jburns80 Super Contributor.
Super Contributor.
486 views

Weird DAL Communication error

We have an issue with a couple of SOAP calls failing with an odd DAL communication error. For back story, we upgraded from 4.6.2 to 4.7.2 and now we have a couple of different SOAP calls failing to the IDMProv/role endpoint. The errors we are seeing are :
2019-01-18 13:32:15,379 TRACE [com.sssw.fw.util.jndi.EboJndiLdapUtility] (https-jsse-nio-8543-exec-10) [RBPM] Find LDAP Search: : null
2019-01-18 13:32:15,380 INFO [com.novell.idm.nrf.soap.ws.role.impl.RoleServiceSkeletonImpl] (https-jsse-nio-8543-exec-10) [RBPM] DAL communication error.
com.novell.idm.nrf.exception.NrfException: DAL communication error.
at com.novell.idm.nrf.service.RoleManagerService.getGroupRoleAssignments(RoleManagerService.java:1348)
at com.novell.idm.nrf.soap.ws.role.impl.RoleServiceDelegate.getGroup(RoleServiceDelegate.java:310)
at com.novell.idm.nrf.soap.ws.role.impl.RoleServiceSkeletonImpl.getGroup(RoleServiceSkeletonImpl.java:231)
at com.novell.idm.nrf.soap.ws.role.IRemoteRole_ServiceSkeleton._invoke(IRemoteRole_ServiceSkeleton.java:344)
at com.novell.soa.ws.server.ServletSkeleton.invokeEndPoint(ServletSkeleton.java:244)
at com.novell.soa.ws.impl.soap.MessageHandlerInvoker.invokeServerMessageHandlers(MessageHandlerInvoker.java:348)
at com.novell.soa.ws.impl.soap.SOAPHandler.handleServerRequest(SOAPHandler.java:84)
at com.novell.soa.ws.impl.rpc.ServerDelegateImpl.handleServerRequest(ServerDelegateImpl.java:92)
at com.novell.soa.ws.server.ServletSkeleton.handleRequest(ServletSkeleton.java:105)
at com.novell.soa.ws.server.ServletSkeleton.doPost(ServletSkeleton.java:366)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.JAASFilter.doFilter(JAASFilter.java:145)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.saml.AuthTokenGeneratorFilter.doFilter(AuthTokenGeneratorFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.auth.sso.SSOFilter.doFilter(SSOFilter.java:135)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.soa.common.i18n.BestLocaleServletFilter.doFilter(BestLocaleServletFilter.java:241)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.ForceNoCacheFilter.doFilter(ForceNoCacheFilter.java:69)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.CrossScriptingFilter.doFilter(CrossScriptingFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.novell.common.HttpSecurityHeadersFilter.doFilter(HttpSecurityHeadersFilter.java:132)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.sssw.fw.exception.EboSecurityException: Error getting a security context for user 'SoapRoleService'.
at com.novell.srvprv.impl.security.SecurityContext.doGetSecurityContext(SecurityContext.java:486)
at com.novell.srvprv.impl.security.SecurityContext.getSystemSecurityContext(SecurityContext.java:295)
at com.novell.idm.nrf.service.RoleManagerService.getGroupRoleAssignments(RoleManagerService.java:1346)
... 57 more
Caused by: com.sssw.fw.exception.EboUnrecoverableSystemException: Unexpected exception occurred while searching
at com.sssw.fw.util.jndi.EboJndiLdapUtility.findSearchResults(EboJndiLdapUtility.java:761)
at com.sssw.fw.directory.realm.impl.jndildap.EboJndiLdapRealm.doJndiSearch(EboJndiLdapRealm.java:1235)
at com.sssw.fw.directory.realm.impl.jndildap.EboJndiLdapRealm.getRealmUser(EboJndiLdapRealm.java:423)
at com.sssw.fw.directory.realm.impl.jndildap.EboJndiLdapRealm.getUser(EboJndiLdapRealm.java:375)
at com.sssw.fw.directory.realm.impl.jndildap.EboJndiLdapCachingRealm.getUser(EboJndiLdapCachingRealm.java:211)
at com.sssw.fw.directory.realm.impl.jndildap.EboJndiLdapCachingRealm.getUser(EboJndiLdapCachingRealm.java:189)
at com.novell.srvprv.impl.security.SecurityContext.doGetSecurityContext(SecurityContext.java:482)
... 59 more
Caused by: javax.naming.InvalidNameException: SoapRoleService: [LDAP: error code 34 - Invalid DN Syntax]; remaining name 'SoapRoleService'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3093)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341)
at sun.reflect.GeneratedMethodAccessor600.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapContextProxyHandler.invokeMethod(EboLdapContextProxyHandler.java:145)
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapContextProxyHandler.invoke(EboLdapContextProxyHandler.java:86)
at com.sun.proxy.$Proxy22.search(Unknown Source)
at com.sssw.fw.util.jndi.EboJndiLdapUtility.findSearchResults(EboJndiLdapUtility.java:752)
Labels (1)
0 Likes
5 Replies
AutomaticReply Absent Member.
Absent Member.

Re: Weird DAL Communication error

jburns80,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

These forums are peer-to-peer, best effort, volunteer run and that if your issue
is urgent or not getting a response, you might try one of the following options:

- Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
all the other self support options and support programs available.
- Open a service request: https://www.microfocus.com/support
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.microfocus.com)
- You might consider hiring a local partner to assist you.
https://www.partnernetprogram.com/partnerfinder/find.html

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.microfocus.com/faq.php

Sometimes this automatic posting will alert someone that can respond.

If this is a reply to a duplicate posting or otherwise posted in error, please
ignore and accept our apologies and rest assured we will issue a stern reprimand
to our posting bot.

Good luck!

Your Micro Focus Forums Team
http://forums.microfocus.com



0 Likes
jburns80 Super Contributor.
Super Contributor.

Re: Weird DAL Communication error

Automatic Reply;2494166 wrote:
jburns80,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

These forums are peer-to-peer, best effort, volunteer run and that if your issue
is urgent or not getting a response, you might try one of the following options:

- Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
all the other self support options and support programs available.
- Open a service request: https://www.microfocus.com/support
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.microfocus.com)
- You might consider hiring a local partner to assist you.
https://www.partnernetprogram.com/partnerfinder/find.html

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.microfocus.com/faq.php

Sometimes this automatic posting will alert someone that can respond.

If this is a reply to a duplicate posting or otherwise posted in error, please
ignore and accept our apologies and rest assured we will issue a stern reprimand
to our posting bot.

Good luck!

Your Micro Focus Forums Team
http://forums.microfocus.com




We've contacted support and they don't know how to fix it either.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Weird DAL Communication error

Since you seem to be using a service account "SoapRoleService" to start
the SOAP call, did you make sure that the account has sufficient privileges?

The message "Caused by: com.sssw.fw.exception.EboSecurityException:
Error getting a security context for user 'SoapRoleService'" could
indicate missing rights.

I'd start with checking if the account has Role Administrator and/or
Provisioning Admin rights, or try the call with the uaadmin account.

Wolfgang


On 23.01.2019 14:54, jburns80 wrote:
>
> Automatic Reply;2494166 Wrote:
>> jburns80,
>>
>> It appears that in the past few days you have not received a response to
>> your
>> posting. That concerns us, and has triggered this automated reply.
>>
>> These forums are peer-to-peer, best effort, volunteer run and that if
>> your issue
>> is urgent or not getting a response, you might try one of the following
>> options:
>>
>> - Visit https://www.microfocus.com/support-and-services and search the
>> knowledgebase and/or check
>> all the other self support options and support programs available.
>> - Open a service request: https://www.microfocus.com/support
>> - You could also try posting your message again. Make sure it is posted
>> in the
>> correct newsgroup. (http://forums.microfocus.com)
>> - You might consider hiring a local partner to assist you.
>> https://www.partnernetprogram.com/partnerfinder/find.html
>>
>> Be sure to read the forum FAQ about what to expect in the way of
>> responses:
>> http://forums.microfocus.com/faq.php
>>
>> Sometimes this automatic posting will alert someone that can respond.
>>
>> If this is a reply to a duplicate posting or otherwise posted in error,
>> please
>> ignore and accept our apologies and rest assured we will issue a stern
>> reprimand
>> to our posting bot.
>>
>> Good luck!
>>
>> Your Micro Focus Forums Team
>> http://forums.microfocus.com

>
>
>
> We've contacted support and they don't know how to fix it either.
>
>

0 Likes
jburns80 Super Contributor.
Super Contributor.

Re: Weird DAL Communication error

We are using the uaadmin account to make the calls at this time. We have a support ticket open but the "backline engineers" have not offered any help at this time.

Wolfgang Schreiber;2494237 wrote:
Since you seem to be using a service account "SoapRoleService" to start
the SOAP call, did you make sure that the account has sufficient privileges?

The message "Caused by: com.sssw.fw.exception.EboSecurityException:
Error getting a security context for user 'SoapRoleService'" could
indicate missing rights.

I'd start with checking if the account has Role Administrator and/or
Provisioning Admin rights, or try the call with the uaadmin account.

Wolfgang


On 23.01.2019 14:54, jburns80 wrote:
>
> Automatic Reply;2494166 Wrote:
>> jburns80,
>>
>> It appears that in the past few days you have not received a response to
>> your
>> posting. That concerns us, and has triggered this automated reply.
>>
>> These forums are peer-to-peer, best effort, volunteer run and that if
>> your issue
>> is urgent or not getting a response, you might try one of the following
>> options:
>>
>> - Visit https://www.microfocus.com/support-and-services and search the
>> knowledgebase and/or check
>> all the other self support options and support programs available.
>> - Open a service request: https://www.microfocus.com/support
>> - You could also try posting your message again. Make sure it is posted
>> in the
>> correct newsgroup. (http://forums.microfocus.com)
>> - You might consider hiring a local partner to assist you.
>> https://www.partnernetprogram.com/partnerfinder/find.html
>>
>> Be sure to read the forum FAQ about what to expect in the way of
>> responses:
>> http://forums.microfocus.com/faq.php
>>
>> Sometimes this automatic posting will alert someone that can respond.
>>
>> If this is a reply to a duplicate posting or otherwise posted in error,
>> please
>> ignore and accept our apologies and rest assured we will issue a stern
>> reprimand
>> to our posting bot.
>>
>> Good luck!
>>
>> Your Micro Focus Forums Team
>> http://forums.microfocus.com

>
>
>
> We've contacted support and they don't know how to fix it either.
>
>
0 Likes
jburns80 Super Contributor.
Super Contributor.

Re: Weird DAL Communication error

Also we can't find any service account called SoapRoleService. We are not using that account to make the soap call. I think that it has something to do with the update and injecting something it should, it only fails for group calls it seems.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.