Highlighted
Trusted Contributor.
Trusted Contributor.
618 views

Identity Applications 4.7.2 - Audit exception "extra data g

Hi
Enviroment

  • SO: RHEL 7.3
  • Identity Applications 4.7.2 (novell-AUDTplatformagent-2.0.2-81.x86_64)
  • NAuditPA.jar MD5 c4058b61c534bbc76c90ad98e6d6df24
  • Sentinel 8.2



File /etc/logevent.conf
LogHost=10.1.4.43
LogEnginePort=1289
LogReconnectInterval=60
LogCacheDir=/var/opt/novell/naudit/cache
LogCacheLimitAction=roll cache
LogForceCaching=Y
LogDebug=always
LogMaxCacheSize=5120
LogJavaClassPath=/var//opt/novell/naudit/NAuditPA.jar




File /opt/netiq/idm/apps/tomcat/conf/idmuserapp_logging.xml

<appenders>
<!-- CONSOLE and FILE appender are defined in jboss-log4j.xml -->
<!-- Novell Audit appender -->
<appender class="com.netiq.logging.log4j.NauditLog4jAppender" name="NAUDIT">
<param name="Threshold" value="ALL"/>
<param name="ApplicationDetail" value="DirXML"/>
</appender>
<!-- CEF appender -->
<appender class="com.netiq.idm.logging.syslog.CEFSyslogAppender" name="CEF">
<param name="Threshold" value="ALL"/>
</appender>
</appenders>

<loggers>
<logger name="com.novell" level="INFO" additivity="true">

<appender-ref ref="NAUDIT"/>

<!-- remove this line to turn on CEF auditing
<appender-ref ref="CEF"/>
remove this line to turn on CEF auditing -->
</logger>
<logger name="com.sssw" level="INFO" additivity="true">

<appender-ref ref="NAUDIT"/>

<!-- remove this line to turn on CEF auditing
<appender-ref ref="CEF"/>
remove this line to turn on CEF auditing -->
</logger>
<logger name="com.netiq" level="INFO" additivity="true">

<appender-ref ref="NAUDIT"/>

<!-- remove this line to turn on CEF auditing
<appender-ref ref="CEF"/>
remove this line to turn on CEF auditing -->
</logger>
....
</loggers>



In nproduct.log

Thu Jan 24 12:04:12 2019 [jlogevent]: Error: com.novell.naudit.logevent.LogEventException: Error creating certificate:
Unable to initialize, java.io.IOException: extra data given to DerValue constructor
at com.novell.naudit.logevent.LogEvent.doLogOpen(LogEvent.java:287)
at com.novell.naudit.logevent.LogEvent.logOpen(LogEvent.java:99)
at com.novell.naudit.LogEvent.LogOpen(LogEvent.java:208)
at com.netiq.logging.NauditAppenderSkeleton.start(NauditAppenderSkeleton.java:86)
at com.netiq.idm.rest.admin.LoggingService.activateNauditAppender(LoggingService.java:1113)
at com.netiq.idm.rest.admin.LoggingService.updateNAuditConfig(LoggingService.java:983)
at com.netiq.idm.rest.admin.LoggingService.updateAuditConfiguration(LoggingService.java:931)
at com.netiq.idm.rest.admin.LoggingService.updateAuditConfiguration(LoggingService.java:891)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$ResponseOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:168)
at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:67)
at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:259)
at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:133)
at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:83)
at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:133)
at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:71)
at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:990)
at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:941)
at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:932)
at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:384)
at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:451)
at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:632)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.JAASFilter.doFilter(JAASFilter.java:145)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.saml.AuthTokenGeneratorFilter.doFilter(AuthTokenGeneratorFilter.java:108)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.sso.SSOFilter.doFilter(SSOFilter.java:125)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.ForceNoCacheFilter.doFilter(ForceNoCacheFilter.java:69)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.CrossScriptingFilter.doFilter(CrossScriptingFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.HttpSecurityHeadersFilter.doFilter(HttpSecurityHeadersFilter.java:132)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.security.cert.CertificateException: Unable to initialize, java.io.IOException: extra data given to DerValue constructor
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:198)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at com.novell.naudit.logevent.LogEvent.doLogOpen(LogEvent.java:265)
... 68 more
Caused by: java.io.IOException: extra data given to DerValue constructor
at sun.security.util.DerValue.init(DerValue.java:410)
at sun.security.util.DerValue.<init>(DerValue.java:295)
at sun.security.util.DerValue.<init>(DerValue.java:306)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:195)
... 71 more


In Sentinel log (/var/opt/novell/sentinel/log/server 0.0.log) nothing for this server

Where the inconvenience could be.

Additional information, Identity Application server migrate from 4.5.6 to 4.7.2

thanks in advance.
Labels (1)
Tags (3)
0 Likes
3 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Identity Applications 4.7.2 - Audit exception "extra da

letroncoso;2494255 wrote:
Hi
Enviroment

  • SO: RHEL 7.3
  • Identity Applications 4.7.2 (novell-AUDTplatformagent-2.0.2-81.x86_64)
  • NAuditPA.jar MD5 c4058b61c534bbc76c90ad98e6d6df24
  • Sentinel 8.2



File /etc/logevent.conf
LogHost=10.1.4.43
LogEnginePort=1289
LogReconnectInterval=60
LogCacheDir=/var/opt/novell/naudit/cache
LogCacheLimitAction=roll cache
LogForceCaching=Y
LogDebug=always
LogMaxCacheSize=5120
LogJavaClassPath=/var//opt/novell/naudit/NAuditPA.jar




File /opt/netiq/idm/apps/tomcat/conf/idmuserapp_logging.xml

<appenders>
<!-- CONSOLE and FILE appender are defined in jboss-log4j.xml -->
<!-- Novell Audit appender -->
<appender class="com.netiq.logging.log4j.NauditLog4jAppender" name="NAUDIT">
<param name="Threshold" value="ALL"/>
<param name="ApplicationDetail" value="DirXML"/>
</appender>
<!-- CEF appender -->
<appender class="com.netiq.idm.logging.syslog.CEFSyslogAppender" name="CEF">
<param name="Threshold" value="ALL"/>
</appender>
</appenders>

<loggers>
<logger name="com.novell" level="INFO" additivity="true">

<appender-ref ref="NAUDIT"/>

<!-- remove this line to turn on CEF auditing
<appender-ref ref="CEF"/>
remove this line to turn on CEF auditing -->
</logger>
<logger name="com.sssw" level="INFO" additivity="true">

<appender-ref ref="NAUDIT"/>

<!-- remove this line to turn on CEF auditing
<appender-ref ref="CEF"/>
remove this line to turn on CEF auditing -->
</logger>
<logger name="com.netiq" level="INFO" additivity="true">

<appender-ref ref="NAUDIT"/>

<!-- remove this line to turn on CEF auditing
<appender-ref ref="CEF"/>
remove this line to turn on CEF auditing -->
</logger>
....
</loggers>



In nproduct.log

Thu Jan 24 12:04:12 2019 [jlogevent]: Error: com.novell.naudit.logevent.LogEventException: Error creating certificate:
Unable to initialize, java.io.IOException: extra data given to DerValue constructor
at com.novell.naudit.logevent.LogEvent.doLogOpen(LogEvent.java:287)
at com.novell.naudit.logevent.LogEvent.logOpen(LogEvent.java:99)
at com.novell.naudit.LogEvent.LogOpen(LogEvent.java:208)
at com.netiq.logging.NauditAppenderSkeleton.start(NauditAppenderSkeleton.java:86)
at com.netiq.idm.rest.admin.LoggingService.activateNauditAppender(LoggingService.java:1113)
at com.netiq.idm.rest.admin.LoggingService.updateNAuditConfig(LoggingService.java:983)
at com.netiq.idm.rest.admin.LoggingService.updateAuditConfiguration(LoggingService.java:931)
at com.netiq.idm.rest.admin.LoggingService.updateAuditConfiguration(LoggingService.java:891)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$ResponseOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:168)
at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:67)
at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:259)
at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:133)
at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:83)
at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:133)
at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:71)
at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:990)
at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:941)
at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:932)
at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:384)
at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:451)
at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:632)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.JAASFilter.doFilter(JAASFilter.java:145)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.saml.AuthTokenGeneratorFilter.doFilter(AuthTokenGeneratorFilter.java:108)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.sso.SSOFilter.doFilter(SSOFilter.java:125)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.ForceNoCacheFilter.doFilter(ForceNoCacheFilter.java:69)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.CrossScriptingFilter.doFilter(CrossScriptingFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.HttpSecurityHeadersFilter.doFilter(HttpSecurityHeadersFilter.java:132)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.security.cert.CertificateException: Unable to initialize, java.io.IOException: extra data given to DerValue constructor
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:198)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at com.novell.naudit.logevent.LogEvent.doLogOpen(LogEvent.java:265)
... 68 more
Caused by: java.io.IOException: extra data given to DerValue constructor
at sun.security.util.DerValue.init(DerValue.java:410)
at sun.security.util.DerValue.<init>(DerValue.java:295)
at sun.security.util.DerValue.<init>(DerValue.java:306)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:195)
... 71 more


In Sentinel log (/var/opt/novell/sentinel/log/server 0.0.log) nothing for this server

Where the inconvenience could be.

Additional information, Identity Application server migrate from 4.5.6 to 4.7.2

thanks in advance.


I don't like this:


Thu Jan 24 12:04:12 2019 [jlogevent]: Error: com.novell.naudit.logevent.LogEventException: Error creating certificate:
Unable to initialize, java.io.IOException: extra data given to DerValue constructor


It sounds like something unexpected is being passed. Possibly a bug introduced by the new JRE? You should probably get an SR open with Support on this.
0 Likes
Highlighted
Trusted Contributor.
Trusted Contributor.

Re: Identity Applications 4.7.2 - Audit exception "extra da

Ok thank you, we'll see what we recommend
just to add a little more data, I pass the java version

/opt/netiq/common/jre/bin/java -version
openjdk version "1.8.0_192"
OpenJDK Runtime Environment (Zulu 8.33.0.1-linux64) (build 1.8.0_192-b01)
OpenJDK 64-Bit Server VM (Zulu 8.33.0.1-linux64) (build 25.192-b01, mixed mode)
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Identity Applications 4.7.2 - Audit exception "extra data g

On 2019-01-24 16:54, letroncoso wrote:
> - SO: RHEL 7.3
> - Identity Applications 4.7.2
> (novell-AUDTplatformagent-2.0.2-81.x86_64)
> - NAuditPA.jar MD5 c4058b61c534bbc76c90ad98e6d6df24
> - Sentinel 8.2
>
>
>
> File /etc/logevent.conf


With 4.7.2 you should be using CEF logging instead of NAudit:

https://www.netiq.com/documentation/identity-manager-47/configure_auditing/data/configure-identity-manager-components-to-use-cef.html


--
Norbert
--
Norbert
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.