Running Policy Server, the SAML federation journey fails. The Policy Server reports error:

[07/26/2023][13:42:34.103][13:42:34][1704163][139861449242368][TunnelUtils][addProviderPasswords][3993a8a8-7f065b99-3822de12-8b35a401-32a87738-c3][][][][][][][][][][][][][][][][][][][][Exception while attempting to retrieve passwords:
java.lang.NoClassDefFoundError: Could not initialize class com.ca.sso.smcrypto.SmCryptoFacade

This causes the Federation Service to report error:

[07/26/2023][13:42:34][17293][140431700854528][3993a8a8-7f065b99-3822de12-8b35a401-32a87738-c3][SSO.java][processRequest][Transaction with ID: 3993a8a8-7f065b99-3822de12-8b35a401-32a87738-c3 failed. Reason: NO_PROVIDER_INFO_FOUND]
[07/26/2023][13:42:34][17293][140431700854528][3993a8a8-7f065b99-3822de12-8b35a401-32a87738-c3][SSO.java][processRequest][No SAML2 provider information found for SP mySP.]
[07/26/2023][13:42:34][17293][140431700854528][3993a8a8-7f065b99-3822de12-8b35a401-32a87738-c3][SSO.java][processRequest][Ending SAML2 Single Sign-On Service request processing with HTTP error 400]
[07/26/2023][13:42:34][17293][140431700854528][3993a8a8-7f065b99-3822de12-8b35a401-32a87738-c3][ErrorRedirectionHandler.java][redirectToErrorPage][Sending HTTP Error 403 ]

  Policy Server 12.8SP7 on RedHat 8;
   JDK 11;
  Policy Store with 12.7 objects;
  CA Access Gateway (SPS);

The Policy Server JVM is customized and there are missing out of the box configuration.

As per the documentation, port manually the customization, keeping the out of the box configuration (1).

As per best practices, recompile the custom code which uses the same libraries that are given by the out of the box JVMOptions.txt.

Then, introduce the custom applications 1 by 1 in the JVMOptions.txt, validating that each of them runs correctly with the upgraded Policy Server.

The library:

  bin/thirdparty/bc-fips-1.0.2.3.jar
  
was missing from the Policy Server installation folder.

Installing the library back solved the issue.

(1)

    Take a Backup JVMOptions.txt