org.forgerock.json.JsonValueException: /password Decryption failed

This topic has 2 replies, 2 voices, and was last updated 4 years, 4 months ago by jamesliu_london.

  • Author
    Posts
  • #21927
     jamesliu_london
    Participant

    I’m trying to cluster IDM 5.5.0 against external DS and SQL.
    I’m not sure what this error refers to.

    May 26, 2018 8:40:37 PM org.forgerock.http.servlet.HttpFrameworkServlet lambda$service$1
    SEVERE: RuntimeException caught
    org.forgerock.json.JsonValueException: /password: org.forgerock.json.crypto.JsonCryptoException: Decryption failed
    at org.forgerock.json.crypto.JsonDecryptFunction.traverseMap(JsonDecryptFunction.java:48)
    at org.forgerock.json.JsonValueTraverseFunction.traverse(JsonValueTraverseFunction.java:50)
    at org.forgerock.json.JsonValueTraverseFunction.apply(JsonValueTraverseFunction.java:42)
    at org.forgerock.json.JsonValueTraverseFunction.apply(JsonValueTraverseFunction.java:25)
    at org.forgerock.openidm.crypto.impl.CryptoServiceImpl.decrypt(CryptoServiceImpl.java:150)
    at org.forgerock.openidm.crypto.impl.CryptoServiceImpl.decryptIfNecessary(CryptoServiceImpl.java:168)
    at org.forgerock.openidm.auth.ResourceQueryAuthenticator.getRepoUserInfo(ResourceQueryAuthenticator.java:164)
    at org.forgerock.openidm.auth.ResourceQueryAuthenticator.authenticate(ResourceQueryAuthenticator.java:106)
    at org.forgerock.openidm.auth.modules.DelegatedAuthModule.authenticate(DelegatedAuthModule.java:184)
    at org.forgerock.openidm.auth.modules.DelegatedAuthModule.validateRequest(DelegatedAuthModule.java:141)
    at org.forgerock.openidm.auth.modules.IDMAuthModuleWrapper.validateRequest(IDMAuthModuleWrapper.java:277)
    at org.forgerock.caf.authentication.framework.AuthModules$WrappedAuthModule.validateRequest(AuthModules.java:515)
    at org.forgerock.caf.authentication.framework.AuthModules$LoggingAuthModule.validateRequest(AuthModules.java:426)
    at org.forgerock.caf.authentication.framework.AuthModules$WrappedAuthModule.validateRequest(AuthModules.java:515)
    at org.forgerock.caf.authentication.framework.AuthModules$AuditingAuthModule.validateRequest(AuthModules.java:330)
    at org.forgerock.caf.authentication.framework.AuthModules$WrappedAuthModule.validateRequest(AuthModules.java:515)
    at org.forgerock.caf.authentication.framework.AuthModules$ValidatingAuthModule.validateRequest(AuthModules.java:289)
    at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.validateRequest(FallbackAuthContext.java:109)
    at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.access$100(FallbackAuthContext.java:91)
    at org.forgerock.caf.authentication.framework.FallbackAuthContext.validateRequest(FallbackAuthContext.java:88)
    at org.forgerock.caf.authentication.framework.AggregateAuthContext.lambda$validateRequest$1(AggregateAuthContext.java:82)
    at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
    at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
    at org.forgerock.caf.authentication.framework.AggregateAuthContext.validateRequest(AggregateAuthContext.java:80)
    at org.forgerock.caf.authentication.framework.AuthContexts$WrappedAuthContext.validateRequest(AuthContexts.java:322)
    at org.forgerock.caf.authentication.framework.AuthContexts$LoggingAuthContext.validateRequest(AuthContexts.java:263)
    at org.forgerock.caf.authentication.framework.AuthContexts$WrappedAuthContext.validateRequest(AuthContexts.java:322)
    at org.forgerock.caf.authentication.framework.AuthContexts$AuditingAuthContext.validateRequest(AuthContexts.java:216)
    at org.forgerock.caf.authentication.framework.AuthContexts$WrappedAuthContext.validateRequest(AuthContexts.java:322)
    at org.forgerock.caf.authentication.framework.AuthContexts$ValidatingAuthContext.validateRequest(AuthContexts.java:182)
    at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:142)
    at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
    at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
    at org.forgerock.openidm.auth.AuthFilterWrapper.filter(AuthFilterWrapper.java:82)
    at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
    at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:75)
    at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
    at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:258)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
    at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
    at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:257)
    at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:220)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:284)
    at com.sun.proxy.$Proxy59.doFilter(Unknown Source)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
    at org.eclipse.jetty.servlets.UserAgentFilter.doFilter(UserAgentFilter.java:83)
    at org.eclipse.jetty.servlets.GzipFilter.doFilter(GzipFilter.java:365)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:284)
    at com.sun.proxy.$Proxy59.doFilter(Unknown Source)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
    at org.eclipse.jetty.servlets.UserAgentFilter.doFilter(UserAgentFilter.java:83)
    at org.eclipse.jetty.servlets.GzipFilter.doFilter(GzipFilter.java:365)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:284)
    at com.sun.proxy.$Proxy59.doFilter(Unknown Source)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
    at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:257)
    at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:220)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:284)
    at com.sun.proxy.$Proxy59.doFilter(Unknown Source)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
    at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:257)
    at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:220)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:284)
    at com.sun.proxy.$Proxy59.doFilter(Unknown Source)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:276)
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
    at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
    at org.eclipse.jetty.server.Server.handle(Server.java:499)
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
    at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
    at java.lang.Thread.run(Thread.java:748)
    Caused by: org.forgerock.json.crypto.JsonCryptoException: Decryption failed
    at org.forgerock.json.crypto.simple.SimpleDecryptor.decrypt(SimpleDecryptor.java:113)
    at org.forgerock.json.crypto.JsonDecryptFunction.traverseMap(JsonDecryptFunction.java:42)
    … 105 more

    #22183
     pryton
    Participant

    as which type is your password handed to the decrypt function?

    #22184
     jamesliu_london
    Participant

    I think the issue was, my cluster was using identical keystrokes; then identical datasource.jdbc-default.json files…. but not at the same time.

    I’ve sync’d keystore files now, and sync’d datasource.jdbc-default.json files (with plaintext password) on all the boxes. I’m running through the tests at the moment – time will tell.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?