Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8736

When upgrading OpenAM, upgrade can fail if sun-idrepo-ldapv3-config-ssl-enabled has not been removed.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 11.0.4, 12.0.1, 13.0.0
    • Fix Version/s: 12.0.4, 13.5.0
    • Component/s: upgrade
    • Labels:
    • Sprint:
      AM Sustaining Sprint 20, AM Sustaining Sprint 21
    • Support Ticket IDs:

      Description

      When Upgrading OpenAM from 11.0.2 to 12.0.2, the user can hit the following error if sun-idrepo-ldapv3-config-ssl-enabled isn't removed properly:

      ERROR: An error occurred while upgrading service config
      Message:The attribute name sun-idrepo-ldapv3-config-ssl-enabled does not match the service schema

      at com.sun.identity.sm.ServiceSchemaImpl.validateAttrValues(ServiceSchemaImpl.java:473)
      at com.sun.identity.sm.ServiceSchemaImpl.validateAttributes(ServiceSchemaImpl.java:290)
      at com.sun.identity.sm.ServiceConfig.setAttributes(ServiceConfig.java:536)
      at org.forgerock.openam.upgrade.steps.UpgradeIdRepoSubConfigs.perform(UpgradeIdRepoSubConfigs.java:164)
      at org.forgerock.openam.upgrade.UpgradeServices.upgrade(UpgradeServices.java:186)
      at com.sun.identity.config.upgrade.Upgrade.doUpgrade(Upgrade.java:79)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
      at java.lang.reflect.Method.invoke(Method.java:611)
      at org.apache.click.util.ClickUtils.invokeMethod(ClickUtils.java:3317)
      at org.apache.click.util.ClickUtils.invokeListener(ClickUtils.java:2088)
      at org.apache.click.control.AbstractControl$1.onAction(AbstractControl.java:228)
      at org.apache.click.ActionEventDispatcher.fireActionEvent(ActionEventDispatcher.java:259)
      at org.apache.click.ActionEventDispatcher.fireActionEvents(ActionEventDispatcher.java:236)
      at org.apache.click.ActionEventDispatcher.fireActionEvents(ActionEventDispatcher.java:180)
      at org.apache.click.ClickServlet.performOnProcess(ClickServlet.java:746)
      at org.apache.click.ClickServlet.processAjaxPageEvents(ClickServlet.java:1860)
      at org.apache.click.ClickServlet.processPage(ClickServlet.java:559)
      at org.apache.click.ClickServlet.handleRequest(ClickServlet.java:383)
      at org.apache.click.ClickServlet.doGet(ClickServlet.java:276)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:575)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
      at com.ibm.ws.cache.servlet.ServletWrapper.serviceProxied(ServletWrapper.java:307)
      at com.ibm.ws.cache.servlet.CacheHook.handleFragment(CacheHook.java:562)
      at com.ibm.ws.cache.servlet.CacheHook.handleServlet(CacheHook.java:255)
      at com.ibm.ws.cache.servlet.ServletWrapper.service(ServletWrapper.java:259)
      at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1232)
      at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:781)
      at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:480)
      at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:178)
      at com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:136)
      at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:97)
      at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
      at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
      at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:113)
      at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
      at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
      at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:967)
      at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1107)
      at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:87)
      at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:940)
      at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1817)
      at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:200)
      at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:463)
      at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:530)
      at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:316)
      at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:287)
      at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:1049)
      at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:643)
      at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1818)
      at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
      at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
      at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
      at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
      at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
      at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
      at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
      at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1881)

      It appears that during the upgrade process it is possible to have a race condition that can result in sun-idrepo-ldapv3-config-ssl-enabled not being removed before the upgrade begins which results in the above error being given. This error has a possibility of happening with any version of OpenAM before 12.0.1 where sun-idrepo-ldapv3-config-ssl-enabled has not been removed yet.

        Attachments

          Activity

            People

            • Assignee:
              peter.major Peter Major [X] (Inactive)
              Reporter:
              abel.hoxeng Abel Hoxeng
              QA Assignee:
              Filip Kubáň [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 0h
                0h
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h
                2h