[OPENAM-12826] WS-Federation extended metadata import fails when using ssoadm Created: 06/Apr/18  Updated: 25/Jul/19  Resolved: 03/Jul/18

Status: Resolved
Project: OpenAM
Component/s: ssoadm
Affects Version/s: 5.5.1
Fix Version/s: 5.5.2

Type: Bug Priority: Major
Reporter: Simon Wickham Assignee: Lawrence Yarham
Resolution: Fixed Votes: 0
Labels: EDISON
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

AM-5.5.1


Attachments: Text File Configuration_import_entity-fail.txt     Microsoft Word wsfed-IDP comparison between 12.x vs 5.5.1.docx    
Issue Links:
Regression
is caused by OPENAM-12384 Guice binding error when handling WSF... Resolved
Relates
relates to OPENAM-12384 Guice binding error when handling WSF... Resolved
Target Version/s:
Sprint: AM Sustaining Sprint 52
Story Points: 2
Support Ticket IDs:
Needs QA verification:
Yes

 Description   

When importing WS-Federation Metadata files using the ssoadm command OpenAM, does not recognize metadata specification, i.e.----spec or -c wsfed.

To reproduce the problem:

./openam/bin/ssoadm import-entity -u amadmin -f ~/auth/secrets/ampasswd -e employees -t EmployeeIdP -c wsfed -m metadataXMLfile -x extendedXMLfile.xml

AM does not recognize metadata specification ie ----spec or -c wsfed.

The expected behavior is that once imported attributes should be displayed; See attached document.

Workaround use the Import Entity option on the Federation screen.



 Comments   
Comment by Lawrence Yarham [ 28/Jun/18 ]

Repeating reproduction steps on 5.1.1, results in a different error:

 

Processing Sub Command ...
Executing class, com.sun.identity.federation.cli.ImportMetaData.
Authenticating...
Authenticated.
com.sun.identity.cli.CLIException: Entity config in file, /opt/forgerock/export_extended_27595.xml had invalid syntax.
 at com.sun.identity.federation.cli.ImportMetaData.getEntityConfigElement(ImportMetaData.java:611)
 at com.sun.identity.federation.cli.ImportMetaData.handleRequest(ImportMetaData.java:107)
 at com.sun.identity.cli.SubCommand.execute(SubCommand.java:296)
 at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:217)
 at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:139)
 at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:583)
 at com.sun.identity.cli.CommandManager.<init>(CommandManager.java:180)
 at com.sun.identity.cli.CommandManager.main(CommandManager.java:157)
Entity config in file, /opt/forgerock/export_extended_27595.xml had invalid syntax.

 

which, with debug messaging enabled, results in the following message in the debug log:

 

amCLI:06/28/2018 01:21:23:452 PM PDT: Thread[main,5,main]: TransactionId[unknown]
WARNING: ImportMetaData.importExtendedData
javax.xml.bind.UnmarshalException
 - with linked exception:
[org.xml.sax.SAXParseException; lineNumber: 2; columnNumber: 113; unexpected root element (uri:"urn:sun:fm:wsfederation:1.0:federationconfig", local:"FederationConfig"). Expected elements are <{http://www.w3.org/2001/04/xmlenc#}CipherReference>,<{http://www.w3.org/2001/04/xmlenc#}ReferenceList>,<{http://www.w3.org/2001/04/xmlenc#}EncryptionProperties>,<{http://www.w3.org/2001/04/xmlenc#}EncryptedData>,<{http://www.w3.org/2001/0...

which is the issue reported in -OPENAM-11472-.

Generated at Sun Sep 27 08:07:28 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.