Jboss agent : Class not found exception during authorization (RoleMapper)

Document ID : KB000006236
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

After configuring the Jboss following the documentation:

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/installing/install-agents/siteminder-agent-for-jboss

 

We are getting the following when trying to authorize

 

17:05:11,081 DEBUG [org.jboss.security] (http-172.26.66.41:8080-1) PBOX000293: Exception caught: java.security.PrivilegedActionException: java.security.PrivilegedActionException: java.security.PrivilegedActionException: java.lang.ClassNotFoundException: com.ca.soa.agent.jboss.rolemapper.SMJBossRoleMapperProvider from [Module "deployment.cbs2.0.3-1904.ear.cbs.war:main" from Service Module Loader]

at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_92]

at org.jboss.security.plugins.mapping.SecurityActions.loadClass(SecurityActions.java:88) [picketbox-4.1.2.Final-redhat-1.jar:4.1.2.Final-redhat-1]

at org.jboss.security.plugins.mapping.JBossMappingManager.getMappingProvider(JBossMappingManager.java:139) [picketbox-4.1.2.Final-redhat-1.jar:4.1.2.Final-redhat-1]

at org.jboss.security.plugins.mapping.JBossMappingManager.generateMappingContext(JBossMappingManager.java:118) [picketbox-4.1.2.Final-redhat-1.jar:4.1.2.Final-redhat-1]

at org.jboss.security.plugins.mapping.JBossMappingManager.getMappingContext(JBossMappingManager.java:73) [picketbox-4.1.2.Final-redhat-1.jar:4.1.2.Final-redhat-1]

at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:228) [jboss-as-web-7.5.7.Final-redhat-3.jar:7.5.7.Final-redhat-3]

at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.5.15.Final-redhat-1.jar:7.5.15.Final-redhat-1]

at com.ca.soa.agent.appserver.authenticator.jboss.SMJBoss6FormAuthenticator.authenticate(SMJBoss6FormAuthenticator.java:53) [asaagent-jboss6.jar:]

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:404) [jbossweb-7.5.15.Final-redhat-1.jar:7.5.15.Final-redhat-1]

at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.7.Final-redhat-3.jar:7.5.7.Final-redhat-3]

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.15.Final-redhat-1.jar:7.5.15.Final-redhat-1]

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.15.Final-redhat-1.jar:7.5.15.Final-redhat-1]

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.15.Final-redhat-1.jar:7.5.15.Final-redhat-1]

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.15.Final-redhat-1.jar:7.5.15.Final-redhat-1]

...

 

Environment:
Agent for JBoss 12.52SP1 on JBoss 6.4.7 / RedHat Linux
Cause:

This is a problem in the roleMapper definition, the class com.ca.soa.agent.jboss.rolemapper.SMJBossRoleMapperProvider does not exists

Resolution:

in the step

 

> Set Up the Agent Security Interceptor to Protect Web Applications on JBoss 6.x

 

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/installing/install-agents/siteminder-agent-for-jboss/configure-the-ca-siteminder-agent-for-jboss-to-protect-web-applications/set-up-the-agent-security-interceptor-to-protect-web-applications-on-jboss-6-x

 

Comment the following in standalone-full-ha.xml to bypass the class exception

<mapping>

<mapping-module code="com.ca.soa.agent.jboss.rolemapper.SMJBossRoleMapperProvider" type="role"/>

</mapping>