Error: Failed DD Reference for an Attribute EnableIdentityMapping
search cancel

Error: Failed DD Reference for an Attribute EnableIdentityMapping

book

Article ID: 230966

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) SITEMINDER

Issue/Introduction

 

An issue occurs when saving new or modifying existing partnerships in the AdminUI.

In logs, this message shows up:

[ERROR] com.ca.federation.adminui.backingbean.federation.PartnershipListBean [] - **ERROR** com.ca.fedxps.api.remote.FedXPSException during UI operation.
com.ca.fedxps.api.remote.FedXPSException: com.ca.federation.client.XPSException: Failed to get the DD Reference for an Attribute, Attr = CA.FED::PartnershipBase.EnableIdentityMapping, Vendor = CA, Prod = FED, Class = PartnershipBase : CA : XPS : sm-xpssvc-00140
 at com.ca.fedxps.api.remote.FedXPSObjectStore.update(Unknown Source) ~[fedremoteapi.jar:?]

This message indicates that the Data Definition for this object is missing or incorrect.

The standard solution is to reimport the DD files again, in this case, it would be the FedObjects.xdd (1).

However, in this case, importing the FedObjects.xdd or the SmMaster.xdd did not resolve or change the error in any way.

 

Environment

 

Policy Server 12.8SP2
AdminUI 12.8SP3

 

Cause

 

It was noticed that the AdminUI was reporting a version mismatch. The AdminUI was on 12.8SP3 whereas the Policy Server was on 12.8SP2.

This meant the Policy Store, base objects, and Data Definitions would also be at 12.8 SP2.

In the AdminUI, when creating a Partnership, after adding in the User directory, the Enable Identity Mapping checkbox would appear.

However, when looking in XPSExplorer under FED, PartnershipBase, this attribute can't be seen.

For comparison purposes, check the same steps on a 12.SP2 AdminUI, the checkbox did not appear after adding the User Directory.

This meant that the Enable Identity Mapping was new to 12.8 SP3 and did not exist in 12.8 SP2, which is why the UI could not save that setting, preventing the partnership itself from being saved.

 

Resolution

 

The solution is to either:

  1. Upgrade the Policy Server and Stores to 12.8SP3 so they would have the newer Data Definitions imported, which would have the missing attribute needed to save the value of the Enable Identity Mapping checkbox.
  2. Downgrade the AdminUI to 12.8SP2 so that the feature set the UI is using matches the Data Definitions of the Policy Store, meaning no Enable Identity Mapping checkbox in this specific case.

Additional Information

 

(1)

    Import Data Definitions into the Policy Store
    

Powered by Wolken Software