Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12123

ssoadm import-svc-cfg cannot work on 5.5.x

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: ssoadm
    • Labels:
    • Sprint:
      Sprint 2018.4 Newton
    • Support Ticket IDs:

      Description

      Bug description

      ssoadm import-svc-cfg does not work on 5.5.x due to changes in schema and DJ version.
       
      There are a few things:

      Exception seen:
      com.sun.identity.cli.CLIException: Unable to import service configuration because we are unable to recognize the data store type. We support Sun Directory Server and Embedded OpenDJ as service configuration data store._
              _at com.sun.identity.cli.schema.ImportServiceConfiguration.handleRequest(ImportServiceConfiguration.java:126)_
              _at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)_
              _at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)_
              _at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)_
              _at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)_
              _at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)_
              _at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)_
      _Unable to import service configuration because we are unable to recognize the data store type. We support Sun Directory Server and Embedded OpenDJ as service configuration data store_
      

      The above is that the may not be seen if the external config directory used is OpenDJ 4.0.0 or earlier. Now even if say we use a old directory and this is not there importing fails because SSOADM 14.1.1.1.1 uses the old 13.5.x schema and fails due to

      com.sun.identity.cli.CLIException: Message:Parser error at line: 21,435
      org.xml.sax.SAXParseException; lineNumber: 21435; columnNumber: 298; Attribute "validator" must be declared for element type "SubSchema".
      
              at com.sun.identity.cli.schema.ImportServiceConfiguration.importData(ImportServiceConfiguration.java:292)
              at com.sun.identity.cli.schema.ImportServiceConfiguration.handleRequest(ImportServiceConfiguration.java:148)
              at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
              at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
              at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
              at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)
              at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)
              at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)
      Caused by: Message:Parser error at line: 21,435
      org.xml.sax.SAXParseException; lineNumber: 21435; columnNumber: 298; Attribute "validator" must be declared for element type "SubSchema".
      

      The above is that the com/sun/identity/sm/sms.dtd (/openam-dtd-schema-14.1.1.1.jar) in uses in ssoadm does not follow the newer 5.5 sms.dtd schema.

      How to reproduce the issue

      Details steps outlining how to recreate the issue (remove this text)
      1. Uses install 5.5.1 and use ssoadm with it.

      Expected behaviour
      import-svc-cfg should work 
      
      Current behaviour
      ssoadm does not work.
      

      Work around

      Code analysis

      DirectoryServerVendor.java
      In query((Connection) method:
      
              if (result != null) {
                  if (result.startsWith(VENDOR_OPENDJ)) {
                      String version = result.substring(VENDOR_OPENDJ.length());
                      vendor = new Vendor(OPENDJ, version);
                  } else if (result.startsWith(VENDOR_FRDJ)) { // Add new string
                      String version = result.substring(VENDOR_FRDJ.length());
                      vendor = new Vendor(OPENDJ, version);
      

      Add a case like VENDOR_FRDJ

          private static String VENDOR_FRDJ = "ForgeRock Directory Services ";
      

      reason being

      $ ldapsearch -b "" -s base -h localhost -p 10389 '(objectclass=*)' '+' | grep vendor
      vendorName: ForgeRock AS.
      vendorVersion: ForgeRock Directory Services 5.5.0
      

      As for the schema change. The 14.1.1.1 bundle should be updated to use the newer 5.5 schema. ie get it from

      openam.war#WEB-INF/lib/openam-dtd-schema-5.5.1.jar
      and copy with directory structure to "ssoadm classes"
      "com/sun/identity/sm/sms.dtd"

      By doing all the above, things works.

       *Note: As the SSOADM is currently pulls 14.1.1-1, make sure the distribution pull and fixes the ssoadm bundle with the new schema changes for 5.5.x and the new Directory check)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                chee-weng.chea C-Weng C
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated: