Symantec Access Management

Tech Tip: Federation transaction not working : SmJavaAPI: Error finding class ActiveExpressionContext

  • 1.  Tech Tip: Federation transaction not working : SmJavaAPI: Error finding class ActiveExpressionContext

    Posted Jun 28, 2017 05:36 AM

    Issue

    When trying to use federation, we get the following error in the browser :

    HTTP Status 403 - Request Forbidden. Transaction ID: 1711457b-3dd3a976-79fd404a-d7a111f5-c15c7df1-f810 failed.

     

    Checking the Policy Server traces we see :

    [LogMessage:ERROR:[sm-JavaApi-00290] SmJavaAPI: Error finding class ActiveExpressionContext]

    [LogMessage:ERROR:[sm-Tunnel-00160] Failed to initialize tunnel service library 'smjavaapi'. SmJavaAPI: Unable to initialize JNI references] 

     

    The JVM is creating a dump:

     V [libjvm.so+0x701d5a] resource_allocate_bytes(unsigned int, AllocFailStrategy::AllocFailEnum)+0x1a

    V [libjvm.so+0x51209c] JVM_GetStackAccessControlContext+0xfc

    C [libjava.so+0x9984] Java_java_security_AccessController_getStackAccessControlContext+0x24 

    ...

    01dca000-02651000 r-xp 00000000 fd:00 6135898 /u01/app/java/jdk1.7.0_79/jre/lib/i386/server/libjvm.so

    02651000-026b6000 rw-p 00886000 fd:00 6135898 /u01/app/java/jdk1.7.0_79/jre/lib/i386/server/libjvm.so

    04688000-04693000 r-xp 00000000 fd:00 5842876 /u01/app/java/jdk1.7.0_71/jre/lib/i386/libverify.so

    04693000-04694000 rw-p 0000b000 fd:00 5842876 /u01/app/java/jdk1.7.0_71/jre/lib/i386/libverify.so

     

    Environment

    Policy Server 12.52 SP1 CR00 on RHEL 6.6 64-bit

    Cause

    This issue is caused by having 2 different JDK configured in the Policy Server configuration of :

     

    in environment variables PATH and LD_LIBRARY_PATH

    in files ca_ps_env.ksh and JVMOptions.txt

     

    /u01/app/java/jdk1.7.0_79/jre

    /u01/app/java/jdk1.7.0_71/jre

    Resolution

    This problem is resolved by using only one JDK/JRE (in the example, the version 1.7.0_79) and patching it with the Java Cryptography Extension (JCE). 

     

    KD : TEC1247373