Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-273

com.sun.identity.policy.PolicyManager, when used in client API, does not work across multiple SSO sessions in a single JVM instance


    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Snapshot9
    • Fix Version/s: 10.0.3, 11.0.3, 12.0.1, 13.0.0
    • Component/s: policy
    • Environment:
      Using ForgeRock OpenAM Express Build 9(2010-February-07 13:29)
    • Support Ticket IDs:


      Summary: If you create a PolicyManager using an SSOToken, and that token subsequently becomes invalid, then creating a new PolicyManager with a new SSOToken gives errors on all operations.

      Background: Our company would like to manage our OpenSSO policies by way of a separate web application that makes more sense to problem domain of our business analysts, et al. Our first plan was to recreate the PolicyManager each time the session limit was reached, but has been hindered by this bug. We are now using Agent users, which have unlimited session time, to manage the policies. (See attached enhancement request for more details on how we do this).

      Steps to reproduce (all in the same JVM instance):

      1) policyManager = new PolicyManager(ssoToken)
      2) policyManager.getPolicyNames();
      3) destroy the ssoToken or wait for it to time out
      4) create a new PolicyManager as in step 1
      5) Retrieve policy names again as in step 2

      An exception like this is thrown:

      [our code's portion of the stacktrace omitted]
      Caused by: com.sun.identity.policy.PolicyException: Unable to get policy expd:APPayableEditor for organization dc=opensso,dc=java,dc=net.
      service-config: ou=default,ou=OrganizationConfig,ou=1.0,ou=iPlanetAMPolicyService,ou=services,dc=opensso,dc=java,dc=net No loger valid. Cache has been cleared. Recreate fromServiceConfigManager
      at com.sun.identity.policy.PolicyManager.getPolicy(Unknown Source)
      at com.expd.arch.security.opensso.policy.EIPolicyManager.retrievePolicy(EIPolicyManager.java:472)
      ... 7 more




            • Assignee:
              sachiko Sachiko Wallace
              jkauzlar jkauzlar
            • Votes:
              0 Vote for this issue
              1 Start watching this issue


              • Created: