My Oracle Support Banner

OPSS - Token Error from OPAM When Using The VIP Url For Server Connection Url -oracle.security.jps.service.trust.token.TokenException: java.lang.NullPointerException (Doc ID 2168679.1)

Last updated on SEPTEMBER 05, 2018

Applies to:

Oracle Platform Security for Java - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

In the OPAM 11.1.2.3.0  configuration change the property where hostname and port of the OPAM server is configured,

updated with the VIP url like this https://viphost:443/opam then started seeing the errors in one of the server

While accessing the server via vip address seeing the following in  the server logs


[APP: opam#11.1.2.0.0] oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.[[
oracle.security.jps.service.trust.token.TokenException: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.
at oracle.security.jps.internal.trust.token.TokenManagerImpl.validateToken(TokenManagerImpl.java:283)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl$1.run(TrustServiceAsserterProviderImpl.java:293)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl$1.run(TrustServiceAsserterProviderImpl.java:290)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl.validateSecurityToken(TrustServiceAsserterProviderImpl.java:290)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl.validateSecurityToken(TrustServiceAsserterProviderImpl.java:241)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl.assertIdentity(TrustServiceAsserterProviderImpl.java:197)
at sun.reflect.GeneratedMethodAccessor730.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy52.assertIdentity(Unknown Source)
at com.bea.common.security.internal.service.IdentityAssertionTokenServiceImpl.assertIdentity(IdentityAssertionTokenServiceImpl.java:92)
at sun.reflect.GeneratedMethodAccessor729.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy53.assertIdentity(Unknown Source)
at com.bea.common.security.internal.service.IdentityAssertionServiceImpl.assertIdentity(IdentityAssertionServiceImpl.java:83)
at sun.reflect.GeneratedMethodAccessor728.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy54.assertIdentity(Unknown Source)
at weblogic.security.service.WLSIdentityAssertionServiceWrapper.assertIdentity(WLSIdentityAssertionServiceWrapper.java:59)
at weblogic.security.service.PrincipalAuthenticator.assertIdentity(PrincipalAuthenticator.java:417)
at weblogic.servlet.security.internal.CertSecurityModule.assertIdentity(CertSecurityModule.java:140)
at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm(CertSecurityModule.java:71)
at weblogic.servlet.security.internal.ChainedSecurityModule.checkAccess(ChainedSecurityModule.java:89)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2209)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.
at oracle.security.jps.internal.trust.provider.embedded.EmbeddedProviderImpl.validate(EmbeddedProviderImpl.java:239)
at oracle.security.jps.internal.trust.token.TokenManagerImpl.validateToken(TokenManagerImpl.java:278)
... 34 more
Caused by: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.
at oracle.security.jps.internal.trust.provider.embedded.SAML2Impl.validate(SAML2Impl.java:397)
at oracle.security.jps.internal.trust.provider.embedded.EmbeddedProviderImpl.validate(EmbeddedProviderImpl.java:227)
... 35 more
Caused by: oracle.security.jps.internal.trust.token.TokenProviderException: Token signature validation failed.
at oracle.security.jps.internal.trust.provider.embedded.SAML2Impl.validateSignature(SAML2Impl.java:759)
at oracle.security.jps.internal.trust.provider.embedded.SAML2Impl.validate(SAML2Impl.java:376)
... 36 more



Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.