IM Fatal error - Unable to parse web.xml
Article ID: 277107
Updated On:
Products
Issue/Introduction
After upgrading CA IM (Identity Manager) 14.3 (over JBoss EAP 6.4) to Symantec IM (Identity Manager) 14.4 (over JBoss EAP 7.2), the application server log shows the following error:
Unable to parse web.xml: java.io.IOException: Server returned HTTP response code: 503 for URL: http://java.sun.com/dtd/web-app_2_3.dtd
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1914)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1512)
at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
at org.apache.xerces.impl.XMLEntityManager.startEntity(Unknown Source)
at org.apache.xerces.impl.XMLEntityManager.startDTDEntity(Unknown Source)
at org.apache.xerces.impl.XMLDTDScannerImpl.setInputSource(Unknown Source)
at org.apache.xerces.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at org.apache.myfaces.shared_impl.webapp.webxml.WebXmlParser.parse(WebXmlParser.java:99)
at org.apache.myfaces.shared_impl.webapp.webxml.WebXml.init(WebXml.java:207)
at org.apache.myfaces.webapp.StartupServletContextListener.initFaces(StartupServletContextListener.java:85)
at org.apache.myfaces.webapp.StartupServletContextListener.contextInitialized(StartupServletContextListener.java:51)
at io.undertow.servlet.core.ApplicationListeners.contextInitialized(ApplicationListeners.java:187)
at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:216)
at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:185)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:250)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:96)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
at java.lang.Thread.run(Thread.java:750)
at org.jboss.threads.JBossThread.run(JBossThread.java:485)
Environment
Release : 14.4 GA
Component : Identity Manager
Cause
This happens when IM machine cannot access http://java.sun.com/dtd/web-app_2_3.dtd file which resides in the Internet, i.e. Document Type Definition file that defines the structure and the legal elements and attributes of an XML document. IM requires access to the dtd file to parse the \standalone\deployments\iam_im.ear\user_console.war\WEB-INF\web.xml
Resolution
Non-vApp case:
1) Download web-app_2-3.dtd from http://java.sun.com/dtd/web-app_2_3.dtd
2) Modify web.xml file under user_console.war/WEB-INF
3) Change the following line
From
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
To
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "/absolute path of the dtd location/web-app_2_3.dtd">
Then restart the application server and check the error is gone.
vApp Case (please see additional information before proceeding):
There is no write privilege for 'config' user to modify web.xml file in vApp. Please do the following to workaround this problem.
1. Build a Windows Server with IIS that runs on the network reachable by the vApp
2. Create dtd directory under C:\inetpub\wwwroot directory and store downloaded web-app_2_3.dtd file in there.
3. Using IIS manager, select the Default Web Site node and double-click MIME Type and modify .dtd entry to have application/octet-stream MIME type. Restart the IIS service.
3. On the vApp, add the following custom host entry in /opt/CA/VirtualAppliance/custom/hosts file
<IIS machine IP Address> java.sun.com
Note: Replace <IIS machine IP Address> with actual IIS machine's IP address
4. On the vApp, run the following alias
configureCustomHostRecords
5. On the vApp, restart IM
restart_im
Additional Information
Fix included in 14.4 CP1. DE504857
As it's a CP, install the latest CP which at the time of this update (12/2023) is 14.4 CP2 CHF1.
As for Virtual Appliance reach out to Support so we can provide fix.
Feedback
