By: Mike Con user 26 Mar 2021 at 11:45 a.m. CDT

26 Responses
Mike Con gravatar
I was on version 3.1.6 and upgraded to 4.0 > 4.1 and then to 4.2.3. However, I noticed that SCIM service was no longer available 4.2.3. Is this service unavailable by default in 4.2.3 or is there a special requirement needed in order to enable/install the service.

By Michael Schwartz Account Admin 26 Mar 2021 at 12:33 p.m. CDT

Michael Schwartz gravatar
SCIM now runs as a standalone server. This was preferable for containerization. On installation, you'll need to select this component.

By Mike Con user 26 Mar 2021 at 12:45 p.m. CDT

Mike Con gravatar
Thanks - Can this be done after the upgrade? What process during the up grade process do this step appear?

By Jose Gonzalez staff 26 Mar 2021 at 1:37 p.m. CDT

Jose Gonzalez gravatar
Try this https://www.gluu.org/docs/gluu-server/user-management/scim2/#installation (post-install addition)

By Mike Con user 26 Mar 2021 at 2:30 p.m. CDT

Mike Con gravatar
I recieved and error when going thought the step. root@localhost:/install/community-edition-setup# python3 post-setup-add-components.py -addscim Current Gluu Version 4.2.3 Downloading Community Edition Setup 4.2.3 2021-03-26 14:08:05 URL:https://codeload.github.com/GluuFederation/community-edition-setup/zip/version_4.2.3 [654063] -> "/install/community-edition-setup/version_4.2.3.zip" [1] Extracting package Detected OS ubuntu 18 Detected OS ubuntu 18 Traceback (most recent call last): File "post-setup-add-components.py", line 103, in <module> setupObj.initialize() File "/install/community-edition-setup/setup.py", line 865, in initialize oxauth_client_jar_zf = zipfile.ZipFile(self.non_setup_properties['oxauth_client_jar_fn']) File "/usr/lib/python3.6/zipfile.py", line 1131, in init self._RealGetContents() File "/usr/lib/python3.6/zipfile.py", line 1198, in _RealGetContents raise BadZipFile("File is not a zip file") zipfile.BadZipFile: File is not a zip file

By Jose Gonzalez staff 29 Mar 2021 at 6:55 a.m. CDT

Jose Gonzalez gravatar
@Mustafa.Baser can you manage some time to take a look on this one?

By Devrim Yatar staff 29 Mar 2021 at 9:29 a.m. CDT

Devrim Yatar gravatar
Hi, I made a fix today, I don't know if you executed before this fix: https://github.com/GluuFederation/community-edition-setup/commit/701aa9fca59ab7821314bfc312cfce994e8ad799 When I run, it installed without issue. see screenshot.

By Mike Con user 31 Mar 2021 at 1:44 p.m. CDT

Mike Con gravatar
I'm still getting the same error root@localhost:/install/community-edition-setup# python3 post-setup-add-components.py -addscim Current Gluu Version 4.2.3 Downloading Community Edition Setup 4.2.3 2021-03-31 13:37:17 URL:https://codeload.github.com/GluuFederation/community-edition-setup/zip/version_4.2.3 [65399 6/653996] -> "/install/community-edition-setup/version_4.2.3.zip" [1] Extracting package Detected OS ubuntu 18 Detected OS ubuntu 18 Traceback (most recent call last): File "post-setup-add-components.py", line 103, in <module> setupObj.initialize() File "/install/community-edition-setup/setup.py", line 865, in initialize oxauth_client_jar_zf = zipfile.ZipFile(self.non_setup_properties['oxauth_client_jar_fn']) File "/usr/lib/python3.6/zipfile.py", line 1131, in __init__ self._RealGetContents() File "/usr/lib/python3.6/zipfile.py", line 1198, in _RealGetContents raise BadZipFile("File is not a zip file") zipfile.BadZipFile: File is not a zip file root@localhost:/install/community-edition-setup#

By Devrim Yatar staff 01 Apr 2021 at 7:19 a.m. CDT

Devrim Yatar gravatar
Hi, jar file `/opt/dist/gluu/oxauth-client-jar-with-dependencies.jar` on you system is either corrupted or download failed. I added downloading of this file in case it is corrupted. Please download post setup installer: `wget https://raw.githubusercontent.com/GluuFederation/community-edition-setup/version_4.3.0/post-setup-add-components.py -O post-setup-add-components.py` and execute again: `python3 python3 post-setup-add-components.py -addscim` Regards.

By Mike Con user 01 Apr 2021 at 12:23 p.m. CDT

Mike Con gravatar
Error root@localhost:/install/community-edition-setup# wget https://raw.githubusercontent.com/GluuFederation/community-edition-setup/version_4.3.0/post-setup-add-components.py -O post-setup-add-components.py --2021-04-01 12:23:04-- https://raw.githubusercontent.com/GluuFederation/community-edition-setup/version_4.3.0/post-setup-add-components.py Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133, 185.199.110.133, 185.199.111.133, ... Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 25532 (25K) [text/plain] Saving to: ‘post-setup-add-components.py’ post-setup-add-components.py 100%[===================================================================>] 24.93K --.-KB/s in 0s 2021-04-01 12:23:04 (69.3 MB/s) - ‘post-setup-add-components.py’ saved [25532/25532] root@localhost:/install/community-edition-setup# python3 post-setup-add-components.py -addscim Traceback (most recent call last): File "post-setup-add-components.py", line 9, in <module> import ldap3 ModuleNotFoundError: No module named 'ldap3' root@localhost:/install/community-edition-setup#

By Devrim Yatar staff 02 Apr 2021 at 1:56 p.m. CDT

Devrim Yatar gravatar
Install python3-ldap3 module `apt install python3-ldap3`

By Mike Con user 04 Apr 2021 at 6:03 p.m. CDT

Mike Con gravatar
error root@localhost:/install/community-edition-setup# wget https://raw.githubusercontent.com/GluuFederation/community-edition-setup/version_4.3.0/post-setup-add-components.py -O post-setup-add-components.py --2021-04-04 17:59:26-- https://raw.githubusercontent.com/GluuFederation/community-edition-setup/version_4.3.0/post-setup-add-components.py Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133, 185.199.111.133, 185.199.108.133, ... Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 25532 (25K) [text/plain] Saving to: ‘post-setup-add-components.py’ post-setup-add-components.py 100%[====================================================================================================>] 24.93K --.-KB/s in 0s 2021-04-04 17:59:26 (62.0 MB/s) - ‘post-setup-add-components.py’ saved [25532/25532] root@localhost:/install/community-edition-setup# python3 post-setup-add-components.py -addscim Current Gluu Version 4.2.3 /opt/dist/gluu/oxauth-client-jar-with-dependencies.jar is corrupted, removing and will be downloaded Downloading oxauth-client-4.2.3.Final-jar-with-dependencies.jar 2021-04-04 17:59:42 URL:https://ox.gluu.org/maven/org/gluu/oxauth-client/4.2.3.Final/oxauth-client-4.2.3.Final-jar-with-dependencies.jar [21175862/21175862] -> "/opt/dist/gluu/oxauth-client-jar-with-dependencies.jar" [1] Downloading Community Edition Setup 4.2.3 Executing wget -nv https://github.com/GluuFederation/community-edition-setup/archive/version_4.2.3.zip -O /install/community-edition-setup/version_4.2.3.zip 2021-04-04 17:59:42 URL:https://codeload.github.com/GluuFederation/community-edition-setup/zip/version_4.2.3 [653996] -> "/install/community-edition-setup/version_4.2.3.zip" [1] Extracting package Executing unzip -o -qq /install/community-edition-setup/version_4.2.3.zip -d /install/community-edition-setup Executing mv /install/community-edition-setup/community-edition-setup-version_4.2.3/ /install/community-edition-setup/ces_current Detected OS ubuntu 18 Detected OS ubuntu 18 Log Files: /install/community-edition-setup/ces_current/post_setup.log /install/community-edition-setup/ces_current/post_setup_error.log Scim Server is already installed on this system Please exit container and restart Gluu Server root@localhost:/install/community-edition-setup# systemctl status scim ● scim.service - scim service Loaded: loaded (/etc/systemd/system/scim.service; enabled; vendor preset: enabled) Active: inactive (dead) root@localhost:/install/community-edition-setup# systemctl start scim Job for scim.service failed because the control process exited with error code. See "systemctl status scim.service" and "journalctl -xe" for details. root@localhost:/install/community-edition-setup# exit logout root@qa-gluu1 ~ dynatron.io production! # → /sbin/gluu-serverd-3.1.6 login Welcome to the Gluu Server! Last login: Sun Apr 4 17:56:06 2021 from 127.0.0.1 root@localhost:~# systemctl start scim Job for scim.service failed because the control process exited with error code. See "systemctl status scim.service" and "journalctl -xe" for details. root@localhost:~# systemctl status scim ● scim.service - scim service Loaded: loaded (/etc/systemd/system/scim.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sun 2021-04-04 18:01:40 CDT; 10s ago Process: 1303 ExecStart=/opt/dist/scripts/scim start (code=exited, status=1/FAILURE) Apr 04 18:01:40 localhost systemd[1]: Starting scim service... Apr 04 18:01:40 localhost scim[1303]: ** ERROR: JETTY_HOME not set, you need to set it or install in a standard location Apr 04 18:01:40 localhost systemd[1]: scim.service: Control process exited, code=exited status=1 Apr 04 18:01:40 localhost systemd[1]: scim.service: Failed with result 'exit-code'. Apr 04 18:01:40 localhost systemd[1]: Failed to start scim service. root@localhost:~#

By Mike Con user 05 Apr 2021 at 4:05 p.m. CDT

Mike Con gravatar
systemctl start scim now shows "active (running) However - There URLs are not working: https://qa-sso.kdaenterprises.com/.well-known/scim-configuration https://qa-sso.kdaenterprises.com/identity/restv1/scim/v2/ServiceProviderConfig When looking in the Apache configuration we see this: ProxyPass /.well-known/scim-configuration http://localhost:8087/scim/restv1/scim/scim-configuration Observation - Nothing is listening on port 8087 so I think something is still missing.

By Devrim Yatar staff 06 Apr 2021 at 6:44 a.m. CDT

Devrim Yatar gravatar
Hi, Today I * installed fresh 3.1.6 on CentOS7 * upgraded to 4.0 * upgraded to 4.3.2 * use post setup to scim scim is working properly I don't know what issue you have. Could you send log files under `/opt/gluu/jetty/scim/logs`

By Mike Con user 06 Apr 2021 at 9:08 a.m. CDT

Mike Con gravatar
There's no logs available root@localhost:~# vi /opt/gluu/jetty/scim/logs " ============================================================================ " Netrw Directory Listing (netrw v156) " /opt/gluu/jetty/scim/logs " Sorted by name " Sort sequence: [\/]$,\<core\%(\.\d\+\)\=\>,\.h$,\.c$,\.cpp$,\~\=\*$,*,\.o$,\.obj$,\.info$,\.swp$,\.bak$,\~$ " Quick Help: <F1>:help -:go up dir D:delete R:rename s:sort-by x:special " ============================================================================== ../ ./ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "/opt/gluu/jetty/scim/logs" is a directory

By Devrim Yatar staff 06 Apr 2021 at 11:38 a.m. CDT

Devrim Yatar gravatar
Hi Rather than systemctl, please start with jetty script and see what happens: `/opt/dist/scripts/scim start`

By Mike Con user 06 Apr 2021 at 11:40 a.m. CDT

Mike Con gravatar
root@qa-gluu1 ~ dynatron.io production! # → /sbin/gluu-serverd-3.1.6 login Welcome to the Gluu Server! Last login: Tue Apr 6 08:44:24 2021 from 127.0.0.1 root@localhost:~# /opt/dist/scripts/scim start ** ERROR: JETTY_HOME not set, you need to set it or install in a standard location root@localhost:~#

By Devrim Yatar staff 07 Apr 2021 at 2:29 a.m. CDT

Devrim Yatar gravatar
@Ganesh.Dutt Sharma can you help on this. `JETTY_HOME` should be set by `/etc/default/scim`

By Ganesh Dutt Sharma Account Admin 07 Apr 2021 at 5:09 a.m. CDT

Ganesh Dutt Sharma gravatar
@Mike Con Can you please paste the contents of your /etc/default/scim? I just installed 4.2.3 version on local system and I see it has contents: ``` root@vsurpr0001:/etc/default# cat /etc/default/scim JAVA_HOME=/opt/jre JAVA=$JAVA_HOME/bin/java JAVA_OPTIONS="-server -Xms256m -Xmx295m -XX:+DisableExplicitGC -Dgluu.base=/etc/gluu -Dserver.base=/opt/gluu/jetty/scim -Dlog.base=/opt/gluu/jetty/scim -Dpython.home=/opt/jython" JETTY_HOME=/opt/jetty JETTY_BASE=/opt/gluu/jetty/scim JETTY_USER=jetty JETTY_ARGS="jetty.http.host=localhost jetty.http.port=8087" TMPDIR=/opt/jetty-9.4/temp export PYTHON_HOME=/opt/jython root@vsurpr0001:/etc/default# ``` That shows that `JETTY_HOME` is defined.

By Mike Con user 07 Apr 2021 at 9:55 a.m. CDT

Mike Con gravatar
scim isn't located in that location. dynatron.io production! # → /sbin/gluu-serverd-3.1.6 login Welcome to the Gluu Server! Last login: Thu Apr 1 12:18:33 2021 from 127.0.0.1 root@localhost:~# ls ] gluu-backup gluu-backups.sh post-setup-add-components.py update.py upg40 upg410 root@localhost:~# cat /etc/default/scim cat: /etc/default/scim: No such file or directory root@localhost:~# whereis default default: /etc/default root@localhost:~# cd /etc/default/scim -bash: cd: /etc/default/scim: No such file or directory root@localhost:~# cd /etc/default/ root@localhost:/etc/default# ls apache-htcacheclean cron identity.gluu-3.1.6-1~ keyboard motd-news oxauth rsyslog bsdmainutils dbus idp locale networkd-dispatcher oxauth.gluu-3.1.6-1~ ssh console-setup identity idp.gluu-3.1.6-1~ memcached nss passport useradd root@localhost:/etc/default# cat /etc/default/scim cat: /etc/default/scim: No such file or directory root@localhost:/etc/default# cd root@localhost:~# whereis scim scim: root@localhost:~# ls

By Ganesh Dutt Sharma Account Admin 07 Apr 2021 at 10:39 a.m. CDT

Ganesh Dutt Sharma gravatar
@Mustafa.Baser it seems the function installScim() in https://raw.githubusercontent.com/GluuFederation/community-edition-setup/version_4.3.0/post-setup-add-components.py doesn't copy /etc/default/scim. Can you please confirm? @Mike Con, In the meantime can you please try the file contents in your installation's /etc/default/scim and see if scim works as expected? Contents are pasted in my previous comment.

By Mike Con user 07 Apr 2021 at 3:50 p.m. CDT

Mike Con gravatar
the scim file does'nt exist do i need to add it? root@localhost:/etc/default# ls apache-htcacheclean cron identity.gluu-3.1.6-1~ keyboard motd-news oxauth rsyslog bsdmainutils dbus idp locale networkd-dispatcher oxauth.gluu-3.1.6-1~ ssh console-setup identity idp.gluu-3.1.6-1~ memcached nss passport useradd root@localhost:/etc/default# ^C root@localhost:/etc/default#

By Devrim Yatar staff 08 Apr 2021 at 3:15 a.m. CDT

Devrim Yatar gravatar
Mike, Did you run post-setup script inside container (I mean after logged in to container)? Post setup scripts either does it's work and finish without error, in that case, installation should be successful, or it rises error. Can you re-run post setup script?

By Ganesh Dutt Sharma Account Admin 08 Apr 2021 at 4:27 a.m. CDT

Ganesh Dutt Sharma gravatar
Mike, As I informed, you can try the file I provided at the given path /etc/default/scim and see if that works for you. If not, then please feel free to go Mustafa's way. Thanks Ganesh

By Mike Con user 08 Apr 2021 at 9:30 a.m. CDT

Mike Con gravatar
Ganesh - I add the file and below is the result. root@localhost:~# systemctl start scim root@localhost:~# systemctl status scim ● scim.service - scim service Loaded: loaded (/etc/systemd/system/scim.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2021-04-08 09:10:03 CDT; 5min ago Process: 787 ExecStart=/opt/dist/scripts/scim start (code=exited, status=0/SUCCESS) Main PID: 821 (java) CGroup: /system.slice/scim.service └─821 /opt/jre/bin/java -server -Xms256m -Xmx295m -XX:+DisableExplicitGC -Dgluu.base=/etc/gluu -Dserver.base=/opt/gluu/jetty/scim -Dlog.base=/opt/gluu/jetty/scim -Dpython.home=/opt/jython -Dje Apr 08 09:09:35 localhost systemd[1]: Starting scim service... Apr 08 09:09:36 localhost scim[787]: Starting Jetty: 2021-04-08 14:09:36.500:INFO::main: Logging initialized @988ms to org.eclipse.jetty.util.log.StdErrLog Apr 08 09:09:37 localhost scim[787]: 2021-04-08 14:09:37.156:INFO::main: Console stderr/stdout captured to /opt/gluu/jetty/scim/logs/2021_04_08.jetty.log Apr 08 09:09:51 localhost scim[787]: . . . . WARNING: An illegal reflective access operation has occurred Apr 08 09:09:51 localhost scim[787]: WARNING: Illegal reflective access by org.jboss.weld.util.bytecode.ClassFileUtils$1 (file:/opt/jetty-9.4/temp/jetty-localhost-8087-scim_war-_scim-any-2332822149380039 Apr 08 09:09:51 localhost scim[787]: WARNING: Please consider reporting this to the maintainers of org.jboss.weld.util.bytecode.ClassFileUtils$1 Apr 08 09:09:51 localhost scim[787]: WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations Apr 08 09:09:51 localhost scim[787]: WARNING: All illegal access operations will be denied in a future release Apr 08 09:10:03 localhost scim[787]: . . OK Thu Apr 8 09:10:03 CDT 2021 Apr 08 09:10:03 localhost systemd[1]: Started scim service.

By Mike Con user 08 Apr 2021 at 9:42 a.m. CDT

Mike Con gravatar
@Mustafa.Baser - i ran the script, no errors root@localhost:/install/community-edition-setup# python3 post-setup-add-components.py -addscim Current Gluu Version 4.2.3 Downloading Community Edition Setup 4.2.3 Executing wget -nv https://github.com/GluuFederation/community-edition-setup/archive/version_4.2.3.zip -O /install/community-edition-setup/version_4.2.3.zip 2021-04-08 09:40:40 URL:https://codeload.github.com/GluuFederation/community-edition-setup/zip/version_4.2.3 [654040] -> "/install/community-edition-setup/version_4.2.3.zip" [1] Extracting package Executing unzip -o -qq /install/community-edition-setup/version_4.2.3.zip -d /install/community-edition-setup Executing mv /install/community-edition-setup/community-edition-setup-version_4.2.3/ /install/community-edition-setup/ces_current Detected OS ubuntu 18 Detected OS ubuntu 18 Log Files: /install/community-edition-setup/ces_current/post_setup.log /install/community-edition-setup/ces_current/post_setup_error.log Scim Server is already installed on this system Please exit container and restart Gluu Server root@localhost:/install/community-edition-setup#

By Mike Con user 08 Apr 2021 at 11:16 a.m. CDT

Mike Con gravatar
Update - I think we may be good. I will circle back tomorrow.