Unable to login to OTK after OTK Toolkit 4.4 Upgrade
search cancel

Unable to login to OTK after OTK Toolkit 4.4 Upgrade

book

Article ID: 231221

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

After upgrading to the OTK 4.4 toolkit, accessing the OAuth manager results in this error: 


Gateway log shows:

2021-11-24T09:54:35.774-0500 INFO    385 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: No id_token lookup could be executed
2021-11-24T09:54:35.774-0500 INFO    385 com.l7tech.external.assertions.jdbcquery.server.ServerJdbcQueryAssertion: 9105: "Perform JDBC Query" assertion failed due to no query results via a connection OAuth
2021-11-24T09:54:35.776-0500 WARNING 385 com.l7tech.server.policy.assertion.composite.ServerHandleErrorsAssertion: 11000: Policy processing caught an exception: RaiseErrorAssertion is stopping execution.
2021-11-24T09:54:35.776-0500 INFO    385 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7101: Comparison did not match: ${isCached} is equal to true
2021-11-24T09:54:35.776-0500 INFO    385 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: error.code: '000', error.msg: {
  "error":"invalid_request",
  "error_description":"The request failed due to some unknown reason"
}
2021-11-24T09:54:35.776-0500 INFO    385 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7103: At least one comparison value was null
2021-11-24T09:54:35.776-0500 INFO    385 com.l7tech.server.MessageProcessor: 3017: Policy evaluation for service oauth/manager [e001cfd0c1cedited18e187b5eedited4e] resulted in status 600 (Assertion Falsified)
2021-11-24T09:54:35.776-0500 WARNING 385 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)

 

Environment

Release :

Component :

Cause

Custom Firewall Rule on port 7443 seems to be blocking the upgrade to work properly

Resolution

1. oracle Database was upgraded without problems to 4.4.1 version using scripts as per documentation

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-4/upgrade-the-otk.html

2. From Policy Manager upgrade was Failing with error described , From OTK 4.3.1 to 4.4.1

3. Simplifying the environment , with the 7443 Custom Firewall Rule disabled (from Policy Manager  the upgrade have solved the issue

4.  Customer  tested connection again with the FW rule enabled and still working fine.

 

Powered by Wolken Software