OPSS - Token Error from OPAM When Using The VIP Url For Server Connection Url -oracle.security.jps.service.trust.token.TokenException: java.lang.NullPointerException (Doc ID 2168679.1)

Last updated on AUGUST 08, 2016

Applies to:

Oracle Platform Security for Java - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

In the OPAM 11.1.2.3.0  configuration change the property where hostname and port of the OPAM server is configured,

updated with the VIP url like this https://viphost:443/opam then started seeing the errors in one of the server

While accessing the server via vip address seeing the following in  the server logs


[APP: opam#11.1.2.0.0] oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.[[
oracle.security.jps.service.trust.token.TokenException: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.
at oracle.security.jps.internal.trust.token.TokenManagerImpl.validateToken(TokenManagerImpl.java:283)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl$1.run(TrustServiceAsserterProviderImpl.java:293)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl$1.run(TrustServiceAsserterProviderImpl.java:290)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl.validateSecurityToken(TrustServiceAsserterProviderImpl.java:290)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl.validateSecurityToken(TrustServiceAsserterProviderImpl.java:241)
at oracle.security.jps.wls.providers.trust.TrustServiceAsserterProviderImpl.assertIdentity(TrustServiceAsserterProviderImpl.java:197)
at sun.reflect.GeneratedMethodAccessor730.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy52.assertIdentity(Unknown Source)
at com.bea.common.security.internal.service.IdentityAssertionTokenServiceImpl.assertIdentity(IdentityAssertionTokenServiceImpl.java:92)
at sun.reflect.GeneratedMethodAccessor729.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy53.assertIdentity(Unknown Source)
at com.bea.common.security.internal.service.IdentityAssertionServiceImpl.assertIdentity(IdentityAssertionServiceImpl.java:83)
at sun.reflect.GeneratedMethodAccessor728.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy54.assertIdentity(Unknown Source)
at weblogic.security.service.WLSIdentityAssertionServiceWrapper.assertIdentity(WLSIdentityAssertionServiceWrapper.java:59)
at weblogic.security.service.PrincipalAuthenticator.assertIdentity(PrincipalAuthenticator.java:417)
at weblogic.servlet.security.internal.CertSecurityModule.assertIdentity(CertSecurityModule.java:140)
at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm(CertSecurityModule.java:71)
at weblogic.servlet.security.internal.ChainedSecurityModule.checkAccess(ChainedSecurityModule.java:89)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2209)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.
at oracle.security.jps.internal.trust.provider.embedded.EmbeddedProviderImpl.validate(EmbeddedProviderImpl.java:239)
at oracle.security.jps.internal.trust.token.TokenManagerImpl.validateToken(TokenManagerImpl.java:278)
... 34 more
Caused by: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.
at oracle.security.jps.internal.trust.provider.embedded.SAML2Impl.validate(SAML2Impl.java:397)
at oracle.security.jps.internal.trust.provider.embedded.EmbeddedProviderImpl.validate(EmbeddedProviderImpl.java:227)
... 35 more
Caused by: oracle.security.jps.internal.trust.token.TokenProviderException: Token signature validation failed.
at oracle.security.jps.internal.trust.provider.embedded.SAML2Impl.validateSignature(SAML2Impl.java:759)
at oracle.security.jps.internal.trust.provider.embedded.SAML2Impl.validate(SAML2Impl.java:376)
... 36 more



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms