By: Daniel Steiner user 12 Oct 2021 at 1:42 a.m. CDT

11 Responses
Daniel Steiner gravatar
## Actual behaviour After successful migration from 4.2.3 to 4.3.0, it's not possible to open JSON Configuration in Gluu Admin interface. This was working in 4.2.3 version. ## Error message in Gui > Failed to load configuration from LDAP ## Log entry Found following in `/opt/gluu/jetty/identity/logs/oxtrust.log` file: ``` 2021-10-12 04:01:47,375 ERROR [qtp733943822-22] [org.gluu.oxtrust.action.JsonConfigurationAction] (JsonConfigurationAction.java:136) - Failed to load configuration from LDAP java.lang.NullPointerException: null at org.gluu.oxtrust.action.JsonConfigurationAction.init(JsonConfigurationAction.java:118) ~[classes/:?] at org.gluu.oxtrust.action.JsonConfigurationAction$Proxy$_$$_WeldSubclass.init$$super(Unknown Source) ~[classes/:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] at org.jboss.weld.interceptor.proxy.TerminalAroundInvokeInvocationContext.proceedInternal(TerminalAroundInvokeInvocationContext.java:51) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.interceptor.proxy.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:78) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.gluu.service.security.SecurityInterceptor.invoke(SecurityInterceptor.java:55) ~[security-extension-cdi-4.3.0.Final.jar:?] at jdk.internal.reflect.GeneratedMethodAccessor212.invoke(Unknown Source) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] at org.jboss.weld.interceptor.reader.SimpleInterceptorInvocation$SimpleMethodInvocation.invoke(SimpleInterceptorInvocation.java:73) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.executeAroundInvoke(InterceptorMethodHandler.java:84) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.executeInterception(InterceptorMethodHandler.java:72) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.invoke(InterceptorMethodHandler.java:56) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:79) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:68) ~[weld-core-impl-3.1.8.Final.jar:3.1.8.Final] at org.gluu.oxtrust.action.JsonConfigurationAction$Proxy$_$$_WeldSubclass.init(Unknown Source) ~[classes/:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] at org.apache.el.parser.AstValue.invoke(AstValue.java:247) ~[org.mortbay.jasper.apache-el-8.5.54.jar:8.5.54] at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:267) ~[org.mortbay.jasper.apache-el-8.5.54.jar:8.5.54] at org.jboss.weld.module.web.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) ~[weld-web-3.1.8.Final.jar:3.1.8.Final] at org.jboss.weld.module.web.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) ~[weld-web-3.1.8.Final.jar:3.1.8.Final] at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:65) ~[jakarta.faces-2.3.14.jar:2.3.14] at com.sun.faces.application.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:66) ~[jakarta.faces-2.3.14.jar:2.3.14] at com.sun.faces.application.ActionListenerImpl.getNavigationOutcome(ActionListenerImpl.java:82) ~[jakarta.faces-2.3.14.jar:2.3.14] at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:71) ~[jakarta.faces-2.3.14.jar:2.3.14] at javax.faces.component.UIViewAction.broadcast(UIViewAction.java:548) ~[jakarta.faces-2.3.14.jar:2.3.14] at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:847) ~[jakarta.faces-2.3.14.jar:2.3.14] at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1396) ~[jakarta.faces-2.3.14.jar:2.3.14] at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:58) ~[jakarta.faces-2.3.14.jar:2.3.14] at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76) ~[jakarta.faces-2.3.14.jar:2.3.14] at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177) ~[jakarta.faces-2.3.14.jar:2.3.14] at javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:707) ~[jakarta.faces-2.3.14.jar:2.3.14] at javax.faces.webapp.FacesServlet.service(FacesServlet.java:451) ~[jakarta.faces-2.3.14.jar:2.3.14] at org.eclipse.jetty.servlet.ServletHolder$NotAsync.service(ServletHolder.java:1450) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:228) ~[websocket-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:602) ~[jetty-security-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) ~[jetty-servlet-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:234) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.Server.handle(Server.java:516) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388) ~[jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633) [jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380) [jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) [jetty-server-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [jetty-io-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) [jetty-io-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) [jetty-io-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) [jetty-util-9.4.43.v20210629.jar:9.4.43.v20210629] at java.lang.Thread.run(Thread.java:834) [?:?] ``` Before the update, we impemented the first SAML intergration. I found following messages in `/var/log/httpd/access_log`: ``` "GET /identity/restv1/passport/config HTTP/1.1" 503 38 "-" "got (https://github.com/sindresorhus/got)" ``` And in `/opt/gluu/node/passport_2021-10-12.02:19:14/logs/passport.log`, every minute: ``` 2020-10-15T03:48:53.612Z [ERROR] Error: Received unexpected HTTP status code of 503 2020-10-15T03:48:53.612Z [WARN] An attempt to get configuration data will be tried again soon ``` Do I miss some configuration settings, or is it problem with the software? Thank you ...

By Mustafa Baser staff 12 Oct 2021 at 10 a.m. CDT

Mustafa Baser gravatar
Hi, Please send full oxtrust/oauth log. Regards

By Daniel Steiner user 13 Oct 2021 at 4:38 a.m. CDT

Daniel Steiner gravatar
Sorry Mustafa, did not see your answer earlier. You can downlaod the logs here: https://dtp.threema.ch/dl#pdambqIvpfGyGwfOcieX/logs.tar.gz

By Mustafa Baser staff 13 Oct 2021 at 8:54 a.m. CDT

Mustafa Baser gravatar
Hi, It seems oxtrust json configuration is corrupted. Please execute the following command and send `oxtrust.conf` ``` /opt/opendj/bin/ldapsearch -X -Z -D "cn=Directory Manager" -w <ldap_admin_password> -h localhost -p 1636 -b "ou=oxtrust,ou=configuration,o=gluu" "objectClass=oxTrustConfiguration" > oxtrust.ldif ``` Use your ldap administrator password for `<ldap_admin_password>` Regards.

By Daniel Steiner user 13 Oct 2021 at 10:17 a.m. CDT

Daniel Steiner gravatar
Hi, I have reverted the update to 4.2.3. I executed the given command on that version, the file is available on this link: https://dtp.threema.ch/dl#FNFoL30bX8jc-dLQLb1h . I hope this helps. Regards

By Mustafa Baser staff 13 Oct 2021 at 1:37 p.m. CDT

Mustafa Baser gravatar
Hi, I installed 4.2.3 on Ubuntu20 server and replaced `oxTrustConfApplication` with yours (I had to replace keystore passwords and `idpBindPassword` with mine). I upgraded to 4.3.0. It successfully loaded configuration from ldap: ``` 2021-10-13 18:18:41,988 INFO [main] [org.gluu.service.config.ConfigurationFactory] (ConfigurationFactory.java:289) - Loading configuration from 'ldap' DB... 2021-10-13 18:18:43,269 INFO [main] [org.gluu.oxtrust.service.AppInitializer] (AppInitializer.java:305) - Created persistenceEntryManager: org.gluu.persist.ldap.impl.LdapEntryManager@546d4a2 with operation service: org.gluu.persist.ldap.operation.impl.LdapOperationServiceImpl@672e6f34 2021-10-13 18:18:43,475 INFO [main] [org.gluu.service.logger.LoggerService] (LoggerService.java:159) - External log configuration: null 2021-10-13 18:18:43,475 INFO [main] [org.gluu.service.logger.LoggerService] (LoggerService.java:178) - Reloading log4j2 configuration 2021-10-13 18:18:43,542 INFO [main] [org.gluu.service.logger.LoggerService] (LoggerService.java:142) - Setting layout and loggers level to 'TEXT`, `INFO' after configuration update 2021-10-13 18:18:43,594 INFO [main] [org.gluu.service.config.ConfigurationFactory] (ConfigurationFactory.java:150) - Configuration loaded successfully. ``` Thus no json decode issues. I could not replicate your issue. Regards.

By Daniel Steiner user 14 Oct 2021 at 12:55 a.m. CDT

Daniel Steiner gravatar
Hi, OK, but do you think, this is because the export is from 4.2.3 Version (before the upgrade)? I will send you the output of ldapsearch from 4.3.0. I can easy switch to updated version, but only during non-business hours. Regards

By Mustafa Baser staff 14 Oct 2021 at 4:59 a.m. CDT

Mustafa Baser gravatar
Hi, If you can send, I will be able to check if json is really corrupted. Regards.

By Daniel Steiner user 14 Oct 2021 at 5:39 a.m. CDT

Daniel Steiner gravatar
Hi, Here: https://dtp.threema.ch/dl#iX0xkjEGmUH3BpckpQdw Regards

By Mustafa Baser staff 15 Oct 2021 at 3:58 a.m. CDT

Mustafa Baser gravatar
Hi, json value of oxTrustConfApplication is good. I don't know what else I should look. Regards.

By Mustafa Baser staff 15 Oct 2021 at 3:59 a.m. CDT

Mustafa Baser gravatar
Can you again send oxtrust and oxauth log files, I will forward to developers of oxtrust and oxauth.

By Daniel Steiner user 15 Oct 2021 at 4:42 a.m. CDT

Daniel Steiner gravatar
Of course: https://dtp.threema.ch/dl#CjsKQ33UGDksAIHA83s0 Regards.