IM Fatal error - Unable to parse web.xml
search cancel

IM Fatal error - Unable to parse web.xml

book

Article ID: 213792

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

After migrating CA IM (Identity Manager) 14.2 (over JBoss eap6.4) to Symantec IM (Identity Manager) 14.4 (over JBoss eap 7.2 / Wildfly 15.x), the application server log shows following error:

15:07:13,219 FATAL [org.apache.myfaces.shared_impl.webapp.webxml.WebXmlParser] (ServerService Thread Pool -- 124) Unable to parse web.xml: java.net.UnknownHostException: java.sun.com
 at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184) [rt.jar:1.8.0_181]
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) [rt.jar:1.8.0_181]
 at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) [rt.jar:1.8.0_181]
 at java.net.Socket.connect(Socket.java:589) [rt.jar:1.8.0_181]
 at java.net.Socket.connect(Socket.java:538) [rt.jar:1.8.0_181]
 at sun.net.NetworkClient.doConnect(NetworkClient.java:180) [rt.jar:1.8.0_181]

Environment

Release : 14.4 GA, 14.5

Component : IdentityMinder(Identity Manager)

Cause

This happens when IM machine cannot access http://java.sun.com/dtd/web-app_2_3.dtd file which resides in the Internet, i.e. Document Type Definition file that defines the structure and the legal elements and attributes of an XML document. IM requires access to the dtd file to parse the \standalone\deployments\iam_im.ear\user_console.war\WEB-INF\web.xml

 

Resolution

Non-vApp case:

1) Download web-app_2-3.dtd from  http://java.sun.com/dtd/web-app_2_3.dtd

2) Modify web.xml file under user_console.war/WEB-INF

3) Change the following line 

From

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">

To 

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "/absolute path of the dtd location/web-app_2_3.dtd">


Then restart the application server and check the error is gone.

vApp Case (please see additional information before proceeding):

There is no write privilege for 'config' user to modify web.xml file in vApp. Please do the following to workaround this problem.

1. Build a Windows Server with IIS that runs on the network reachable by the vApp

2. Create dtd directory under C:\inetpub\wwwroot directory and store downloaded web-app_2_3.dtd file in there.


3. Using IIS manager, select the Default Web Site node and double-click MIME Type and modify .dtd entry to have application/octet-stream MIME type. Restart the IIS service.

3. On the vApp, add the following custom host entry in /opt/CA/VirtualAppliance/custom/hosts file

<IIS machine IP Address>      java.sun.com

Note: Replace <IIS machine IP Address> with actual IIS machine's IP address

4. On the vApp, run the following alias

configureCustomHostRecords

5. On the vApp, restart IM

restart_im

Additional Information

Fix included in 14.4 CP1. DE504857

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-suite/14-4/release-notes/Virtual-Appliance-Release-Notes/Fixed-Defects/Virtual-Appliance-14-4-1---Fixed-Defects.html

As its a CP, install the latest CP which at the time of this update (5/2023) is 14.4 CP2. 

As for Virtual Appliance reach out to Support so we can provide fix.

Powered by Wolken Software