LDAP connection issue after upgrade to V10.1 javassist.Loader
search cancel

LDAP connection issue after upgrade to V10.1 javassist.Loader

book

Article ID: 230003

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

After upgrading to 10.1 base, LDAP seems to have issues and ssg_0_0.log (or similar) has the following stack trace exception,

com.l7tech.server.SoapMessageProcessingServlet: class jdk.internal.reflect.MethodAccessorImpl loaded by javassist.Loader @18456783 cannot access jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl
java.lang.IllegalAccessError: class jdk.internal.reflect.MethodAccessorImpl loaded by javassist.Loader @18456783 cannot access jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl

...

Or in Policy Manager error report: 

java.lang.IllegalAccessError: class jdk.internal.reflect.MethodAccessorImpl loaded by javassist.Loader @706b68e6 cannot access jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl
 at java.base/java.lang.ClassLoader.defineClass1(Native Method)
 at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
 at javassist.Loader.findClass(Loader.java:420)
 ...

User could also see very high memory usage for the java sun.security.krb5.internal process: 

Gateway could crash. 

 

Environment

API Gateway: 10.0, 10.1

Resolution

NOTE: For Gateway 10.1, please apply CR1 (or higher) patch, as a fix is provided within. 

Logon to the gateway(s)

Login to the Privileged shell

Run the following commands:

[a] wget https://github.com/jboss-javassist/javassist/raw/master/javassist.jar
[b] mv javassist.jar /opt/SecureSpan/Gateway/runtime/lib/
[c] ls /opt/SecureSpan/Gateway/runtime/lib/javassist-3.24.1-GA.jar
[d] mv /opt/SecureSpan/Gateway/runtime/lib/javassist-3.24.1-GA.jar /opt/SecureSpan/
[e] mv /opt/SecureSpan/Gateway/runtime/lib/javassist.jar /opt/SecureSpan/Gateway/runtime/lib/javassist-3.24.1-GA.jar
[f] chmod 444 /opt/SecureSpan/Gateway/runtime/lib/javassist-3.24.1-GA.jar
[g] chown layer7:layer7 /opt/SecureSpan/Gateway/runtime/lib/javassist-3.24.1-GA.jar
[h] service ssg restart

Additional Information

The exception is also seen in policy manager logs on the local system

PM logs located in user folder:

C:\Users\<username\.l7tech

Mar 07, 2022 1:40:42 PM com.l7tech.console.util.AdminContextImpl a

WARNING: Exception during remote API call: com.l7tech.objectmodel.DuplicateObjectException: (thumbprintSha1)  must be unique

Mar 07, 2022 1:41:34 PM com.l7tech.console.util.AdminContextImpl a

WARNING: Exception during remote API call: java.lang.IllegalAccessError: class jdk.internal.reflect.MethodAccessorImpl loaded by javassist.Loader @7102b480 cannot access jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl

Mar 07, 2022 1:41:34 PM com.l7tech.console.logging.DefaultErrorHandler handle

SEVERE: The Policy Manager encountered an internal error or misconfiguration and was unable to complete the operation.

java.lang.IllegalAccessError: class jdk.internal.reflect.MethodAccessorImpl loaded by javassist.Loader @7102b480 cannot access jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl

at java.base/java.lang.ClassLoader.defineClass1(Native Method)

at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)

at javassist.Loader.findClass(Loader.java:420)

at javassist.Loader.loadClass(Loader.java:350)

at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)

 

Powered by Wolken Software