Summary: If you create a PolicyManager using an SSOToken, and that token subsequently becomes invalid, then creating a new PolicyManager with a new SSOToken gives errors on all operations.
Background: Our company would like to manage our OpenSSO policies by way of a separate web application that makes more sense to problem domain of our business analysts, et al. Our first plan was to recreate the PolicyManager each time the session limit was reached, but has been hindered by this bug. We are now using Agent users, which have unlimited session time, to manage the policies. (See attached enhancement request for more details on how we do this).
Steps to reproduce (all in the same JVM instance):
1) policyManager = new PolicyManager(ssoToken)
3) destroy the ssoToken or wait for it to time out
4) create a new PolicyManager as in step 1
5) Retrieve policy names again as in step 2
An exception like this is thrown:
[our code's portion of the stacktrace omitted]
Caused by: com.sun.identity.policy.PolicyException: Unable to get policy expd:APPayableEditor for organization dc=opensso,dc=java,dc=net.
service-config: ou=default,ou=OrganizationConfig,ou=1.0,ou=iPlanetAMPolicyService,ou=services,dc=opensso,dc=java,dc=net No loger valid. Cache has been cleared. Recreate fromServiceConfigManager
at com.sun.identity.policy.PolicyManager.getPolicy(Unknown Source)
... 7 more