Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12508

import-entity for SAML remote SP does not work anymore

    XMLWordPrintable

    Details

    • Bug
    • Status: Open
    • Critical
    • Resolution: Unresolved
    • 5.5.1, 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5, 6.0.0.6
    • None
    • ssoadm
    • JVM: Oracle JDK 1.8.0_151-b12
      Apache Tomcat/8.0.48

      amMaster 306e7d51e1ee49279077111b0bc8522356bf2ec8

      ssoadmin tools from that build
    • Rank:
      1|hzvdvr:

      Description

      Bug description

      ssoadm import-entity -u amadmin -f PATH_TO_PWDFILE -e / -t TestCoT -m PATH_TO_REMOTE_SP_METADATA_FILE fails without error

      How to reproduce the issue

      1. Configure AM
      2. Configure hosted IdP in root realm in CoT TestCoT
      3. Setup SSOAdminTools
      4. run ssoadm to import SAMLv2 remote SP meta data
      Expected behaviour
      remote SP entity should be configured in root realm an be a member of CoT TestCoT
      
      Current behaviour
      ssoadm exits without an error; no remote entity is configured
      

      the following is shown in debug logs of ssoadm

      Configuration debug log
      amCLI:02/27/2018 04:35:34:801 PM CET: Thread[main,5,main]: TransactionId[unknown]
      ERROR: An unexpected error occurred in thread 'Thread[main,5,main]'
      java.lang.NullPointerException
      	at com.sun.identity.federation.cli.ImportMetaData.validateCOTs(ImportMetaData.java:243)
      	at com.sun.identity.federation.cli.ImportMetaData.handleRequest(ImportMetaData.java:127)
      	at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
      	at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)
      	at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)
      	at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)
      
      CoreSystem debug log
      amLog:02/27/2018 04:35:21:407 PM CET: Thread[main,5,main]: TransactionId[unknown]
      ERROR: Logger:processNewLoggerObject:Could not instantiate handler: com.sun.identity.log.handlers.FileHandler
      java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
      	at com.sun.identity.log.Logger.processNewLoggerObject(Logger.java:209)
      	at com.sun.identity.log.Logger.getLogger(Logger.java:473)
      	at com.sun.identity.cli.LogWriter.log(LogWriter.java:138)
      	at com.sun.identity.cli.Authenticator.ldapLogin(Authenticator.java:167)
      	at com.sun.identity.cli.AuthenticatedCommand.ldapLogin(AuthenticatedCommand.java:151)
      	at com.sun.identity.federation.cli.ExportMetaData.handleRequest(ExportMetaData.java:91)
      	at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
      	at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)
      	at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)
      	at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)
      Caused by: com.google.inject.ConfigurationException: Guice configuration errors:
      
      1) No implementation for java.security.PrivilegedAction<com.iplanet.sso.SSOToken> was bound.
        while locating java.security.PrivilegedAction<com.iplanet.sso.SSOToken>
          for parameter 0 at com.iplanet.services.naming.ServiceListeners.<init>(Unknown Source)
        while locating com.iplanet.services.naming.ServiceListeners
          for parameter 0 at com.sun.identity.monitoring.MonitoringConfig.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringConfig
          for parameter 0 at com.sun.identity.monitoring.MonitoringManager.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringManager
      
      1 error
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:1004)
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:961)
      	at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:1013)
      	at org.forgerock.guice.core.InjectorHolder.getInstance(InjectorHolder.java:72)
      	at com.sun.identity.monitoring.MonitoringUtil.isRunning(MonitoringUtil.java:58)
      	at com.sun.identity.log.handlers.FileHandler.<init>(FileHandler.java:394)
      	... 16 more
      
      amLog:02/27/2018 04:35:21:835 PM CET: Thread[main,5,main]: TransactionId[unknown]
      ERROR: Logger:processNewLoggerObject:Could not instantiate handler: com.sun.identity.log.handlers.FileHandler
      java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
      	at com.sun.identity.log.Logger.processNewLoggerObject(Logger.java:209)
      	at com.sun.identity.log.Logger.getLogger(Logger.java:473)
      	at com.sun.identity.plugin.log.impl.LogProvider.init(LogProvider.java:85)
      	at com.sun.identity.plugin.log.LogManager.getLogger(LogManager.java:68)
      	at com.sun.identity.saml2.logging.LogUtil.<clinit>(LogUtil.java:376)
      	at com.sun.identity.saml2.meta.SAML2MetaManager.getEntityDescriptor(SAML2MetaManager.java:209)
      	at com.sun.identity.federation.cli.ExportMetaData.runExportMeta(ExportMetaData.java:389)
      	at com.sun.identity.federation.cli.ExportMetaData.handleSAML2Request(ExportMetaData.java:150)
      	at com.sun.identity.federation.cli.ExportMetaData.handleRequest(ExportMetaData.java:119)
      	at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
      	at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)
      	at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)
      	at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)
      Caused by: com.google.inject.ConfigurationException: Guice configuration errors:
      
      1) No implementation for java.security.PrivilegedAction<com.iplanet.sso.SSOToken> was bound.
        while locating java.security.PrivilegedAction<com.iplanet.sso.SSOToken>
          for parameter 0 at com.iplanet.services.naming.ServiceListeners.<init>(Unknown Source)
        while locating com.iplanet.services.naming.ServiceListeners
          for parameter 0 at com.sun.identity.monitoring.MonitoringConfig.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringConfig
          for parameter 0 at com.sun.identity.monitoring.MonitoringManager.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringManager
      
      1 error
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:1004)
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:961)
      	at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:1013)
      	at org.forgerock.guice.core.InjectorHolder.getInstance(InjectorHolder.java:72)
      	at com.sun.identity.monitoring.MonitoringUtil.isRunning(MonitoringUtil.java:58)
      	at com.sun.identity.log.handlers.FileHandler.<init>(FileHandler.java:394)
      	... 19 more
      
      amLog:02/27/2018 04:35:21:836 PM CET: Thread[main,5,main]: TransactionId[unknown]
      ERROR: Logger:processNewLoggerObject:Could not instantiate handler: com.sun.identity.log.handlers.FileHandler
      java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
      	at com.sun.identity.log.Logger.processNewLoggerObject(Logger.java:209)
      	at com.sun.identity.log.Logger.getLogger(Logger.java:473)
      	at com.sun.identity.plugin.log.impl.LogProvider.init(LogProvider.java:87)
      	at com.sun.identity.plugin.log.LogManager.getLogger(LogManager.java:68)
      	at com.sun.identity.saml2.logging.LogUtil.<clinit>(LogUtil.java:376)
      	at com.sun.identity.saml2.meta.SAML2MetaManager.getEntityDescriptor(SAML2MetaManager.java:209)
      	at com.sun.identity.federation.cli.ExportMetaData.runExportMeta(ExportMetaData.java:389)
      	at com.sun.identity.federation.cli.ExportMetaData.handleSAML2Request(ExportMetaData.java:150)
      	at com.sun.identity.federation.cli.ExportMetaData.handleRequest(ExportMetaData.java:119)
      	at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
      	at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)
      	at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)
      	at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)
      Caused by: com.google.inject.ConfigurationException: Guice configuration errors:
      
      1) No implementation for java.security.PrivilegedAction<com.iplanet.sso.SSOToken> was bound.
        while locating java.security.PrivilegedAction<com.iplanet.sso.SSOToken>
          for parameter 0 at com.iplanet.services.naming.ServiceListeners.<init>(Unknown Source)
        while locating com.iplanet.services.naming.ServiceListeners
          for parameter 0 at com.sun.identity.monitoring.MonitoringConfig.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringConfig
          for parameter 0 at com.sun.identity.monitoring.MonitoringManager.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringManager
      
      1 error
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:1004)
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:961)
      	at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:1013)
      	at org.forgerock.guice.core.InjectorHolder.getInstance(InjectorHolder.java:72)
      	at com.sun.identity.monitoring.MonitoringUtil.isRunning(MonitoringUtil.java:58)
      	at com.sun.identity.log.handlers.FileHandler.<init>(FileHandler.java:394)
      	... 19 more
      
      amLog:02/27/2018 04:35:34:579 PM CET: Thread[main,5,main]: TransactionId[unknown]
      ERROR: Logger:processNewLoggerObject:Could not instantiate handler: com.sun.identity.log.handlers.FileHandler
      java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
      	at com.sun.identity.log.Logger.processNewLoggerObject(Logger.java:209)
      	at com.sun.identity.log.Logger.getLogger(Logger.java:473)
      	at com.sun.identity.cli.LogWriter.log(LogWriter.java:138)
      	at com.sun.identity.cli.Authenticator.ldapLogin(Authenticator.java:167)
      	at com.sun.identity.cli.AuthenticatedCommand.ldapLogin(AuthenticatedCommand.java:151)
      	at com.sun.identity.federation.cli.ImportMetaData.handleRequest(ImportMetaData.java:99)
      	at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
      	at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
      	at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:585)
      	at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:182)
      	at com.sun.identity.cli.CommandManager.main(CommandManager.java:159)
      Caused by: com.google.inject.ConfigurationException: Guice configuration errors:
      
      1) No implementation for java.security.PrivilegedAction<com.iplanet.sso.SSOToken> was bound.
        while locating java.security.PrivilegedAction<com.iplanet.sso.SSOToken>
          for parameter 0 at com.iplanet.services.naming.ServiceListeners.<init>(Unknown Source)
        while locating com.iplanet.services.naming.ServiceListeners
          for parameter 0 at com.sun.identity.monitoring.MonitoringConfig.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringConfig
          for parameter 0 at com.sun.identity.monitoring.MonitoringManager.<init>(Unknown Source)
        while locating com.sun.identity.monitoring.MonitoringManager
      
      1 error
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:1004)
      	at com.google.inject.internal.InjectorImpl.getProvider(InjectorImpl.java:961)
      	at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:1013)
      	at org.forgerock.guice.core.InjectorHolder.getInstance(InjectorHolder.java:72)
      	at com.sun.identity.monitoring.MonitoringUtil.isRunning(MonitoringUtil.java:58)
      	at com.sun.identity.log.handlers.FileHandler.<init>(FileHandler.java:394)
      	... 16 more
      

      Work around

      use AM console to import remote SP meta data

        Attachments

          Activity

            People

            Unassigned Unassigned
            bthalmayr Bernhard Thalmayr
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: