IM Fatal error - Unable to parse web.xml
search cancel

IM Fatal error - Unable to parse web.xml

book

Article ID: 277107

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

After upgrading CA IM (Identity Manager) 14.3 (over JBoss EAP 6.4) to Symantec IM (Identity Manager) 14.4 (over JBoss EAP 7.2), the application server log shows the following error:

Unable to parse web.xml: java.io.IOException: Server returned HTTP response code: 503 for URL: http://java.sun.com/dtd/web-app_2_3.dtd
 at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1914)
 at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1512)
 at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
 at org.apache.xerces.impl.XMLEntityManager.startEntity(Unknown Source)
 at org.apache.xerces.impl.XMLEntityManager.startDTDEntity(Unknown Source)
 at org.apache.xerces.impl.XMLDTDScannerImpl.setInputSource(Unknown Source)
 at org.apache.xerces.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(Unknown Source)
 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
 at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
 at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
 at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
 at org.apache.myfaces.shared_impl.webapp.webxml.WebXmlParser.parse(WebXmlParser.java:99)
 at org.apache.myfaces.shared_impl.webapp.webxml.WebXml.init(WebXml.java:207)
 at org.apache.myfaces.webapp.StartupServletContextListener.initFaces(StartupServletContextListener.java:85)
 at org.apache.myfaces.webapp.StartupServletContextListener.contextInitialized(StartupServletContextListener.java:51)
 at io.undertow.servlet.core.ApplicationListeners.contextInitialized(ApplicationListeners.java:187)
 at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:216)
 at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:185)
 at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
 at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
 at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
 at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:250)
 at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:96)
 at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
 at java.util.concurrent.FutureTask.run(FutureTask.java:266)
 at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
 at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
 at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
 at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
 at java.lang.Thread.run(Thread.java:750)
 at org.jboss.threads.JBossThread.run(JBossThread.java:485)

 

Environment

Release : 14.4 GA

Component : Identity Manager

Cause

This happens when IM machine cannot access http://java.sun.com/dtd/web-app_2_3.dtd file which resides in the Internet, i.e. Document Type Definition file that defines the structure and the legal elements and attributes of an XML document. IM requires access to the dtd file to parse the \standalone\deployments\iam_im.ear\user_console.war\WEB-INF\web.xml

Resolution

Non-vApp case:

1) Download web-app_2-3.dtd from  http://java.sun.com/dtd/web-app_2_3.dtd

2) Modify web.xml file under user_console.war/WEB-INF

3) Change the following line 

From

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">

To 

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "/absolute path of the dtd location/web-app_2_3.dtd">


Then restart the application server and check the error is gone.

vApp Case (please see additional information before proceeding):

There is no write privilege for 'config' user to modify web.xml file in vApp. Please do the following to workaround this problem.

1. Build a Windows Server with IIS that runs on the network reachable by the vApp

2. Create dtd directory under C:\inetpub\wwwroot directory and store downloaded web-app_2_3.dtd file in there.


3. Using IIS manager, select the Default Web Site node and double-click MIME Type and modify .dtd entry to have application/octet-stream MIME type. Restart the IIS service.

3. On the vApp, add the following custom host entry in /opt/CA/VirtualAppliance/custom/hosts file

<IIS machine IP Address>      java.sun.com

Note: Replace <IIS machine IP Address> with actual IIS machine's IP address

4. On the vApp, run the following alias

configureCustomHostRecords

5. On the vApp, restart IM

restart_im

Additional Information

Fix included in 14.4 CP1. DE504857

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-suite/14-4/release-notes/Virtual-Appliance-Release-Notes/Fixed-Defects/Virtual-Appliance-14-4-1---Fixed-Defects.html

As it's a CP, install the latest CP which at the time of this update (12/2023) is 14.4 CP2 CHF1.

As for Virtual Appliance reach out to Support so we can provide fix.