Symantec Identity Manager Weblogic mbusds.jwt version conflict
search cancel

Symantec Identity Manager Weblogic mbusds.jwt version conflict

book

Article ID: 382079

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

In IDM 14.5.1 with WebLogic version 12.2.1.4.0. using OIDC authentication is failing with a Weblogic Error 

<2024-10-16T04:47:20.768 PST> <Error> <HTTP> <BEA-101020> <[ServletContext@51793559[app:iam_im module:/iam/im path:null spec-version:3.1]] Servlet failed with an Exception
java.lang.NoSuchMethodError: com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier.verify(Lcom/nimbusds/jwt/JWTClaimsSet;)V
        at com.netegrity.webapp.authentication.openid.OpenIDRPHandler.getIDTokenClaims(OpenIDRPHandler.java:312)
        at com.netegrity.webapp.authentication.openid.OpenIDRPHandler.handleCallBack(OpenIDRPHandler.java:197)
        at com.netegrity.webapp.authentication.openid.OpenIDRPHandler.handle(OpenIDRPHandler.java:71)
        at com.netegrity.webapp.authentication.openid.OpenIDAuthenticationModule.disambiguateUser(OpenIDAuthenticationModule.java:69)
        at com.netegrity.webapp.authentication.FrameworkLoginFilter.disambiguateUser(FrameworkLoginFilter.java:701)

Environment

IDM 14.5.1 with WebLogic 12.2.1.4.0

Cause

The WebLogic server uses the same library com.nimbusds.jwt, but a different version. The IDM uses 7.9 and WebLogic is using 9.37.3. Method verify is different in those versions so that's the reason why it's not working.

Resolution

Workaround :

Use weblogic.xml if you prefer using the local library (/iam_im.ear/user_console.war/WEB-INF/weblogic.xml), add the highlighted line as below:

 <container-descriptor>

                <prefer-web-inf-classes>false</prefer-web-inf-classes>

                <prefer-application-packages>

                        <package-name>com.sun.jersey.*</package-name>

                        <package-name>org.glassfish.jersey.*</package-name>

                        <package-name>org.glassfish.hk2.*</package-name>

                        <package-name>org.jvnet.hk2.*</package-name>

                        <package-name>javax.ws.rs.*</package-name>

                        <package-name>org.eclipse.persistence.jaxb.rs.*</package-name>

                        <package-name>jersey.repackaged.org.objectweb.asm.*</package-name>

                        <package-name>org.codehaus.jackson.*</package-name>

                        <package-name>net.minidev.json.*</package-name>

                        <package-name>com.nimbusds.jwt.*</package-name>

                </prefer-application-packages>

Powered by Wolken Software