Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1109 AdminTokenAction doesn't clear invalid SSOToken
  3. OPENAM-8181

SSOToken used within J2EE Agent for searching user doesn't clear invalid SSOToken

    XMLWordPrintable

    Details

    • Rank:
      1|hzqurj:
    • Sprint 3

      Description

      1. configure application protected by J2EE PA to make JAAS calls in Websphere to get role mapping information.
      2. while running J2EE PA Websphere instance, restart OpenAM server so that agent session will be invalid.
      3. you will see exception on J2EE PA side :

      amJAXRPC:01/19/2016 10:57:49:609 AM MST: Thread[WebContainer : 1,5,main]
      SOAP Client: READ Exception
      java.io.IOException: Server returned HTTP response code: 500 for URL: http://openam.example.com:8080/opensso/jaxrpc/DirectoryManagerIF
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1639)
      at com.sun.identity.shared.jaxrpc.SOAPClient.call(SOAPClient.java:247)
      at com.sun.identity.shared.jaxrpc.SOAPClient.send(SOAPClient.java:329)
      at com.sun.identity.shared.jaxrpc.SOAPClient.send(SOAPClient.java:315)
      at com.sun.identity.idm.remote.IdRemoteServicesImpl.search(IdRemoteServicesImpl.java:340)
      at com.sun.identity.idm.remote.IdRemoteCachedServicesImpl.search(IdRemoteCachedServicesImpl.java:645)
      at com.sun.identity.idm.AMIdentityRepository.searchIdentities(AMIdentityRepository.java:298)
      at com.sun.identity.agents.websphere.AmRealmUserRegistry.getMemberships(AmRealmUserRegistry.java:360)
      at com.sun.identity.agents.websphere.AmAgentUserRegistry.getUniqueGroupIds(AmAgentUserRegistry.java:162)
      at com.ibm.ws.security.registry.UserRegistryImpl.createCredentialInternal(UserRegistryImpl.java:926)
      at com.ibm.ws.security.registry.UserRegistryImpl.createCredential(UserRegistryImpl.java:833)
      at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:801)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
      at java.lang.reflect.Method.invoke(Method.java:620)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:781)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:215)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:706)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:704)
      at java.security.AccessController.doPrivileged(AccessController.java:456)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:703)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:609)
      at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:491)

        Attachments

          Activity

            People

            sachiko Sachiko Wallace
            sachiko Sachiko Wallace
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h
                2h