Open sachinwalunjakar opened 2 months ago
Shot in the dark - but you are using http (not https) - which can cause all sorts of problems.
On Tue, Apr 9, 2024 at 11:03 PM sachinwalunjakar @.***> wrote:
The following HTML is obtained from ForgeRock. The content of the iframe is retrieved from the url http://example.com/openam/oauth2/cfx_iag/connect/checkSession, where the 404 error occurs when attempting to import the sha256.js script. This iframe is use for getting session state.
<!DOCTYPE html>
OpenIDConnect checkSession <body style="display:none"> <script src="http://example.com/openam/XUI/js/sha256.js"></script> <script type="text/javascript"> window.addEventListener("message", receiveMessage, false); var client_id; function receiveMessage(e){ data = e.data.split(' '); client_id = data[0]; var clientURI = ""; if (e.origin !== clientURI){ return; } var session_state = data[1]; var opbs = getBrowserState(); var ss = CryptoJS.SHA256(client_id + e.origin + opbs).toString(); if (session_state == ss) { stat = 'unchanged'; } else { stat = 'changed'; } e.source.postMessage(stat, e.origin); } function getBrowserState(){ var validSession = false; if (!validSession){ return ""; } var cookieName = "iPlanetDirectoryPro" + "="; var cookies = document.cookie+";"; var cookieStart = cookies.indexOf(cookieName); if (cookieStart != -1) { var end = cookies.indexOf(";", cookieStart); return unescape(cookies.substring(cookieStart + cookieName.length, end)); } return ""; } </script> </body></html>
Getting 404 error when executing this line:
— Reply to this email directly, view it on GitHub https://github.com/ForgeRock/forgeops/issues/680, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADNEZCD25VJ22MTVC23QADY4TBYVAVCNFSM6AAAAABF7XSET2VHI2DSMVQWIX3LMV43ASLTON2WKOZSGIZTINZWGA3TSNQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Hi @wstrange , I don't think this is related to HTTPS. Here http://example.com/openam/XUI/js/sha256.js url itself is throwing 404. Still, it's worth a try to host the forgerock on SSL and test again.
Hi @sachinwalunjakar, what version of forgeops are you using?
Hi @sachinwalunjakar, what version of forgeops are you using?
I am using ForgeRock Access Management 7.4.0.
Are you using the ingress configuration that is provided in ForgeOps? In kustomize/base/ingress/ingress.yaml you'll see that there is no openam endpoint so naturally if you are using an ingress controller like nginx, nginx will throw a 404 as the path doesn't exist. Can you provide some more information about your deployment please? If you run bin/debug-logs and attach the results, it will provide most of this information
I setuped forgerock on, separate VM
, my application is hosted in kubernetes.
Following are logs of OAuth2Provider
, when I refresh the page,
o.f.o.c.BasicOAuth2RequestImpl: 2024-04-12T15:58:30.878+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: Could not read request entity
java.io.IOException: Enclosing message doesn't have the application/x-www-form-urlencoded Content-Type header
[CONTINUED] at org.forgerock.http.protocol.Entity.getFormAsync(Entity.java:364)
[CONTINUED] at org.forgerock.http.protocol.Entity.getForm(Entity.java:344)
[CONTINUED] at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:51)
[CONTINUED] at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:47)
[CONTINUED] at io.vavr.Lazy.computeValue(Lazy.java:162)
[CONTINUED] at io.vavr.Lazy.get(Lazy.java:156)
[CONTINUED] at org.forgerock.oauth2.core.BasicOAuth2RequestImpl.getEntityAsForm(BasicOAuth2RequestImpl.java:169)
[CONTINUED] at org.forgerock.oauth2.core.BasicOAuth2RequestDecorator.getEntityAsForm(BasicOAuth2RequestDecorator.java:64)
[CONTINUED] at org.forgerock.oauth2.core.OAuth2RequestFactory.getParameters(OAuth2RequestFactory.java:265)
[CONTINUED] at org.forgerock.oauth2.core.OAuth2RequestFactory.createWithRequestParameter(OAuth2RequestFactory.java:147)
[CONTINUED] at org.forgerock.oauth2.restlet.AuthorizeResource.getOAuth2Request(AuthorizeResource.java:231)
[CONTINUED] at org.forgerock.oauth2.restlet.AuthorizeResource.authorize(AuthorizeResource.java:144)
[CONTINUED] at jdk.internal.reflect.GeneratedMethodAccessor173.invoke(Unknown Source)
[CONTINUED] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[CONTINUED] at java.base/java.lang.reflect.Method.invoke(Method.java:568)
[CONTINUED] at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:81)
[CONTINUED] at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:77)
[CONTINUED] at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:180)
[CONTINUED] at org.forgerock.oauth2.restlet.OAuth2Filter.filter(OAuth2Filter.java:48)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:88)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.http.routing.Router.handle(Router.java:100)
[CONTINUED] at org.forgerock.openam.cors.CorsFilter.filter(CorsFilter.java:91)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.http.routing.Router.handle(Router.java:100)
[CONTINUED] at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
[CONTINUED] at org.forgerock.http.routing.Router.handle(Router.java:100)
[CONTINUED] at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:95)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:66)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.openam.http.ResponseContext$ResponseContextFilter.filter(ResponseContext.java:53)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.openam.http.OpenAMHttpApplication.lambda$static$1(OpenAMHttpApplication.java:60)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.openam.http.OpenAMHttpApplication.lambda$cacheHeaderFilter$3(OpenAMHttpApplication.java:88)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
[CONTINUED] at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED] at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:282)
[CONTINUED] at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
[CONTINUED] at org.forgerock.openam.http.OpenAMHttpFrameworkServlet.service(OpenAMHttpFrameworkServlet.java:47)
[CONTINUED] at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.validation.LargeCookieWarningFilter.doFilter(LargeCookieWarningFilter.java:48)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.headers.SecureCookieFilter.doFilter(SecureCookieFilter.java:63)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:106)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:116)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.validation.RequestEntitySizeVerificationFilter.doFilter(RequestEntitySizeVerificationFilter.java:74)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:47)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168)
[CONTINUED] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
[CONTINUED] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
[CONTINUED] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
[CONTINUED] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
[CONTINUED] at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670)
[CONTINUED] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
[CONTINUED] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
[CONTINUED] at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
[CONTINUED] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
[CONTINUED] at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928)
[CONTINUED] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794)
[CONTINUED] at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
[CONTINUED] at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
[CONTINUED] at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
[CONTINUED] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[CONTINUED] at java.base/java.lang.Thread.run(Thread.java:833)
[CONTINUED]java.io.IOException: Enclosing message doesn't have the application/x-www-form-urlencoded Content-Type header
at org.forgerock.http.protocol.Entity.getFormAsync(Entity.java:364)
at org.forgerock.http.protocol.Entity.getForm(Entity.java:344)
at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:51)
at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:47)
at io.vavr.Lazy.computeValue(Lazy.java:162)
at io.vavr.Lazy.get(Lazy.java:156)
at org.forgerock.oauth2.core.BasicOAuth2RequestImpl.getEntityAsForm(BasicOAuth2RequestImpl.java:169)
at org.forgerock.oauth2.core.BasicOAuth2RequestDecorator.getEntityAsForm(BasicOAuth2RequestDecorator.java:64)
at org.forgerock.oauth2.core.OAuth2RequestFactory.getParameters(OAuth2RequestFactory.java:265)
at org.forgerock.oauth2.core.OAuth2RequestFactory.createWithRequestParameter(OAuth2RequestFactory.java:147)
at org.forgerock.oauth2.restlet.AuthorizeResource.getOAuth2Request(AuthorizeResource.java:231)
at org.forgerock.oauth2.restlet.AuthorizeResource.authorize(AuthorizeResource.java:144)
at jdk.internal.reflect.GeneratedMethodAccessor173.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:81)
at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:77)
at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:180)
at org.forgerock.oauth2.restlet.OAuth2Filter.filter(OAuth2Filter.java:48)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:88)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.http.routing.Router.handle(Router.java:100)
at org.forgerock.openam.cors.CorsFilter.filter(CorsFilter.java:91)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.http.routing.Router.handle(Router.java:100)
at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
at org.forgerock.http.routing.Router.handle(Router.java:100)
at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:95)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:66)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.openam.http.ResponseContext$ResponseContextFilter.filter(ResponseContext.java:53)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.openam.http.OpenAMHttpApplication.lambda$static$1(OpenAMHttpApplication.java:60)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.openam.http.OpenAMHttpApplication.lambda$cacheHeaderFilter$3(OpenAMHttpApplication.java:88)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:282)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
at org.forgerock.openam.http.OpenAMHttpFrameworkServlet.service(OpenAMHttpFrameworkServlet.java:47)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.validation.LargeCookieWarningFilter.doFilter(LargeCookieWarningFilter.java:48)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.headers.SecureCookieFilter.doFilter(SecureCookieFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:106)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:116)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.validation.RequestEntitySizeVerificationFilter.doFilter(RequestEntitySizeVerificationFilter.java:74)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:47)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:833)
o.f.o.c.BasicOAuth2RequestImpl: 2024-04-12T15:58:30.878+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
WARN: Could not parse request body: No content to map due to end-of-input
[CONTINUED] at [Source: (BufferedReader); line: 1, column: 0]
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.accessTokenLifeTime' and default value '0' is returned.
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.authorizationCodeLifeTime' and default value '0' is returned.
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.defaultMaxAge' and default value '0' is returned.
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.refreshTokenLifeTime' and default value '0' is returned.
o.f.o.c.AuthorizationService: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: Evaluated scope returned PolicyEngineScopeResult{grantedScope=[], deniedScope=[], attributes={}}
o.f.o.c.AuthorizationService: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: Using implied consent
o.f.o.c.AuthorizationService: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No further consent required - [openid, offline_access, profile, group] being granted
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.881+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatelessTokenStore::Creating grant
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.881+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatelessTokenStore::Saving new grant
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.884+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatelessTokenStore::Creating authorization code
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.886+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatefulTokenStore::Saving new authorization code
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.842+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatefulTokenStore::Reading authorization code: d9YRrr_yQ1U4kr65lHZ026f4QvQ
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.844+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Creating access token
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.852+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Creating refresh token
o.f.o.o.t.OpenIdConnectTokenStore: 2024-04-12T15:58:31.852+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: OpenIdConnectTokenStore::Creating OpsToken
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.856+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Saving new refresh token
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.856+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Saving updated grant
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.860+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatefulTokenStore::Saving updated authorization code
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.864+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Creating access token
o.f.o.o.t.OpenIdConnectTokenStore: 2024-04-12T15:58:31.864+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: OpenIdConnectTokenStore::Creating OpenID Connect ID Token
o.f.o.o.s.MappedPurposeDelegatingSecretStore: 2024-04-12T15:58:31.876+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: Looking for active secret for purpose Purpose{'oauth2.oidc.idtoken.signing', SigningKey} in store org.forgerock.openam.oauth2.secrets.MappedPurposeDelegatingSecretStore@67e9f21e
o.f.o.o.s.MappedPurposeDelegatingSecretStore: 2024-04-12T15:58:31.877+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
TRACE: Found active secret for purpose Purpose{'oauth2.oidc.idtoken.signing', SigningKey} in store org.forgerock.openam.oauth2.secrets.MappedPurposeDelegatingSecretStore@67e9f21e: SigningKey{stableId=wU3ifIIaLOUAReRB/FG6eM1P1QM=, expiryTime=2024-04-12T10:33:31.877688992Z, factory=CryptoServiceFactory{provider=SunJCE version 17}, keyUsages=[encrypt, decrypt, sign, verify, agree key, wrap key, unwrap key, verify certificate]}
Are you deploying using the forgeops tooling? Deploying the platform using forgeops requires a specific deployment model using the tooling in this repo? I need to understand more detail about what and how you've deployed to your VM. Deploying without forgeops tooling and not deploying the entire integrated platform is unsupported unfortunately by the forgeops team. You would need to engage Ping Identity(previously ForgeRock) support for on-prem product support
The following HTML is obtained from ForgeRock. The content of the iframe is retrieved from the url
http://example.com/openam/oauth2/cfx_iag/connect/checkSession
, where the 404 error occurs when attempting to import the sha256.js script. This iframe is use for getting session state.Getting 404 error when executing this line:
<script src="http://example.com/openam/XUI/js/sha256.js"></script>