Environment
NetIQ Access Manager 3.2.2
NetIQ Access Manager 4.0.1
NetIQ Access Manager Admin Console
Running ./patchEdir.sh from AM_401_HF3
NetIQ Access Manager 4.0.1
NetIQ Access Manager Admin Console
Running ./patchEdir.sh from AM_401_HF3
Situation
Trying to upgrade from NAM 3.2 SP2 to 4.0 SP1. Install gett a good part of the way
through the upgrade on my admin console, and then get the following
error message -
Upgrading SAML Assertion settings to 4.0.1
Updating SAML Assertion settings...
Changing Auth SAML settings for the idp cluster : ProdIDP
for the user store : ProdLDAP
for the replica : ***.***.***.***
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/xml/security/exceptions/Base64DecodingException
at com.novell.nidp.common.util.PasswordMush.mushToCle ar(y:2079)
at com.volera.vcdn.application.sc.core.InstallManager .D(y:3274)
at com.volera.vcdn.application.sc.core.InstallManager .updateAuthSAMLProviderId(y:2078)
at DatastoreManager.upgrade(DatastoreManager.java:139 7)
at DatastoreManager.main(DatastoreManager.java:1507)
Caused by: java.lang.ClassNotFoundException: org.apache.xml.security.exceptions.Base64DecodingE xception
at java.net.URLClassLoader$1.run(URLClassLoader.java: 366)
at java.net.URLClassLoader$1.run(URLClassLoader.java: 355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.j ava:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:4 24)
at sun.misc.Launcher$AppClassLoader.loadClass(Launche r.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:3 57)
... 5 more
Tried to upgrade from 3.2 SP2 to 4.0 first and then continuing on to 4.0 SP1, but end up with the same error message.
Seen it with Admin Console piece running on SLES 11 SP2 and RedHat 6.4 (although versions probably irrelevant).
Upgrading SAML Assertion settings to 4.0.1
Updating SAML Assertion settings...
Changing Auth SAML settings for the idp cluster : ProdIDP
for the user store : ProdLDAP
for the replica : ***.***.***.***
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/xml/security/exceptions/Base64DecodingException
at com.novell.nidp.common.util.PasswordMush.mushToCle ar(y:2079)
at com.volera.vcdn.application.sc.core.InstallManager .D(y:3274)
at com.volera.vcdn.application.sc.core.InstallManager .updateAuthSAMLProviderId(y:2078)
at DatastoreManager.upgrade(DatastoreManager.java:139 7)
at DatastoreManager.main(DatastoreManager.java:1507)
Caused by: java.lang.ClassNotFoundException: org.apache.xml.security.exceptions.Base64DecodingE xception
at java.net.URLClassLoader$1.run(URLClassLoader.java: 366)
at java.net.URLClassLoader$1.run(URLClassLoader.java: 355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.j ava:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:4 24)
at sun.misc.Launcher$AppClassLoader.loadClass(Launche r.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:3 57)
... 5 more
Tried to upgrade from 3.2 SP2 to 4.0 first and then continuing on to 4.0 SP1, but end up with the same error message.
Seen it with Admin Console piece running on SLES 11 SP2 and RedHat 6.4 (although versions probably irrelevant).
Resolution
This will be fixed in next 4.0 support pack, HF, as well as 4.1. A workaroud
exists in the meantime where we need to add a missing library to the
classpath, which is the source of the error.
Modify ./scripts/ac_upgrade.sh line 211
When ths script is run a file by the name of utils.tar.gz in that same directory is extraced. This includes a ./script/ac_upgrade.sh.
This ac_upgrade.sh script needs the same change.
After making the above change re-bundle the files.
tar zcvf utils.tar.gz ./utils ./schema ./scripts
Now you should be able to run ./patchEdir.sh without issue
Modify ./scripts/ac_upgrade.sh line 211
Original: UPGRADE_CLASSPATH="/opt/novell/devman/bin:/opt/novell/devman/bin/certtool.j ar:$UPGRADE_DEVMAN_LIB_PATH/appvolcc.jar:$UPGRADE_DEVMAN_LIB_PATH/webapp_sc.jar :$UPGRADE_DEVMAN_LIB_PATH/vcdn_sc-webui.jar:$UPGRADE_DEVMAN_LIB_PATH/vcdn_sc.ja r:$UPGRADE_DEVMAN_LIB_PATH/vcdn_platform.jar:$UPGRADE_DEVMAN_LIB_PATH/jdom-1.0. jar:$UPGRADE_DEVMAN_LIB_PATH/jaxen-1.1.jar:$UPGRADE_DEVMAN_PATH/classes:$UPGRAD E_DEVMAN_LIB_PATH/novbp.jar:$UPGRADE_DEVMAN_LIB_PATH/migration.jar:$UPGRADE_DEV MAN_LIB_PATH/certmgr.jar:$TC_SRV_LIB/npki.jar:$SCRIPT_DIR/utils/nids_install.ja r:$TC_SRV_LIB/devman-socket.jar:$TC_SRV_LIB/devman-socket-access.jar:$UPGRADE_D EVMAN_LIB_PATH/appcore.jar:$UPGRADE_DEVMAN_LIB_PATH/vcdn_cc.jar:$UPGRADE_DEVMAN _LIB_PATH/vcdn_cc-webui.jar:$UPGRADE_DEVMAN_LIB_PATH/servletcntl.jar:$TC_SRV_LI B/servlet-api.jar:$UPGRADE_DEVMAN_LIB_PATH/NAMCommon.jar:$UPGRADE_DEVMAN_LIB_PA TH/nxpe.jar:$UPGRADE_DEVMAN_LIB_PATH/dcc-core.jar:$UPGRADE_DEVMAN_LIB_PATH/snmp 4j-agent-2.0.6.jar:$UPGRADE_DEVMAN_LIB_PATH/snmp4j-2.1.0.jar:$UPGRADE_DEVMAN_LI B_PATH/snmp4j-agentx-2.1.0.jar:$UPGRADE_DEVMAN_LIB_PATH/nidp.jar:$UPGRADE_DEVMA N_LIB_PATH/bcprov-jdk15-140.jar" Modified: (Note includes wildcard * on some of the paths to ensure all libs are available to the script) UPGRADE_CLASSPATH="/opt/novell/devman/bin:/opt/novell/devman/bin/certtool.j ar:$UPGRADE_DEVMAN_LIB_PATH/appvolcc.jar:$UPGRADE_DEVMAN_LIB_PATH/webapp_sc.jar :$UPGRADE_DEVMAN_LIB_PATH/vcdn_sc-webui.jar:$UPGRADE_DEVMAN_LIB_PATH/vcdn_sc.ja r:$UPGRADE_DEVMAN_LIB_PATH/vcdn_platform.jar:$UPGRADE_DEVMAN_LIB_PATH/jdom-1.0. jar:$UPGRADE_DEVMAN_LIB_PATH/jaxen-1.1.jar:$UPGRADE_DEVMAN_PATH/classes:$UPGRAD E_DEVMAN_LIB_PATH/novbp.jar:$UPGRADE_DEVMAN_LIB_PATH/migration.jar:$UPGRADE_DEV MAN_LIB_PATH/certmgr.jar:$TC_SRV_LIB/npki.jar:$SCRIPT_DIR/utils/nids_install.ja r:$TC_SRV_LIB/devman-socket.jar:$TC_SRV_LIB/devman-socket-access.jar:$UPGRADE_D EVMAN_LIB_PATH/appcore.jar:$UPGRADE_DEVMAN_LIB_PATH/*:$TC_SRV_LIB/servlet-api.j ar:$UPGRADE_DEVMAN_LIB_PATH/*"You will also see this error when running the /opt/novell/nam/update/HF3/patchEdir.sh which is a manual step required when patching to 4.0.1_HF3.
When ths script is run a file by the name of utils.tar.gz in that same directory is extraced. This includes a ./script/ac_upgrade.sh.
This ac_upgrade.sh script needs the same change.
After making the above change re-bundle the files.
tar zcvf utils.tar.gz ./utils ./schema ./scripts
Now you should be able to run ./patchEdir.sh without issue