After upgrading to the OTK 4.4 toolkit, accessing the OAuth manager results in this error:
Gateway log shows:
2021-11-24T09:54:35.774-0500 INFO 385 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: No id_token lookup could be executed
2021-11-24T09:54:35.774-0500 INFO 385 com.l7tech.external.assertions.jdbcquery.server.ServerJdbcQueryAssertion: 9105: "Perform JDBC Query" assertion failed due to no query results via a connection OAuth
2021-11-24T09:54:35.776-0500 WARNING 385 com.l7tech.server.policy.assertion.composite.ServerHandleErrorsAssertion: 11000: Policy processing caught an exception: RaiseErrorAssertion is stopping execution.
2021-11-24T09:54:35.776-0500 INFO 385 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7101: Comparison did not match: ${isCached} is equal to true
2021-11-24T09:54:35.776-0500 INFO 385 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: error.code: '000', error.msg: {
"error":"invalid_request",
"error_description":"The request failed due to some unknown reason"
}
2021-11-24T09:54:35.776-0500 INFO 385 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7103: At least one comparison value was null
2021-11-24T09:54:35.776-0500 INFO 385 com.l7tech.server.MessageProcessor: 3017: Policy evaluation for service oauth/manager [e001cfd0c1cedited18e187b5eedited4e] resulted in status 600 (Assertion Falsified)
2021-11-24T09:54:35.776-0500 WARNING 385 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)
Release :
Component :
Custom Firewall Rule on port 7443 seems to be blocking the upgrade to work properly
1. oracle Database was upgraded without problems to 4.4.1 version using scripts as per documentation
https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-4/upgrade-the-otk.html
2. From Policy Manager upgrade was Failing with error described , From OTK 4.3.1 to 4.4.1
3. Simplifying the environment , with the 7443 Custom Firewall Rule disabled (from Policy Manager the upgrade have solved the issue
4. Customer tested connection again with the FW rule enabled and still working fine.