When upgrading Gateway OTK from 4.4.x to 4.6.1 the upgrade fails with an error:

"This mapping requires the property “SK_AllowMappingOverride” be set to true by the .skar file author."

Release : 11.0

The most common reason for this error is that there are policies in the otk folders which do not belong to the current OTK solution kit.

Look in the ssg log for the first entry like org.hibernate.engine.jdbc.spi.SqlExceptionHelper: SQL Error: 1451, SQLState: 23000

since the start of the otk upgrade there are a lot of them, only the first one is relevant.

2023-10-17T10:19:01.344+0200 INFO    43 com.l7tech.server.security.rbac.RoleManagerImpl: Deleting obsolete Role #31ee145e009af261551207a46f4fbe26 (Manage maintenance Folder (#c4bc0de10c1b6cad6bdb4e564db836fa))
2023-10-17T10:19:01.382+0200 WARN    43 org.hibernate.engine.jdbc.spi.SqlExceptionHelper: SQL Error: 1451, SQLState: 23000
2023-10-17T10:19:01.382+0200 ERROR   43 org.hibernate.engine.jdbc.spi.SqlExceptionHelper: Cannot delete or update a parent row: a foreign key constraint fails (`ssg`.`policy`, CONSTRAINT

The line before this entry is referring to a folder name which is most likely the cause . 

2023-10-17T10:19:01.344+0200 INFO    43 com.l7tech.server.security.rbac.RoleManagerImpl: Deleting obsolete Role #31ee145e009af261551207a46f4fbe26 (Manage maintenance Folder (#c4bc0de10c1b6cad6bdb4e564db836fa))

In this case the OTK folders contained several files related to Oauth 1.0 which were depreciated a long time ago and should not have been there, another cause is custom policies which do not belong to the oauth solution kit.

Removing the following policies from the OTK folders before the upgrade resolved the problem in this scenario.

• OTK OAuth Manager Security Header Extension
• OTK Authenticate OAuth 1.0 Parameter
• OTK OAuth 1.0 Context Variables
• OTK Require OAuth 1.0 Token
• OTK SCOPE Issue