Testing an application authentication using the SiteMinder JWT authentication scheme with the Postman client, and posting the JWT token to SiteMinder, the Java null pointer error shows up:

[10/16/2020][09:52:43][140636808271616][][SmAuthUser.cpp:760][][][][][][][][][][][][][LogMessage:INFO:[sm-Server-03580] java.lang.NullPointerException
        at java.util.Date.getMillisOf(Date.java:958)
        at java.util.Date.before(Date.java:917)
        at com.ca.sm.jwtauth.SMJWTResolver.validateJwtContext(SMJWTResolver.java:35)
        at com.ca.sm.jwtauth.SmJWTAuthScheme.disambiguateUser(SmJWTAuthScheme.java:174)
        at com.ca.sm.jwtauth.SmJWTAuthScheme.authenticate(SmJWTAuthScheme.java:86)
        at com.netegrity.policyserver.smapi.SmAuthenticationContext.authenticate(SmAuthenticationContext.java:289)

When SiteMinder receives a JWT token, it requires a claim (exp date) to be set within JWT token, which is missing from original client submit.

NullPointerException is encountered when getting the date stamp value.

For version earlier than 12.8SP3, this issue can be resolved by setting the (exp date) for the JWT token during submit.

For later versions, upgrade the Policy Server to the latest version to benefit from the fix DE404613 (1).

1. Defects Fixed in 12.8.03