Unable to configure OpenAM in Azure Cloud with cookie domain name cloudapp.net

This topic has 2 replies, 2 voices, and was last updated 6 years, 10 months ago by [email protected].

  • Author
    Posts
  • #6918

    Hi,
    I am trying to configure the OpenAM 12.0 with JBoss 7.0 in Azure VM which has domain Name cloudapp.net.
    I installed OpenAM in Jboss.
    The Configuration Progress Screen will display the progress of the installation and take a couple of minutes to run through. return with errors. The configuration is getting failed due to cookie domain name is cloudapp.net. we should not use the top level domain name as cookie domain for the OpenAM configuration.
    I am unable to configure OpenAM in Azure Cloud with cookie domain name cloudapp.net
    Please guide me how i can install the OpenAM in the azure environment.
    Advance Thank you.

    #6922
     bthalmayr
    Participant

    As you can read from https://publicsuffix.org/list/public_suffix_list.dat, domain “cloudapp.net” is listed as a public suffix. Due to this browsers have to drop domain cookies.

    Instead you have to use host-based cookies by removing all values from the cookie domain list in platform service.

    You could do this via ssoadm CLI tool

    
    ssoadm remove-attr-defs -u amadmin -f PATH_TO_PWD_FILE -s iPlanetAMPlatformService -t global -a iplanet-am-platform-cookie-domains
    #6963

    Thank you Bthalmayr for the answer.

    I tried as you mentioned and started configuring, seeing successfully configured message but it got struck for hours and not moving further.when press ctrl+c(forcefully stop the configuration) i could see error in the installation log.

    AMSetupServlet.processRequest: errorcom.sun.identity.common.configuration.ConfigurationException: OpenDJ 
    cannot be started.
    
    Please find the complete installation.log below:
    
    
    Checking configuration directory C:/Users/user4/openam....Success.
    Installing OpenAM configuration store...Success RSA/ECB/OAEPWithSHA1AndMGF1Padding.
    Extracting OpenDJ, please wait...Complete
    Running OpenDJ setupSetup command: --cli --adminConnectorPort 4444 --baseDN dc=openam,dc=forgerock,dc=org --rootUserDN cn=Directory Manager --ldapPort 50389 --skipPortCheck --rootUserPassword xxxxxxx --jmxPort 1689 --no-prompt --doNotStart --hostname azopenam.cloudapp.net 
    
    See C:\Users\USER~1\AppData\Local\Temp\2\opendj-setup-7907849311375606947.log for a detailed log of this operation.
    
    Configuring Directory Server ..... Done.
    
    To see basic server configuration status and configuration you can launch C:\Users\user4\openam\opends\dev\status.bat
    
    ...Success.
    ...Success
    Installing OpenAM configuration store in C:/Users/user4/openam/opends...Success.
    Creating OpenAM suffixImport task 20160120101541539 scheduled to start immediately
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=0 msgID=9896349 message="Import task 20160120101541539 started execution"
    
    [20/Jan/2016:10:15:41 +0000] severity="INFORMATION" msgCount=1 msgID=9437595 message="Local DB backend userRoot does not specify the number of lock tables: defaulting to 97"
    
    [20/Jan/2016:10:15:41 +0000] severity="INFORMATION" msgCount=2 msgID=9437594 message="Local DB backend userRoot does not specify the number of cleaner threads: defaulting to 24 threads"
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=3 msgID=9896306 message="The backend userRoot is now taken offline"
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=4 msgID=20381717 message="Installation Directory:  C:\Users\user4\openam\opends"
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=5 msgID=20381719 message="Instance Directory:      C:\Users\user4\openam\opends"
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=6 msgID=20381713 message="JVM Information: 1.7.0_25-b17 by Oracle Corporation, 64-bit architecture, 9544400896 bytes heap size"
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=7 msgID=20381714 message="JVM Host: azopenam.cloudapp.net, running Windows Server 2012 6.2 amd64, 15031914496 bytes physical memory size, number of processors available 2"
    
    [20/Jan/2016:10:15:41 +0000] severity="NOTICE" msgCount=8 msgID=20381715 message="JVM Arguments: "-Xloggc:D:\jboss-eap-6.4\standalone\log\gc.log", "-verbose:gc", "-XX:+PrintGCDetails", "-XX:+PrintGCDateStamps", "-XX:+UseGCLogFileRotation", "-XX:NumberOfGCLogFiles=5", "-XX:GCLogFileSize=3M", "-XX:-TraceClassUnloading", "-XX:+UseCompressedOops", "-Dprogram.name=standalone.bat", "-Xms2G", "-Xmx10G", "-XX:MaxPermSize=2G", "-Djava.net.preferIPv4Stack=true", "-Djboss.modules.policy-permissions=true", "-Djboss.modules.system.pkgs=org.jboss.byteman", "-Dorg.jboss.boot.log.file=D:\jboss-eap-6.4\standalone\log\server.log", "-Dlogging.configuration=file:D:\jboss-eap-6.4\standalone\configuration/logging.properties""
    
    [20/Jan/2016:10:15:42 +0000] severity="NOTICE" msgCount=9 msgID=8847546 message="The amount of free memory available to the import task is 3272378544 bytes. The number of phase one buffers required is 160 buffers"
    
    [20/Jan/2016:10:15:42 +0000] severity="NOTICE" msgCount=10 msgID=8847568 message="The amount memory available to the temporary DN cache environment is 2760509616 bytes"
    
    [20/Jan/2016:10:15:42 +0000] severity="NOTICE" msgCount=11 msgID=8847545 message="Setting DB cache size to 8388608 bytes and phase one buffer size to to 2097152 bytes"
    
    [20/Jan/2016:10:15:43 +0000] severity="NOTICE" msgCount=12 msgID=8847533 message="OpenDJ 2.6.2 starting import (build 20141008105905Z, R11096)"
    
    [20/Jan/2016:10:15:43 +0000] severity="NOTICE" msgCount=13 msgID=8847449 message="Import Thread Count: 4 threads"
    
    [20/Jan/2016:10:15:44 +0000] severity="NOTICE" msgCount=14 msgID=8847556 message="The available memory for phase two processing is 3272378544 bytes. The read ahead cache size is 2097152 bytes calculated using 4 buffers"
    
    [20/Jan/2016:10:15:44 +0000] severity="NOTICE" msgCount=15 msgID=8847569 message="Total import time was 0 seconds. Phase one processing completed in 0 seconds, phase two processing completed in 0 seconds"
    
    [20/Jan/2016:10:15:44 +0000] severity="NOTICE" msgCount=16 msgID=8847454 message="Processed 3 entries, imported 3, skipped 0, rejected 0 and migrated 0 in 0 seconds (average rate 4.9/sec)"
    
    [20/Jan/2016:10:15:44 +0000] severity="NOTICE" msgCount=17 msgID=8847536 message="Import LDIF environment close took 0 seconds"
    
    [20/Jan/2016:10:15:44 +0000] severity="INFORMATION" msgCount=18 msgID=9437595 message="Local DB backend userRoot does not specify the number of lock tables: defaulting to 97"
    
    [20/Jan/2016:10:15:44 +0000] severity="INFORMATION" msgCount=19 msgID=9437594 message="Local DB backend userRoot does not specify the number of cleaner threads: defaulting to 24 threads"
    
    [20/Jan/2016:10:15:45 +0000] severity="NOTICE" msgCount=20 msgID=8847402 message="The database backend userRoot containing 3 entries has started"
    
    [20/Jan/2016:10:15:45 +0000] severity="INFORMATION" msgCount=21 msgID=12582962 message="Added 1 Access Control Instruction (ACI) attribute types found in context "dc=openam,dc=forgerock,dc=org" to the access control evaluation engine"
    
    [20/Jan/2016:10:15:45 +0000] severity="NOTICE" msgCount=22 msgID=9896350 message="Import task 20160120101541539 finished execution"
    
    Import task 20160120101541539 has been successfully completed
    
    ...Success
    AMSetupServlet.processRequest: errorcom.sun.identity.common.configuration.ConfigurationException: OpenDJ cannot be started.
    
    	at com.sun.identity.setup.AMSetupServlet.setupEmbeddedDS(AMSetupServlet.java:974)
    
    	at com.sun.identity.setup.AMSetupServlet.setupSMDatastore(AMSetupServlet.java:1020)
    
    	at com.sun.identity.setup.AMSetupServlet.configure(AMSetupServlet.java:1092)
    
    	at com.sun.identity.setup.AMSetupServlet.processRequest(AMSetupServlet.java:693)
    
    	at com.sun.identity.setup.AMSetupServlet.doPost(AMSetupServlet.java:613)
    
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
    
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
    
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)
    
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
    
    	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
    
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246)
    
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
    
    	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:117)
    
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246)
    
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
    
    	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231)
    
    	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
    
    	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
    
    	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150)
    
    	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
    
    	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
    
    	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
    
    	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854)
    
    	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
    
    	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
    
    	at java.lang.Thread.run(Thread.java:724)

    `

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?