Cannot export SAML2 metadata with SsoConfig
search cancel

Cannot export SAML2 metadata with SsoConfig

book

Article ID: 203789

calendar_today

Updated On:

Products

CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

In SsoConfig, when choosing 1. -> 6. Export SAML2 Service Provider Metadata, it crashes with the message below. Also some additional configuration information is included below.

****** SsoConfig error message:

Invocation of this Java Application has caused an InvocationTargetException. This application will now exit. (LAX)

Stack Trace:
java.lang.NullPointerException
        at org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport.getBuilderFactory(XMLObjectProviderRegistrySupport.java:107)
        at common.saml2.SpMetadataGenerator.<init>(SpMetadataGenerator.java:46)
        at com.ca.sa.sso.config.SsoConfig.generateSpMetadata(SsoConfig.java:765)
        at com.ca.sa.sso.config.SsoConfig.categoryMenu(SsoConfig.java:719)
        at com.ca.sa.sso.config.SsoConfig.productMenu(SsoConfig.java:659)
        at com.ca.sa.sso.config.SsoConfig.<init>(SsoConfig.java:628)
        at com.ca.sa.sso.config.SsoConfig.main(SsoConfig.java:57)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at com.zerog.lax.LAX.launch(Unknown Source)
        at com.zerog.lax.LAX.main(Unknown Source)
This Application has Unexpectedly Quit: Invocation of this Java Application has caused an InvocationTargetException. This application will now exit. (LAX)

 

Environment

Release : 3.7.0

Component : IM Reporting / Admin / Configuration

Cause

When configuring SAML2 for encryption/signing, it would fail to encrypt the SAML2 request correctly if there were more than 1 certificate in the keystore specified in saml.properties. Resolution: Updated encryption handling in SSO to use the alias specified in saml.properties to grab the correct certificate from the keystore specified. (3.7.1, DE403655, 01287800)

Resolution

Upgrade to at least PM 3.7.1 or higher

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/performance-management/3-7/release-notes/fixed-issues.html

Symptom:
When configuring SAML2 for encryption/signing, it would fail to encrypt the SAML2 request correctly if there were more than 1 certificate in the keystore specified in saml.properties.

Resolution: Updated encryption handling in SSO to use the alias specified in saml.properties to grab the correct certificate from the keystore specified.
(3.7.1, DE403655, 01287800)

Powered by Wolken Software