Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14205

Exception caught marshalling a SynchronizationEvent for requests made with CLIENT_CERT authentication

    Details

    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      2
    • Sprint:
      2019.17 - IDM
    • Support Ticket IDs:
    • Zendesk ID:
      45514

      Description

      To reproduce this issue:

      1.  Set up CLIENT_CERT authentication for a user such as jdoe@example.com, https://backstage.forgerock.com/docs/idm/6.5/integrators-guide/#auth-client-cert. Add openidm-admin role to the user.

      2. Set up a mapping from managed/user to csv connector. Enable queued sync on the mapping.

      3. Create a new user using CLIENT_CERT authentication

      curl --insecure --cert-type PEM --cert /opt/fg/cc/jdoecert.pem --key /opt/fg/cc/jdoekey.pem --key-type PEM  \
       --header "Content-Type: application/json" \
       --header "X-Requested-With: curl" \
       --request POST \
       --data '{
          "userName":"test4",
          "sn":"user",
          "givenName":"test4",
          "mail": "test4@example.com"
        }' \
      "https://localhost:18244/openidm/managed/user?_action=create"
      

      4. Queued sync fails with

      [172] Dec 13, 2019 11:23:40.889 AM org.forgerock.openidm.sync.impl.queue.SynchronizationQueueConsumer handleResource
      SEVERE: Exception caught marshalling a SynchronizationEvent from the repo. ...
      java.lang.IllegalArgumentException: Cannot construct instance of `org.forgerock.openidm.sync.SynchronizationEvent`, problem: Failed to instantiate class: org.forgerock.http.routing.UriRouterContext
       at [Source: UNKNOWN; line: -1, column: -1]
      	at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3751)
      	at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:3669)
      	at org.forgerock.openidm.sync.SynchronizationEvent.newSynchronizationEvent(SynchronizationEvent.java:466)
      	at org.forgerock.openidm.sync.impl.queue.SynchronizationQueueConsumer.handleResource(SynchronizationQueueConsumer.java:156)
          ...
      Caused by: com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Cannot construct instance of `org.forgerock.openidm.sync.SynchronizationEvent`, problem: Failed to instantiate class: org.forgerock.http.routing.UriRouterContext
       at [Source: UNKNOWN; line: -1, column: -1]
      	at com.fasterxml.jackson.databind.exc.InvalidDefinitionException.from(InvalidDefinitionException.java:67)
      	at com.fasterxml.jackson.databind.DeserializationContext.instantiationException(DeserializationContext.java:1608)
      	at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.wrapAsJsonMappingException(StdValueInstantiator.java:484)
      	at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.rewrapCtorProblem(StdValueInstantiator.java:503)
      	at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.createFromObjectWith(StdValueInstantiator.java:285)
      	at com.fasterxml.jackson.databind.deser.ValueInstantiator.createFromObjectWith(ValueInstantiator.java:229)
      	at com.fasterxml.jackson.databind.deser.impl.PropertyBasedCreator.build(PropertyBasedCreator.java:195)
      	at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeUsingPropertyBased(BeanDeserializer.java:422)
      	at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromObjectUsingNonDefault(BeanDeserializerBase.java:1287)
      	at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:326)
      	at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:159)
      	at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3746)
      	... 164 more
      ...
      Caused by: java.lang.IllegalArgumentException: Unable to instantiate Context implementation class 'org.forgerock.services.context.TransactionIdContext'
      	at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:135)
      	at org.forgerock.services.context.AbstractContext.<init>(AbstractContext.java:122)
      	at org.forgerock.caf.authentication.framework.MessageContextImpl.<init>(MessageContextImpl.java:55)
      	... 239 more
      Caused by: java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
      	at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:133)
      	... 241 more
      Caused by: java.lang.IllegalArgumentException: Unable to instantiate Context implementation class 'org.forgerock.services.context.ClientContext'
      	at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:135)
      	at org.forgerock.services.context.AbstractContext.<init>(AbstractContext.java:122)
      	at org.forgerock.services.context.TransactionIdContext.<init>(TransactionIdContext.java:39)
      	... 246 more
      Caused by: java.lang.reflect.InvocationTargetException
      	at sun.reflect.GeneratedConstructorAccessor72.newInstance(Unknown Source)
      	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
      	at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:133)
      	... 248 more
      Caused by: java.lang.IllegalStateException: Unable to deserialize certificates
      	at org.forgerock.services.context.ClientContext.<init>(ClientContext.java:236)
      	... 252 more
      Caused by: java.security.cert.CertificateException: java.io.IOException: Incomplete data
      	at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:358)
      	at java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:462)
      	at org.forgerock.services.context.ClientContext.<init>(ClientContext.java:233)
      	... 252 more
      Caused by: java.io.IOException: Incomplete data
      	at sun.security.provider.X509Factory.readOneBlock(X509Factory.java:586)
      	at sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:449)
      	at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:356)
      	... 254 more	   
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cgdrake Chris Drake
                Reporter:
                yinyan.cao Yinyan Cao
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: