AnsweredAssumed Answered

OpenID Connect broken after upgrading from 12.7 to 12.8

Question asked by christian.verdelli on Apr 24, 2018
Latest reply on Apr 26, 2018 by Hubert Dennis

Hello,

 

wondering if anyone has met this problem.

In a test environment we've just upgraded CA SSO & CA Access Gateway from 12.7 to 12.8

A couple of OpenID Clients and an authorization server were defined before the upgrade, and the authorization flow ending up with the OpenID token was working properly.

After upgrading, whenever viewing any OpenID or Authorization server objects throws exception on the AdminUI; its not possibile to edit existing objects neither add new ones.

 

2018-04-23 23:59:16,046 ERROR [ims.ui] (default task-26) com.netegrity.webapp.page.TaskController: javax.faces.el.EvaluationException: Exception while invoking expression #{oidcAdminConfigList.viewModifyOpenIdAdminConfig} at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:156) [myfaces-impl-1.1.5.jar:1.1.5]

 

Besides the problem on the GUI, the flow with the Client application is broken too, at the very first step, when the authorization endpoint is called, this error message is printed in the logs FWSTrace Log on the gateway

 

tClientInfoByClientID][Exception caught in class com.ca.federation.webservices.openidconnect.c, method getClientInfoByClientID: java.lang.IllegalArgumentException: "Cannot parse bytes to a Response"]
...[AuthorizationService.java][getClientInfo][Could not find client information for client: 000133bd-6f8d-1acc-9720-700a0acd0000 Message: null.]
.....[AuthorizationService.java][getClientInfo][Could not find client information for clientID: 000133bd-6f8d-1acc-9720-700a0acd0000.]
......][AuthorizationService.java][processRequest][Transaction with ID: 25d1609e-a83bf0e6-ebfd3b2f-66311f76-84ea6785-b2 failed. Reason: NO_CLIENT_INFO]
........[AuthorizationService.java][processRequest][No client information found for clientID 000133bd-6f8d-1acc-9720-700a0acd0000.]

Outcomes