Problem
When I try to modify a realm in the AdminUI, I got the error in the JBoss logs :
Value duplicated for CA.SM::Realm.FullResourceFilter="/"
and it shows me 2 realms :
CA.SM::Realm@06-00073fa6-61bf-1425-a4e6-40a70a67205d(public)
CA.SM::Realm@06-00034a08-61bf-1425-a4e6-40a70a67205d(all)
I looked in the Policy Store using XPSExplorer, I found the realm
CA.SM::Realm@06-00034a08-61bf-1425-a4e6-40a70a67205d(all)
but not the
CA.SM::Realm@06-00073fa6-61bf-1425-a4e6-40a70a67205d(public)
Where does the AdminUI find this last one if it does not exist in the Policy Store ?
Solution
The AdminUI relies on the Derby database data about transactions are stored in :
{adminui_installation}/server/default/data/derby/siteminder/taskpersistence/seg0
There might be a pending transaction in the .dat files in it where the realm XID is present.
The .dat files are Derby's transaction log files that Derby uses for any recovery process :
http://db.apache.org/derby/docs/10.0/manuals/develop/develop13.html
You might re-register the AdminUI and delete the data/ folder to get rid of this problem.