Could not initialize class com.netegrity.smkeydatabase.db.revocation.OCSPResponderHandler

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

When trying to sign the response for the OIDC Provider to send back the token

it seems it can't find this class.

[11/30/2020][10:30:51.040][10:30:51][1000][6276][AccessTokenTunnelService.java][tunnel][][][][][][][][][][][][][][][][][][][][][ Exception caught: java.lang.NoClassDefFoundError: Could not initialize class com.netegrity.smkeydatabase.db.revocation.OCSPResponderHandler

...

Here is the full segmeent of the log - some issue with loading the OCSPResponder class when trying to sign the response :

[11/30/2020][10:30:51.040][10:30:51][1000][6276][IDTokenGenerator.java][signAndEncryptIDToken][][][][][][][][][][][][][][][][][][][][][ Start signing... ]
[11/30/2020][10:30:51.040][10:30:51][1000][6276][AccessTokenTunnelService.java][tunnel][][][][][][][][][][][][][][][][][][][][][ Exception caught: java.lang.NoClassDefFoundError: Could not initialize class com.netegrity.smkeydatabase.db.revocation.OCSPResponderHandler

at com.netegrity.smkeydatabase.db.CertificateDataStoreImpl.initializeOCSPConfig(CertificateDataStoreImpl.java:3505)

at com.netegrity.smkeydatabase.db.CertificateDataStoreImpl.initializeRevocation(CertificateDataStoreImpl.java:3629)

at com.netegrity.smkeydatabase.db.CertificateDataStoreImpl.<init>(CertificateDataStoreImpl.java:232)

at com.netegrity.smkeydatabase.db.CertificateDataStoreFactory.createCertificateDataStore(CertificateDataStoreFactory.java:351)

at com.netegrity.smkeydatabase.db.CertificateDataStoreFactory.createCertificateDataStore(CertificateDataStoreFactory.java:293)

at com.netegrity.smkeydatabase.db.CertificateDataStoreFactory.getCertificateDataStoreInstance(CertificateDataStoreFactory.java:145)

at com.netegrity.smkeydatabase.db.SMKeyDatabase.<init>(SMKeyDatabase.java:94)

at com.ca.federation.openidconnect.util.CertUtil.initKeyDB(Unknown Source)

at com.ca.federation.openidconnect.util.CertUtil.getPrivateKey(Unknown Source)

at com.ca.federation.openidconnect.generator.IDTokenGenerator.signAndEncryptIDToken(Unknown Source)

at com.ca.federation.openidconnect.generator.IDTokenGenerator.generateIDToken(Unknown Source)

at com.ca.federation.openidconnect.tunnel.AccessTokenTunnelService.processTokenGeneration(Unknown Source)

at com.ca.federation.openidconnect.tunnel.AccessTokenTunnelService.tunnel(Unknown Source)

at com.netegrity.policyserver.smapi.TunnelServiceContext.tunnel(TunnelServiceContext.java:245)
]
[11/30/2020][10:30:51.040][10:30:51][1000][6276][CServer.cpp:6845][CServer::Tunnel][][][][][][][][][][][][][-1][SmJavaAPI: Expression evaluation returned a null][][][][][][][Return from tunnel call JavaTunnelService]
[11/30/2020][10:30:51.040][10:30:51][1000][6276][CServer.cpp:6856][CServer::Tunnel][][][][][][][][][][][][][][][][][][][][][Status: Tunnel error: service 'smjavaapi', function 'JavaTunnelService'. SmJavaAPI: Expression evaluation returned a null]
[11/30/2020][10:30:51.040][10:30:51][1000][6276][CServer.cpp:6863][CServer::Tunnel][][][][][][][][][][][][][213][][][][][][][][Leave function CServer::Tunnel]
[11/30/2020][10:30:51.040][10:30:51][1000][6276][CServer.cpp:6372][CServer::ProcessRequest][][][][][][][][][][][][][213][][][][][][][][Leave function CServer::ProcessRequest]

Environment

Release : 12.8.x

Resolution

-> Check the JVMOptions.txt file and define the missing jars to fix this issue.

Example : In this case

<siteminder>/bin/thirdparty/slf4j-api-1.7.32.jar was missing from bootclasspath in JVMOptions.txt

has resolved the issue