[OPENIDM-14205] Exception caught marshalling a SynchronizationEvent for requests made with CLIENT_CERT authentication Created: 13/Dec/19 Updated: 13/Oct/20 Resolved: 14/Sep/20 |
|
| Status: | Closed |
| Project: | OpenIDM |
| Component/s: | Module - Authentication, Module - Core mapping, synchronization, reconciliation |
| Affects Version/s: | 7.0.0, 6.5.0.2 |
| Fix Version/s: | 7.0.0, 6.5.1.0 |
| Type: | Bug | Priority: | Major |
| Reporter: | Yinyan Cao | Assignee: | Chris Drake |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | CLARK, release-notes | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
log0.gz
|
||||||||||||
| Issue Links: |
|
||||||||||||
| Target Version/s: | |||||||||||||
| Verified Version/s: | |||||||||||||
| Story Points: | 2 | ||||||||||||
| Sprint: | 2019.17 - IDM | ||||||||||||
| Support Ticket IDs: | |||||||||||||
| Zendesk ID: | 45514 | ||||||||||||
| Description |
|
To reproduce this issue: 1. Set up CLIENT_CERT authentication for a user such as jdoe@example.com, https://backstage.forgerock.com/docs/idm/6.5/integrators-guide/#auth-client-cert. Add openidm-admin role to the user. 2. Set up a mapping from managed/user to csv connector. Enable queued sync on the mapping. 3. Create a new user using CLIENT_CERT authentication curl --insecure --cert-type PEM --cert /opt/fg/cc/jdoecert.pem --key /opt/fg/cc/jdoekey.pem --key-type PEM \ --header "Content-Type: application/json" \ --header "X-Requested-With: curl" \ --request POST \ --data '{ "userName":"test4", "sn":"user", "givenName":"test4", "mail": "test4@example.com" }' \ "https://localhost:18244/openidm/managed/user?_action=create" 4. Queued sync fails with
[172] Dec 13, 2019 11:23:40.889 AM org.forgerock.openidm.sync.impl.queue.SynchronizationQueueConsumer handleResource
SEVERE: Exception caught marshalling a SynchronizationEvent from the repo. ...
java.lang.IllegalArgumentException: Cannot construct instance of `org.forgerock.openidm.sync.SynchronizationEvent`, problem: Failed to instantiate class: org.forgerock.http.routing.UriRouterContext
at [Source: UNKNOWN; line: -1, column: -1]
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3751)
at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:3669)
at org.forgerock.openidm.sync.SynchronizationEvent.newSynchronizationEvent(SynchronizationEvent.java:466)
at org.forgerock.openidm.sync.impl.queue.SynchronizationQueueConsumer.handleResource(SynchronizationQueueConsumer.java:156)
...
Caused by: com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Cannot construct instance of `org.forgerock.openidm.sync.SynchronizationEvent`, problem: Failed to instantiate class: org.forgerock.http.routing.UriRouterContext
at [Source: UNKNOWN; line: -1, column: -1]
at com.fasterxml.jackson.databind.exc.InvalidDefinitionException.from(InvalidDefinitionException.java:67)
at com.fasterxml.jackson.databind.DeserializationContext.instantiationException(DeserializationContext.java:1608)
at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.wrapAsJsonMappingException(StdValueInstantiator.java:484)
at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.rewrapCtorProblem(StdValueInstantiator.java:503)
at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.createFromObjectWith(StdValueInstantiator.java:285)
at com.fasterxml.jackson.databind.deser.ValueInstantiator.createFromObjectWith(ValueInstantiator.java:229)
at com.fasterxml.jackson.databind.deser.impl.PropertyBasedCreator.build(PropertyBasedCreator.java:195)
at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeUsingPropertyBased(BeanDeserializer.java:422)
at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromObjectUsingNonDefault(BeanDeserializerBase.java:1287)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:326)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:159)
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3746)
... 164 more
...
Caused by: java.lang.IllegalArgumentException: Unable to instantiate Context implementation class 'org.forgerock.services.context.TransactionIdContext'
at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:135)
at org.forgerock.services.context.AbstractContext.<init>(AbstractContext.java:122)
at org.forgerock.caf.authentication.framework.MessageContextImpl.<init>(MessageContextImpl.java:55)
... 239 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:133)
... 241 more
Caused by: java.lang.IllegalArgumentException: Unable to instantiate Context implementation class 'org.forgerock.services.context.ClientContext'
at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:135)
at org.forgerock.services.context.AbstractContext.<init>(AbstractContext.java:122)
at org.forgerock.services.context.TransactionIdContext.<init>(TransactionIdContext.java:39)
... 246 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.GeneratedConstructorAccessor72.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.forgerock.services.context.AbstractContext.load0(AbstractContext.java:133)
... 248 more
Caused by: java.lang.IllegalStateException: Unable to deserialize certificates
at org.forgerock.services.context.ClientContext.<init>(ClientContext.java:236)
... 252 more
Caused by: java.security.cert.CertificateException: java.io.IOException: Incomplete data
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:358)
at java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:462)
at org.forgerock.services.context.ClientContext.<init>(ClientContext.java:233)
... 252 more
Caused by: java.io.IOException: Incomplete data
at sun.security.provider.X509Factory.readOneBlock(X509Factory.java:586)
at sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:449)
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:356)
... 254 more
|
| Comments |
| Comment by Chris Drake [ 08/Jan/20 ] |
|
IDM has been updated to use Commons 26.0.0-20200107124020-cff6dea which includes the fix for |
| Comment by Travis Haagen [ 17/Jul/20 ] |
|
Naren Koganti/Yinyan Cao: This was never backported to forgerock-commons 24.x branch for 6.5.x. Please see if still needed. |
| Comment by Lana Frost [ 23/Jul/20 ] |
|
Reopening to add to release notes |
| Comment by Michal Orlik [ 13/Oct/20 ] |
|
|
Verified OK for 7.0.x