CertificateValidationNode a very strange behavior

test000001 · October 26, 2022, 7:12pm

Hello,

I’m experiencing an awkward issue with a CrtificateValidationNode (AM 7.0.2; JAVA 11) for some reason it fails and I see this stacktrace

 503092 ERROR: Exception in processing the tree
 503093 org.forgerock.openam.auth.node.api.NodeProcessException: Unable to set LDAP Server configuration
 503094 [CONTINUED]     at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode.setLdapStoreParam(CertificateValidationNode.java:346)
 503095 [CONTINUED]     at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode.process(CertificateValidationNode.java:244)
 503096 [CONTINUED]     at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:145)
 503097 [CONTINUED]     at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:196)
 503098 [CONTINUED]     at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:196)
 503099 [CONTINUED]     at org.forgerock.openam.core.rest.authn.trees.AuthTrees.processTree(AuthTrees.java:464)
 503100 [CONTINUED]     at org.forgerock.openam.core.rest.authn.trees.AuthTrees.evaluateTreeAndProcessResult(AuthTrees.java:280)
 503101 [CONTINUED]     at org.forgerock.openam.core.rest.authn.trees.AuthTrees.invokeTree(AuthTrees.java:272)
 503102 [CONTINUED]     at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:228)
 503103 [CONTINUED]     at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:157)
 503104 [CONTINUED]     at jdk.internal.reflect.GeneratedMethodAccessor181.invoke(Unknown Source)
 503105 [CONTINUED]     at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 503106 [CONTINUED]     at java.base/java.lang.reflect.Method.invoke(Method.java:566)
 503107 [CONTINUED]     at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:81)
 503108 [CONTINUED]     at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:77)
 503109 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503110 [CONTINUED]     at org.forgerock.openam.rest.DisableCachingFilter.filter(DisableCachingFilter.java:90)
 503111 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503112 [CONTINUED]     at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:88)
 503113 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503114 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503115 [CONTINUED]     at org.forgerock.openam.cors.CorsFilter.filter(CorsFilter.java:83)
 503116 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503117 [CONTINUED]     at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:85)
 503118 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503119 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503120 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503121 [CONTINUED]     at org.forgerock.openam.rest.RealmRoutingFactory$ChfRealmRouter.handle(RealmRoutingFactory.java:123)
 503122 [CONTINUED]     at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:180)
 503123 [CONTINUED]     at org.forgerock.openam.rest.RealmRoutingFactory$HostnameFilter.filter(RealmRoutingFactory.java:100)
 503124 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503125 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503126 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503127 [CONTINUED]     at org.forgerock.openam.rest.CsrfFilter.filter(CsrfFilter.java:91)
 503128 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503129 [CONTINUED]     at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:59)
 503130 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503131 [CONTINUED]     at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
 503132 [CONTINUED]     at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:
 503132 181)
 503133 [CONTINUED]     at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:263)
 503134 [CONTINUED]     at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
 503135 [CONTINUED]     at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
 503136 [CONTINUED]     at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
 503137 [CONTINUED]     at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:85)
 503138 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503139 [CONTINUED]     at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:51)
 503140 [CONTINUED]     at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
 503141 [CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
 503142 [CONTINUED]     at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:88)
 503143 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503144 [CONTINUED]     at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
 503145 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503146 [CONTINUED]     at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:119)
 503147 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503148 [CONTINUED]     at org.forgerock.openam.http.ResponseContext$ResponseContextFilter.filter(ResponseContext.java:53)
 503149 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503150 [CONTINUED]     at org.forgerock.openam.http.OpenAMHttpApplication.lambda$static$1(OpenAMHttpApplication.java:60)
 503151 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503152 [CONTINUED]     at org.forgerock.openam.http.OpenAMHttpApplication.lambda$cacheHeaderFilter$3(OpenAMHttpApplication.java:88)
 503153 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503154 [CONTINUED]     at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
 503155 [CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503156 [CONTINUED]     at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:262)
 503157 [CONTINUED]     at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
 503158 [CONTINUED]     at org.forgerock.openam.http.OpenAMHttpFrameworkServlet.service(OpenAMHttpFrameworkServlet.java:47)
 503159 [CONTINUED]     at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
 503160 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
 503161 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503162 [CONTINUED]     at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
 503163 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503164 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503165 [CONTINUED]     at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.lambda$doFilter$0(DataStoreConsistencyFilter.java:46)
 503166 [CONTINUED]     at org.forgerock.openam.service.datastore.ReentrantVolatileActionConsistencyController.safeExecute(ReentrantVolatileActionConsistency
 503166 Controller.java:37)
 503167 [CONTINUED]     at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.doFilter(DataStoreConsistencyFilter.java:46)
 503168 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503169 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503170 [CONTINUED]     at org.forgerock.openam.rest.ProtocolVersionFilter.doFilter(ProtocolVersionFilter.java:66)
 503171 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503172 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503173 [CONTINUED]     at org.forgerock.openam.headers.SecureCookieFilter.doFilter(SecureCookieFilter.java:63)
 503174 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503175 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503176 [CONTINUED]     at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:105)
 503177 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503178 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503179 [CONTINUED]     at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
 503180 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503181 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503182 [CONTINUED]     at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
 503183 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503184 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503185 [CONTINUED]     at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
 503186 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503187 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503188 [CONTINUED]     at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
 503189 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503190 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503191 [CONTINUED]     at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:115)
 503192 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503193 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503194 [CONTINUED]     at org.forgerock.openam.validation.RequestEntitySizeVerificationFilter.doFilter(RequestEntitySizeVerificationFilter.java:72)
 503195 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503196 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503197 [CONTINUED]     at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:47)
 503198 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503199 [CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503200 [CONTINUED]     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
 503201 [CONTINUED]     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
 503202 [CONTINUED]     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
 503203 [CONTINUED]     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
 503204 [CONTINUED]     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
 503205 [CONTINUED]     at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
 503206 [CONTINUED]     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
 503207 [CONTINUED]     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
 503208 [CONTINUED]     at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
 503209 [CONTINUED]     at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
 503210 [CONTINUED]     at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
 503211 [CONTINUED]     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590)
 503212 [CONTINUED]     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
 503213 [CONTINUED]     at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
 503214 [CONTINUED]     at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
 503215 [CONTINUED]     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
 503216 [CONTINUED]     at java.base/java.lang.Thread.run(Thread.java:834)
 503217 [CONTINUED]Caused by: java.lang.ClassCastException: class [C cannot be cast to class java.util.Optional ([C and java.util.Optional are in module java
 503217 .base of loader 'bootstrap')
 503218 [CONTINUED]     at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode$Config$ByteBuddy$BRuwIu4D.userBindPassword(Unknown Source)
 503219 [CONTINUED]     at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode.setLdapStoreParam(CertificateValidationNode.java:333)
 503220 [CONTINUED]     ... 122 common frames omitted
 503221 [CONTINUED]org.forgerock.openam.auth.node.api.NodeProcessException: Unable to set LDAP Server configuration
 503222         at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode.setLdapStoreParam(CertificateValidationNode.java:346)
 503223         at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode.process(CertificateValidationNode.java:244)
 503224         at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:145)
 503225         at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:196)
 503226         at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:196)
 503227         at org.forgerock.openam.core.rest.authn.trees.AuthTrees.processTree(AuthTrees.java:464)
 503228         at org.forgerock.openam.core.rest.authn.trees.AuthTrees.evaluateTreeAndProcessResult(AuthTrees.java:280)
 503229         at org.forgerock.openam.core.rest.authn.trees.AuthTrees.invokeTree(AuthTrees.java:272)
 503230         at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:228)
 503231         at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:157)
 503232         at jdk.internal.reflect.GeneratedMethodAccessor181.invoke(Unknown Source)
 503233         at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 503234         at java.base/java.lang.reflect.Method.invoke(Method.java:566)
 503235         at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:81)
 503236         at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:77)
 503237         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503238         at org.forgerock.openam.rest.DisableCachingFilter.filter(DisableCachingFilter.java:90)
 503239         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503240         at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:88)
 503241         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503242         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503243         at org.forgerock.openam.cors.CorsFilter.filter(CorsFilter.java:83)
 503244         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503245         at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:85)
 503246         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503247         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503248         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503249         at org.forgerock.openam.rest.RealmRoutingFactory$ChfRealmRouter.handle(RealmRoutingFactory.java:123)
 503250         at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:180)
 503251         at org.forgerock.openam.rest.RealmRoutingFactory$HostnameFilter.filter(RealmRoutingFactory.java:100)
 503252         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503253         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503254         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503255         at org.forgerock.openam.rest.CsrfFilter.filter(CsrfFilter.java:91)
 503256         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503257         at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:59)
 503258         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503259         at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:188)
 503260         at org.forgerock.caf.authentication.framework.AuthenticationFramework.lambda$onValidateRequestSuccess$1(AuthenticationFramework.java:181)
 503261         at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:263)
 503262         at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
 503263         at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:144)
 503264         at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
 503265         at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:85)
 503266         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503267         at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:51)
 503268         at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
 503269         at org.forgerock.http.routing.Router.handle(Router.java:100)
 503270         at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:88)
 503271         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503272         at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
 503273         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503274         at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:119)
 503275         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503276         at org.forgerock.openam.http.ResponseContext$ResponseContextFilter.filter(ResponseContext.java:53)
 503277         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503278         at org.forgerock.openam.http.OpenAMHttpApplication.lambda$static$1(OpenAMHttpApplication.java:60)
 503279         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503280         at org.forgerock.openam.http.OpenAMHttpApplication.lambda$cacheHeaderFilter$3(OpenAMHttpApplication.java:88)
 503281         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503282         at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
 503283         at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
 503284         at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:262)
 503285         at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
 503286         at org.forgerock.openam.http.OpenAMHttpFrameworkServlet.service(OpenAMHttpFrameworkServlet.java:47)
 503287         at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
 503288         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
 503289         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503290         at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
 503291         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503292         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503293         at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.lambda$doFilter$0(DataStoreConsistencyFilter.java:46)
 503294         at org.forgerock.openam.service.datastore.ReentrantVolatileActionConsistencyController.safeExecute(ReentrantVolatileActionConsistencyControll
 503294 er.java:37)
 503295         at org.forgerock.openam.services.datastore.DataStoreConsistencyFilter.doFilter(DataStoreConsistencyFilter.java:46)
 503296         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503297         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503298         at org.forgerock.openam.rest.ProtocolVersionFilter.doFilter(ProtocolVersionFilter.java:66)
 503299         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503300         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503301         at org.forgerock.openam.headers.SecureCookieFilter.doFilter(SecureCookieFilter.java:63)
 503302         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503303         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503304         at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:105)
 503305         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503306         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503307         at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
 503308         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503309         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503310         at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
 503311         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503312         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503313         at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
 503314         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503315         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503316         at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:80)
 503317         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503318         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503319         at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:115)
 503320         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503321         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503322         at org.forgerock.openam.validation.RequestEntitySizeVerificationFilter.doFilter(RequestEntitySizeVerificationFilter.java:72)
 503323         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503324         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503325         at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:47)
 503326         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
 503327         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
 503328         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
 503329         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
 503330         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
 503331         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
 503332         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
 503333         at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
 503334         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
 503335         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
 503336         at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
 503337         at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
 503338         at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
 503339         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590)
 503340         at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
 503341         at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
 503342         at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
 503343         at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
 503344         at java.base/java.lang.Thread.run(Thread.java:834)
 503345 Caused by: java.lang.ClassCastException: class [C cannot be cast to class java.util.Optional ([C and java.util.Optional are in module java.base of lo 503345 ader 'bootstrap')
 503346         at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode$Config$ByteBuddy$BRuwIu4D.userBindPassword(Unknown Source)
 503347         at org.forgerock.openam.auth.nodes.x509.CertificateValidationNode.setLdapStoreParam(CertificateValidationNode.java:333)
 503348         ... 122 common frames omitted

My question is what I’m doing wrong?

P.S

I entered all mandatory fields and the issue happens only when use OCSP protocol is set to true.

test000001 · October 26, 2022, 7:24pm

P.S.

My configuration looks like this (no matter what values I enter the not does not work),
however OCSP is set to true as it is important for me.

salbertelli01 · October 31, 2022, 8:38pm

Hi @test000001

I agree with odd behavior. Could I recommend raising a ticket with our support center to further assess and identify why that stacktrace is thrown on authenticate attempt when only OCSP is enabled?

Thank you and best regards,
Sheila

test000001 · November 2, 2022, 10:58pm

Thank you,

I’ve registered a ticket

https://bugster.forgerock.org/jira/browse/OPENAM-20235

salbertelli01 · November 3, 2022, 5:13pm

Thanks so much for sharing that update.

I had a look at the Jira and it appears it’s been closed as a duplicate. There’s a comment noting this issue is being tracked by [OPENAM-20242].

For further details about [OPENAM-20242] could I recommend raising a support ticket where as support services can further assist with providing detailed update and issue tracking.

Warm regards,
Sheila

peter.major.idf · November 7, 2022, 7:49pm

FYI the underlying issue is already in JIRA:
https://bugster.forgerock.org/jira/browse/OPENAM-16076

salbertelli01 · November 7, 2022, 9:19pm

Thank you for that information, Peter!