Error java.lang.NullPointerException when executing NimbusJwtTokenParser.verifyWithRSA on Policy Server
search cancel

Error java.lang.NullPointerException when executing NimbusJwtTokenParser.verifyWithRSA on Policy Server

book

Article ID: 384263

calendar_today

Updated On:

Products

SITEMINDER CA API Gateway

Issue/Introduction


Running Policy Server, when handling the "JSON Web Token Template authentication scheme", and the Policy Server logs reports the error:

[12/12/2024][14:14:22.265][14:14:22][5552][7192][SmAuthUser.cpp:769][][][][][][][][][][][][][][][][][][][][][][LogMessage:INFO:[sm-Server-03580] SmJWTAuthScheme:, [null]][][][][][]
[12/12/2024][14:14:22.265][14:14:22][5552][7192][SmAuthUser.cpp:769][][][][][][][][][][][][][][][][][][][][][][LogMessage:INFO:[sm-Server-03580] java.lang.NullPointerException
     at com.ca.jwt.nimbus.NimbusJwtTokenParser.verifyWithRSA(NimbusJwtTokenParser.java:302)
     at com.ca.sm.jwtauth.SmJWTAuthScheme.disambiguateUser(SmJWTAuthScheme.java:256)
     at com.ca.sm.jwtauth.SmJWTAuthScheme.authenticate(SmJWTAuthScheme.java:106)
     at com.netegrity.policyserver.smapi.SmAuthenticationContext.authenticate(SmAuthenticationContext.java:289)

The JWT is generated on API Gateway.
     

Resolution


On the API Gateway, change the signature algorithm of the JWT to one of those to fix this issue:

  • RSASSA-PKCS-v1_5 using SHA-256
  • RSASSA-PKCS-v1_5 using SHA-384
  • RSASSA-PKCS-v1_5 using SHA-512