When removing oxExternalUid via /identity/person/updatePerson.htm page, the value is removed on the web page, but persists in LDAP. This manifests in the logs with the following exception: ``` 2019-10-02 09:17:27,355 ERROR [qtp105704967-13] [org.gluu.oxtrust.action.UpdatePersonAction] (UpdatePersonAction.java:799) - Failed to remove device java.lang.UnsupportedOperationException: null at java.util.AbstractList.remove(AbstractList.java:161) ~[?:1.8.0_222] at java.util.AbstractList$Itr.remove(AbstractList.java:374) ~[?:1.8.0_222] at java.util.AbstractCollection.remove(AbstractCollection.java:293) ~[?:1.8.0_222] at org.gluu.oxtrust.action.UpdatePersonAction.removeOxExternalUid(UpdatePersonAction.java:809) ~[classes/:?] at org.gluu.oxtrust.action.UpdatePersonAction.removeDevice(UpdatePersonAction.java:795) [classes/:?] at org.gluu.oxtrust.action.UpdatePersonAction$Proxy$_$$_WeldSubclass.removeDevice$$super(Unknown Source) [classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_222] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_222] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] at org.jboss.weld.interceptor.proxy.TerminalAroundInvokeInvocationContext.proceedInternal(TerminalAroundInvokeInvocationContext.java:51) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.jboss.weld.interceptor.proxy.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:78) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.gluu.service.security.SecurityInterceptor.invoke(SecurityInterceptor.java:55) [oxcore-service-4.0.rc1.jar:?] at sun.reflect.GeneratedMethodAccessor174.invoke(Unknown Source) ~[?:?] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] at org.jboss.weld.interceptor.reader.SimpleInterceptorInvocation$SimpleMethodInvocation.invoke(SimpleInterceptorInvocation.java:73) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.executeAroundInvoke(InterceptorMethodHandler.java:84) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.executeInterception(InterceptorMethodHandler.java:72) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.invoke(InterceptorMethodHandler.java:56) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:79) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:68) [weld-core-impl-3.1.1.Final.jar:3.1.1.Final] at org.gluu.oxtrust.action.UpdatePersonAction$Proxy$_$$_WeldSubclass.removeDevice(Unknown Source) [classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_222] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_222] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] ... ``` The LDAP record is: ``` dn: inum=3944fffa-74f4-4f6c-9c9b-86207161bca8,ou=people,o=gluu objectClass: top objectClass: eduPerson objectClass: gluuCustomPerson objectClass: gluuPerson inum: 3944fffa-74f4-4f6c-9c9b-86207161bca8 oxLastLogonTime: 20191002090811.785Z updatedAt: 20191002085347.569Z oxExternalUid: wwpass:87c00ab7322a375d8fcda669bd5f4303 oxExternalUid: wwpass:9e46779cff72bb50e17a66f361737be8 zoneinfo: America/Los_Angeles phoneNumberVerified: true gluuSLAManager: true userPassword: {SSHA}WdMhcdVPe5BK+u7XwuDZsuBb92exI4LR mail: admin@iam.wwpass.net givenName: Admin telephoneNumber: 555-1212 emailVerified: true website: https://www.gluu.org/ birthdate: 20170907000000.000Z gender: male preferredUsername: admin oxTrustEmail: {"value":"admin@iam.wwpass.net","display":null,"type":null,"primary":false} memberOf: inum=60B7,ou=groups,o=gluu picture: https://www.gluu.org/wp-content/themes/gluu/images/gl.png displayName: Default Admin User profile: https://www.facebook.com/gluufederation/ c: US gluuStatus: active sn: User nickname: Admin middleName: Admin uid: admin ``` Accessing this attribute also generates other exceptions in: org.gluu.oxtrust.ldap.service.Fido2DeviceService.removeFido2 and org.gluu.oxtrust.ldap.service.Fido2DeviceService.findAllFido2Devices as relevant entries with ou=fido2_register are not in LDAP. These exceptions do not cause any apparent problems, though.