Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1889

Sun Web Server policy agent: Wrong password in combination with naming service failover causes internal error on OpenAM

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Expired
    • Agents-3.1.0-Xpress, Agents-3.3.0, 10.1.0-Xpress, 11.0.0
    • None
    • authentication, web agents
    • Linux Ubuntu 12.04 32-bit, JDK 1.6.0, OpenAM 10.1-Xpress1
    • Rank:
      1|hzlz3z:
    • No
    • No
    • No (add reasons in the comment)

      Description

      The agent was configured for naming service failover as follows:

      com.sun.identity.agents.config.naming.url = http://openam.example.com:8080/openam/namingservice http://openam2.example.com:8080/openam/namingservice
      com.sun.identity.agents.config.password = wrongpassword
      com.sun.identity.agents.config.debug.level = all:5
      com.forgerock.agents.ext.url.validation.poll.interval = 9
      com.forgerock.agents.ext.url.validation.scan.interval = 3

      com.forgerock.agents.ext.url.validation.disable = 0

      (all other parameters are default)

      The following can be observed in the agent debug log:

      2012-11-22 12:45:22.969 Warning 1370:8e6b640 NamingValidateHttpLogin: BaseService::doHttpPost() failed, HTTP error = 500
      2012-11-22 12:45:22.969 -1 1370:8e6b640 all: naming_validator(): http://openam.internal.forgerock.com:8080/openam/namingservice validation failed with HTTP error (21), http status code: 500
      ...

      OpenAM logs indicate the following:

      • CoreSystem
        amXMLHandler:11/21/2012 03:55:15:557 PM GMT: Thread[http-bio-8080-exec-24,5,main]
        LoginStatus XML STring : <LoginStatus status="in_progress"></LoginStatus>
        java.lang.NullPointerException
        at com.iplanet.services.comm.server.PLLRequestServlet.doPost(PLLRequestServlet.java:127)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1002)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)
        at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)

      amComm:11/21/2012 03:55:24:567 PM GMT: Thread[http-bio-8080-exec-17,5,main]
      ERROR: XMLUtils.fatalError
      org.xml.sax.SAXParseException: An invalid XML character (Unicode: 0x1a) was found in the CDATA section.
      at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
      at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
      at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
      at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
      at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
      at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanCDATASection(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
      at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
      at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
      at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
      at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
      at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
      at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:124)
      at com.sun.identity.shared.xml.XMLUtils.toDOMDocument(XMLUtils.java:184)
      at com.sun.identity.shared.xml.XMLUtils.toDOMDocument(XMLUtils.java:143)
      at com.iplanet.services.comm.share.RequestSetParser.<init>(RequestSetParser.java:54)
      at com.iplanet.services.comm.share.RequestSet.parseXML(RequestSet.java:124)
      at com.iplanet.services.comm.server.PLLRequestServlet.doPost(PLLRequestServlet.java:126)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
      at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1002)
      at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)
      at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:662)

      amComm:11/21/2012 03:55:24:567 PM GMT: Thread[http-bio-8080-exec-17,5,main]
      WARNING: Can't parse the XML document
      org.xml.sax.SAXParseException: An invalid XML character (Unicode: 0x1a) was found in the CDATA section.
      at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
      at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
      at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:124)
      at com.sun.identity.shared.xml.XMLUtils.toDOMDocument(XMLUtils.java:184)
      at com.sun.identity.shared.xml.XMLUtils.toDOMDocument(XMLUtils.java:143)
      at com.iplanet.services.comm.share.RequestSetParser.<init>(RequestSetParser.java:54)
      at com.iplanet.services.comm.share.RequestSet.parseXML(RequestSet.java:124)
      at com.iplanet.services.comm.server.PLLRequestServlet.doPost(PLLRequestServlet.java:126)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:95)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
      at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1002)
      at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)
      at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:662)

      I am adding the complete logs to the issue.

        Attachments

        1. amAgent
          50 kB
        2. Authentication
          92 kB
        3. CoreSystem
          66 kB
        4. OpenSSOAgentBootstrap.properties
          9 kB

          Activity

            People

            mareks Mareks Malnacs
            n4al Nemanja Lukic
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: