall/am-config/local/realms/root/OpenDJ/ExternalDJ.json
      Imported /Users/ahall/am-config/local/realms/root/PolicyConfiguration.json
      [main] ERROR org.forgerock.openam.sdk.http.DefaultErrorHandler - Unhandled client error: [Status: 400 Bad Request]
      [main] ERROR org.forgerock.openam.sdk.http.DefaultErrorHandler - Unhandled client error: [Status: 400 Bad Request]
      Imported /Users/ahall/am-config/local/realms/root/SamlV2ServiceConfiguration.json
      Imported /Users/ahall/am-config/local/realms/root/SocialAuthentication.json
      Imported /Users/ahall/am-config/local/realms/root/SunIdentityRepositoryService.json
      Imported /Users/ahall/am-config/local/realms/root/UmaProvider.json
      Imported /Users/ahall/am-config/local/realms/root/UserSelfService.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/OpenDJ/embedded.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/PolicyConfiguration.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/SunIdentityRepositoryService.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/OpenDJ/embedded.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/PolicyConfiguration.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/SunIdentityRepositoryService.json
      Imported /Users/ahall/am-config/local/realms/root/AmsterModule/amster.json
      Imported /Users/ahall/am-config/local/realms/root/DataStoreModule/datastore.json
      Imported /Users/ahall/am-config/local/realms/root/DeviceIdMatchModule/DeviceId.json
      Imported /Users/ahall/am-config/local/realms/root/DeviceIdSaveModule/DeviceSave.json
      Imported /Users/ahall/am-config/local/realms/root/FederationModule/federation.json
      Imported /Users/ahall/am-config/local/realms/root/HotpModule/hotp.json
      Imported /Users/ahall/am-config/local/realms/root/LdapModule/ldap.json
      Imported /Users/ahall/am-config/local/realms/root/OathModule/oath.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Module/FacebookSocialAuthentication.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Module/GoogleSocialAuthentication.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Module/MicrosoftSocialAuthentication.json
      Imported /Users/ahall/am-config/local/realms/root/SaeModule/sae.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/AmsterModule/amster.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/DataStoreModule/datastore.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/FederationModule/federation.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/HotpModule/hotp.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/LdapModule/ldap.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/OathModule/oath.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/SaeModule/sae.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/AmsterModule/amster.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/DataStoreModule/datastore.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/FederationModule/federation.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/HotpModule/hotp.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/LdapModule/ldap.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/OathModule/oath.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/SaeModule/sae.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/amsterService.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/FacebookSocialAuthenticationService.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/GoogleSocialAuthenticationService.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/ldapService.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/MFA.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/MicrosoftSocialAuthenticationService.json
      Imported /Users/ahall/am-config/local/realms/root/AuthenticationChains/test.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/AuthenticationChains/amsterService.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/AuthenticationChains/ldapService.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/AuthenticationChains/test.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/AuthenticationChains/amsterService.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/AuthenticationChains/ldapService.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/AuthenticationChains/test.json
      Imported /Users/ahall/am-config/local/realms/root/ResourceTypes/20a13582-1f32-4f83-905f-f71ff4e2e00d.json
      Imported /Users/ahall/am-config/local/realms/root/ResourceTypes/577f095c-0617-4735-bb73-89010ee98d6c.json
      Imported /Users/ahall/am-config/local/realms/root/ResourceTypes/76656a38-5f8e-401b-83aa-4ccb74ce88d2.json
      Imported /Users/ahall/am-config/local/realms/root/ResourceTypes/d8cecb2c-21f6-4db7-96d5-e1c03fee0b010.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/ResourceTypes/UrlResourceType.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/ResourceTypes/UrlResourceType.json
      Imported /Users/ahall/am-config/local/realms/root/Applications/Building Access.json
      Imported /Users/ahall/am-config/local/realms/root/Applications/iPlanetAMWebAgentService.json
      Imported /Users/ahall/am-config/local/realms/root/Applications/sunAMDelegationService.json
      Imported /Users/ahall/am-config/local/realms/root/Applications/The Daily Planet.json
      Imported /Users/ahall/am-config/local/realms/root/Authentication.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Authentication.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Authentication.json
      Imported /Users/ahall/am-config/local/realms/root/Scripts/157298c0-7d31-4059-a95b-eeb08473b7e5.json
      Imported /Users/ahall/am-config/local/realms/root/Scripts/36863ffb-40ec-48b9-94b1-9a99f71cc3b5.json
      Imported /Users/ahall/am-config/local/realms/root/Scripts/703dab1a-1921-4981-98dd-b8e5349d8548.json
      Imported /Users/ahall/am-config/local/realms/root/Scripts/7e3d7067-d50f-4674-8c76-a3e13a810c33.json
      Imported /Users/ahall/am-config/local/realms/root/Scripts/9de3eb62-f131-4fac-a294-7bd170fd4acb.json
      Imported /Users/ahall/am-config/local/realms/root/Scripts/c827d2b4-3608-4693-868e-bbcf86bd87c7.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Scripts/157298c0-7d31-4059-a95b-eeb08473b7e5.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Scripts/36863ffb-40ec-48b9-94b1-9a99f71cc3b5.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Scripts/703dab1a-1921-4981-98dd-b8e5349d8548.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Scripts/7e3d7067-d50f-4674-8c76-a3e13a810c33.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Scripts/9de3eb62-f131-4fac-a294-7bd170fd4acb.json
      Imported /Users/ahall/am-config/local/realms/root-Customers/Scripts/c827d2b4-3608-4693-868e-bbcf86bd87c7.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Scripts/157298c0-7d31-4059-a95b-eeb08473b7e5.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Scripts/36863ffb-40ec-48b9-94b1-9a99f71cc3b5.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Scripts/703dab1a-1921-4981-98dd-b8e5349d8548.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Scripts/7e3d7067-d50f-4674-8c76-a3e13a810c33.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Scripts/9de3eb62-f131-4fac-a294-7bd170fd4acb.json
      Imported /Users/ahall/am-config/local/realms/root-Employee/Scripts/c827d2b4-3608-4693-868e-bbcf86bd87c7.json
      Imported /Users/ahall/am-config/local/realms/root/OAuth2Provider.json
      Imported /Users/ahall/am-config/local/realms/root/Policies/Front Page.json
      Imported /Users/ahall/am-config/local/realms/root/Policies/Lobby.json
      Imported /Users/ahall/am-config/local/realms/root/Policies/Machine Room.json
      Imported /Users/ahall/am-config/local/realms/root/Policies/Sports Pages.json
      ---------------------------------------------------------------------
         IMPORT ERRORS
      ---------------------------------------------------------------------
      Failed to import /Users/ahall/am-config/local/realms/root/Saml2Entity/http---ahall-forgerock-com-8080-openam.json  : 400 Bad Request
      Failed to import /Users/ahall/am-config/local/realms/root/Saml2Entity/http---openam1-example-com-18080-openam.json  : 400 Bad Request
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                FatBloke Andy Hall
              • Votes:
                0 Vote for this issue
                Watchers:
                14 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: