Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13574

Scripting class whitelist is missing classes after upgrade from 13.5.2 to 5.5.2

    Details

    • Target Version/s:
    • Sprint:
      AM Sustaining Sprint 55
    • Story Points:
      2
    • Needs QA verification:
      No
    • Functional tests:
      Yes

      Description

      Bug description

      TestScriptWithHttpClientSendMethod fails after upgrade from 13.5.2 to 5.5.2. Also ClaimsParameter test fails after upgrade with similar error. There are different whitelists for POLICY_CONDITION and for OIDC_CLAIMS. It is possible that all other whitelists are affected.

      How to reproduce the issue

      1. install OpenAM 13.5.2
      2. Upgrade to AM 5.5.2-RC1
      3. run functional test TestScriptWithHttpClientSendMethod
      Expected behaviour

      test succeeds

      Current behaviour

      test fails, there is error

      org.json.JSONException: JSONObject["GET"] not found.
      	at org.json.JSONObject.get(JSONObject.java:498)
      	at com.forgerock.openam.functionaltest.scripting.TestScriptWithHttpClientSendMethod.<cuppa test>(TestScriptWithHttpClientSendMethod.java:70)

      and also there is another error in OpenAM debug logs

      org.forgerock.openam.scripting.ThreadPoolScriptEvaluator:09/17/2018 09:21:45:532 AM UTC: Thread[http-bio-10.6.0.7-8080-exec-46,5,main]: TransactionId[d2cc4063-5c44-4b50-8c6a-b805968a5062-271330]
      ERROR: Script terminated with exception
      java.util.concurrent.ExecutionException: javax.script.ScriptException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1) in <Unknown source> at line number 1 at column number 0
      	at java.util.concurrent.FutureTask.report(FutureTask.java:122)
      	at java.util.concurrent.FutureTask.get(FutureTask.java:192)
      	at org.forgerock.openam.scripting.ThreadPoolScriptEvaluator.evaluateScript(ThreadPoolScriptEvaluator.java:84)
      	at org.forgerock.openam.entitlement.conditions.environment.ScriptCondition.evaluate(ScriptCondition.java:143)
      	at org.forgerock.openam.entitlement.CachingEntitlementCondition.evaluate(CachingEntitlementCondition.java:111)
      	at com.sun.identity.entitlement.Privilege.doesConditionMatch(Privilege.java:695)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege.internalEvaluate(OpenSSOPrivilege.java:156)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege.access$000(OpenSSOPrivilege.java:63)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege$1.run(OpenSSOPrivilege.java:105)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege$1.run(OpenSSOPrivilege.java:99)
      	at com.sun.identity.session.util.RestrictedTokenContext.doUsing(RestrictedTokenContext.java:81)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege.evaluate(OpenSSOPrivilege.java:98)
      	at com.sun.identity.entitlement.PrivilegeEvaluator$PrivilegeTask.run(PrivilegeEvaluator.java:421)
      	at com.sun.identity.entitlement.PrivilegeEvaluator.evaluate(PrivilegeEvaluator.java:335)
      	at com.sun.identity.entitlement.PrivilegeEvaluator.evaluate(PrivilegeEvaluator.java:252)
      	at com.sun.identity.entitlement.Evaluator.evaluate(Evaluator.java:198)
      	at com.sun.identity.entitlement.Evaluator.evaluate(Evaluator.java:153)
      	at org.forgerock.openam.entitlement.rest.EntitlementEvaluatorFactory$EntitlementEvaluatorWrapper.evaluateBatch(EntitlementEvaluatorFactory.java:58)
      	at org.forgerock.openam.entitlement.rest.model.json.BatchPolicyRequest.dispatch(BatchPolicyRequest.java:46)
      	at org.forgerock.openam.entitlement.rest.EntitlementEvaluatorFactory$EntitlementEvaluatorWrapper.routePolicyRequest(EntitlementEvaluatorFactory.java:71)
      	at org.forgerock.openam.entitlement.rest.PolicyResource.actionCollection(PolicyResource.java:198)
      	at org.forgerock.openam.entitlement.rest.PolicyResourceWithCopyMoveSupport.evaluate(PolicyResourceWithCopyMoveSupport.java:119)
      	at sun.reflect.GeneratedMethodAccessor422.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:96)
      	at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:65)
      	at org.forgerock.json.resource.AnnotatedActionMethods.invoke(AnnotatedActionMethods.java:43)
      	at org.forgerock.json.resource.AnnotatedActionMethods.invoke(AnnotatedActionMethods.java:31)
      	at org.forgerock.json.resource.AnnotatedCollectionHandler.handleAction(AnnotatedCollectionHandler.java:63)
      	at org.forgerock.json.resource.Router.handleAction(Router.java:250)
      	at org.forgerock.json.resource.Router.handleAction(Router.java:250)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:55)
      	at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter.lambda$filterAction$0(AuthorizationFilters.java:225)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
      	at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter.filterAction(AuthorizationFilters.java:223)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.json.resource.FilterChain.handleAction(FilterChain.java:222)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:55)
      	at org.forgerock.openam.rest.fluent.AuditFilter.filterAction(AuditFilter.java:81)
      	at org.forgerock.openam.rest.fluent.AuditFilterWrapper.filterAction(AuditFilterWrapper.java:52)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.openam.rest.fluent.CrestLoggingFilter.filterAction(CrestLoggingFilter.java:66)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.openam.rest.ContextFilter.filterAction(ContextFilter.java:49)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.openam.rest.AuthenticationEnforcer.filterAction(AuthenticationEnforcer.java:129)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.json.resource.FilterChain.handleAction(FilterChain.java:222)
      	at org.forgerock.json.resource.Router.handleAction(Router.java:250)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:55)
      	at org.forgerock.openam.rest.ContextFilter.filterAction(ContextFilter.java:49)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.json.resource.FilterChain.handleAction(FilterChain.java:222)
      	at org.forgerock.json.resource.InternalConnection.actionAsync(InternalConnection.java:29)
      	at org.forgerock.json.resource.http.RequestRunner.visitActionRequest(RequestRunner.java:136)
      	at org.forgerock.json.resource.http.RequestRunner.visitActionRequest(RequestRunner.java:82)
      	at org.forgerock.json.resource.Requests$ActionRequestImpl.accept(Requests.java:177)
      	at org.forgerock.json.resource.http.RequestRunner.handleResult(RequestRunner.java:128)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:241)
      	at org.forgerock.json.resource.http.HttpAdapter.doRequest(HttpAdapter.java:712)
      	at org.forgerock.json.resource.http.HttpAdapter.doAction(HttpAdapter.java:618)
      	at org.forgerock.json.resource.http.HttpAdapter.handle(HttpAdapter.java:282)
      	at org.forgerock.http.handler.Handlers$HandlerDescribableAsDescribableHandler.handle(Handlers.java:146)
      	at org.forgerock.http.filter.OptionsFilter.filter(OptionsFilter.java:69)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:80)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:59)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:181)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:241)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
      	at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:51)
      	at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:88)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:62)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:139)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.OpenAMHttpApplication$1.filter(OpenAMHttpApplication.java:74)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:75)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:259)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.rest.ProtocolVersionFilter.doFilter(ProtocolVersionFilter.java:62)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:36)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:112)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:46)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
      	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
      	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: javax.script.ScriptException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1) in <Unknown source> at line number 1 at column number 0
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.convertException(RhinoScriptEngine.java:206)
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.eval(RhinoScriptEngine.java:72)
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.eval(RhinoScriptEngine.java:54)
      	at org.forgerock.openam.scripting.StandardScriptEvaluator.evaluateScript(StandardScriptEvaluator.java:86)
      	at org.forgerock.openam.scripting.ThreadPoolScriptEvaluator$ScriptExecutorTask.call(ThreadPoolScriptEvaluator.java:215)
      	at org.forgerock.openam.audit.context.AuditRequestContextPropagatingCallable.call(AuditRequestContextPropagatingCallable.java:32)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	... 1 more
      Caused by: org.mozilla.javascript.EvaluatorException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1)
      	at org.mozilla.javascript.DefaultErrorReporter.runtimeError(DefaultErrorReporter.java:77)
      	at org.mozilla.javascript.Context.reportRuntimeError(Context.java:913)
      	at org.mozilla.javascript.Context.reportRuntimeError(Context.java:969)
      	at org.mozilla.javascript.Context.reportRuntimeError1(Context.java:932)
      	at org.mozilla.javascript.JavaMembers.<init>(JavaMembers.java:35)
      	at org.mozilla.javascript.JavaMembers.lookupClass(JavaMembers.java:807)
      	at org.mozilla.javascript.NativeJavaObject.initMembers(NativeJavaObject.java:54)
      	at org.mozilla.javascript.NativeJavaObject.<init>(NativeJavaObject.java:44)
      	at org.mozilla.javascript.NativeJavaObject.<init>(NativeJavaObject.java:34)
      	at org.mozilla.javascript.WrapFactory.wrapAsJavaObject(WrapFactory.java:115)
      	at org.mozilla.javascript.WrapFactory.wrap(WrapFactory.java:72)
      	at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:236)
      	at org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1473)
      	at org.mozilla.javascript.Interpreter.interpret(Interpreter.java:815)
      	at org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:109)
      	at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
      	at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
      	at org.mozilla.javascript.InterpretedFunction.exec(InterpretedFunction.java:120)
      	at org.mozilla.javascript.Context.evaluateReader(Context.java:1110)
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.eval(RhinoScriptEngine.java:69)
      	... 8 more
      Entitlement:09/17/2018 09:21:45:536 AM UTC: Thread[http-bio-10.6.0.7-8080-exec-46,5,main]: TransactionId[d2cc4063-5c44-4b50-8c6a-b805968a5062-271330]
      ERROR: OpenSSOPrivilege.evaluate
      com.sun.identity.entitlement.EntitlementException: Condition evaluation fails.
      	at org.forgerock.openam.entitlement.conditions.environment.ScriptCondition.evaluate(ScriptCondition.java:163)
      	at org.forgerock.openam.entitlement.CachingEntitlementCondition.evaluate(CachingEntitlementCondition.java:111)
      	at com.sun.identity.entitlement.Privilege.doesConditionMatch(Privilege.java:695)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege.internalEvaluate(OpenSSOPrivilege.java:156)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege.access$000(OpenSSOPrivilege.java:63)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege$1.run(OpenSSOPrivilege.java:105)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege$1.run(OpenSSOPrivilege.java:99)
      	at com.sun.identity.session.util.RestrictedTokenContext.doUsing(RestrictedTokenContext.java:81)
      	at com.sun.identity.entitlement.opensso.OpenSSOPrivilege.evaluate(OpenSSOPrivilege.java:98)
      	at com.sun.identity.entitlement.PrivilegeEvaluator$PrivilegeTask.run(PrivilegeEvaluator.java:421)
      	at com.sun.identity.entitlement.PrivilegeEvaluator.evaluate(PrivilegeEvaluator.java:335)
      	at com.sun.identity.entitlement.PrivilegeEvaluator.evaluate(PrivilegeEvaluator.java:252)
      	at com.sun.identity.entitlement.Evaluator.evaluate(Evaluator.java:198)
      	at com.sun.identity.entitlement.Evaluator.evaluate(Evaluator.java:153)
      	at org.forgerock.openam.entitlement.rest.EntitlementEvaluatorFactory$EntitlementEvaluatorWrapper.evaluateBatch(EntitlementEvaluatorFactory.java:58)
      	at org.forgerock.openam.entitlement.rest.model.json.BatchPolicyRequest.dispatch(BatchPolicyRequest.java:46)
      	at org.forgerock.openam.entitlement.rest.EntitlementEvaluatorFactory$EntitlementEvaluatorWrapper.routePolicyRequest(EntitlementEvaluatorFactory.java:71)
      	at org.forgerock.openam.entitlement.rest.PolicyResource.actionCollection(PolicyResource.java:198)
      	at org.forgerock.openam.entitlement.rest.PolicyResourceWithCopyMoveSupport.evaluate(PolicyResourceWithCopyMoveSupport.java:119)
      	at sun.reflect.GeneratedMethodAccessor422.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:96)
      	at org.forgerock.json.resource.AnnotatedMethod.invoke(AnnotatedMethod.java:65)
      	at org.forgerock.json.resource.AnnotatedActionMethods.invoke(AnnotatedActionMethods.java:43)
      	at org.forgerock.json.resource.AnnotatedActionMethods.invoke(AnnotatedActionMethods.java:31)
      	at org.forgerock.json.resource.AnnotatedCollectionHandler.handleAction(AnnotatedCollectionHandler.java:63)
      	at org.forgerock.json.resource.Router.handleAction(Router.java:250)
      	at org.forgerock.json.resource.Router.handleAction(Router.java:250)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:55)
      	at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter.lambda$filterAction$0(AuthorizationFilters.java:225)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
      	at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter.filterAction(AuthorizationFilters.java:223)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.json.resource.FilterChain.handleAction(FilterChain.java:222)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:55)
      	at org.forgerock.openam.rest.fluent.AuditFilter.filterAction(AuditFilter.java:81)
      	at org.forgerock.openam.rest.fluent.AuditFilterWrapper.filterAction(AuditFilterWrapper.java:52)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.openam.rest.fluent.CrestLoggingFilter.filterAction(CrestLoggingFilter.java:66)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.openam.rest.ContextFilter.filterAction(ContextFilter.java:49)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.openam.rest.AuthenticationEnforcer.filterAction(AuthenticationEnforcer.java:129)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.json.resource.FilterChain.handleAction(FilterChain.java:222)
      	at org.forgerock.json.resource.Router.handleAction(Router.java:250)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:55)
      	at org.forgerock.openam.rest.ContextFilter.filterAction(ContextFilter.java:49)
      	at org.forgerock.json.resource.FilterChain$Cursor.handleAction(FilterChain.java:53)
      	at org.forgerock.json.resource.FilterChain.handleAction(FilterChain.java:222)
      	at org.forgerock.json.resource.InternalConnection.actionAsync(InternalConnection.java:29)
      	at org.forgerock.json.resource.http.RequestRunner.visitActionRequest(RequestRunner.java:136)
      	at org.forgerock.json.resource.http.RequestRunner.visitActionRequest(RequestRunner.java:82)
      	at org.forgerock.json.resource.Requests$ActionRequestImpl.accept(Requests.java:177)
      	at org.forgerock.json.resource.http.RequestRunner.handleResult(RequestRunner.java:128)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:241)
      	at org.forgerock.json.resource.http.HttpAdapter.doRequest(HttpAdapter.java:712)
      	at org.forgerock.json.resource.http.HttpAdapter.doAction(HttpAdapter.java:618)
      	at org.forgerock.json.resource.http.HttpAdapter.handle(HttpAdapter.java:282)
      	at org.forgerock.http.handler.Handlers$HandlerDescribableAsDescribableHandler.handle(Handlers.java:146)
      	at org.forgerock.http.filter.OptionsFilter.filter(OptionsFilter.java:69)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:80)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:59)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:181)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      	at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:241)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
      	at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
      	at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:51)
      	at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
      	at org.forgerock.http.routing.Router.handle(Router.java:100)
      	at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:88)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:62)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:139)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.openam.http.OpenAMHttpApplication$1.filter(OpenAMHttpApplication.java:74)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:75)
      	at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      	at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:259)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.rest.ProtocolVersionFilter.doFilter(ProtocolVersionFilter.java:62)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:36)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:112)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:46)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
      	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
      	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: javax.script.ScriptException: java.util.concurrent.ExecutionException: javax.script.ScriptException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1) in <Unknown source> at line number 1 at column number 0
      	at org.forgerock.openam.scripting.ThreadPoolScriptEvaluator.evaluateScript(ThreadPoolScriptEvaluator.java:90)
      	at org.forgerock.openam.entitlement.conditions.environment.ScriptCondition.evaluate(ScriptCondition.java:143)
      	... 129 more
      Caused by: java.util.concurrent.ExecutionException: javax.script.ScriptException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1) in <Unknown source> at line number 1 at column number 0
      	at java.util.concurrent.FutureTask.report(FutureTask.java:122)
      	at java.util.concurrent.FutureTask.get(FutureTask.java:192)
      	at org.forgerock.openam.scripting.ThreadPoolScriptEvaluator.evaluateScript(ThreadPoolScriptEvaluator.java:84)
      	... 130 more
      Caused by: javax.script.ScriptException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1) in <Unknown source> at line number 1 at column number 0
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.convertException(RhinoScriptEngine.java:206)
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.eval(RhinoScriptEngine.java:72)
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.eval(RhinoScriptEngine.java:54)
      	at org.forgerock.openam.scripting.StandardScriptEvaluator.evaluateScript(StandardScriptEvaluator.java:86)
      	at org.forgerock.openam.scripting.ThreadPoolScriptEvaluator$ScriptExecutorTask.call(ThreadPoolScriptEvaluator.java:215)
      	at org.forgerock.openam.audit.context.AuditRequestContextPropagatingCallable.call(AuditRequestContextPropagatingCallable.java:32)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	... 1 more
      Caused by: org.mozilla.javascript.EvaluatorException: Access to Java class "org.forgerock.util.promise.PromiseImpl" is prohibited. (<Unknown source>#1)
      	at org.mozilla.javascript.DefaultErrorReporter.runtimeError(DefaultErrorReporter.java:77)
      	at org.mozilla.javascript.Context.reportRuntimeError(Context.java:913)
      	at org.mozilla.javascript.Context.reportRuntimeError(Context.java:969)
      	at org.mozilla.javascript.Context.reportRuntimeError1(Context.java:932)
      	at org.mozilla.javascript.JavaMembers.<init>(JavaMembers.java:35)
      	at org.mozilla.javascript.JavaMembers.lookupClass(JavaMembers.java:807)
      	at org.mozilla.javascript.NativeJavaObject.initMembers(NativeJavaObject.java:54)
      	at org.mozilla.javascript.NativeJavaObject.<init>(NativeJavaObject.java:44)
      	at org.mozilla.javascript.NativeJavaObject.<init>(NativeJavaObject.java:34)
      	at org.mozilla.javascript.WrapFactory.wrapAsJavaObject(WrapFactory.java:115)
      	at org.mozilla.javascript.WrapFactory.wrap(WrapFactory.java:72)
      	at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:236)
      	at org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1473)
      	at org.mozilla.javascript.Interpreter.interpret(Interpreter.java:815)
      	at org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:109)
      	at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
      	at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
      	at org.mozilla.javascript.InterpretedFunction.exec(InterpretedFunction.java:120)
      	at org.mozilla.javascript.Context.evaluateReader(Context.java:1110)
      	at org.forgerock.openam.scripting.factories.RhinoScriptEngine.eval(RhinoScriptEngine.java:69)
      	... 8 more
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                adam.heath Adam Heath
                Reporter:
                lubomir.mlich Ľubomír Mlích
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: