Hi All,

I've stumbled across a possible bug in UserApp 402 Patch D. It does not
seem to be able to initialize the admin user, granting the roles on
application startup.
Here are my steps:
1. Install 402 from scratch using the integrated installer
2. Configure using the default settings
3. Install engine patch 3
4. Install UA Patch D
5. Try to log in to UA for the first time as uaadmin

Now a java stack trace displays in server.log:
--
2013-12-04 16:00:41,994 INFO [STDOUT] (http-0.0.0.0-8180-3) ERROR
[RBPM]
[com.novell.idm.security.authorization.service.Auth orizationManagerService:init]
Failed to initialize
com.novell.idm.security.authorization.service.Auth orizationManagerService
service!
com.novell.srvprv.spi.service.ServiceException: Failed to initialize
com.novell.idm.security.authorization.service.Auth orizationManagerService
service!
at com.novell.srvprv.impl.service.ServiceBase.init(Se rviceBase.java:90)
at
com.novell.idm.security.authorization.service.Auth orizationManagerService.<init>(AuthorizationManage rService.java:150)

at
com.novell.idm.security.authorization.service.Auth orizationManagerFactory.<init>(AuthorizationManage rFactory.java:56)

at sun.reflect.NativeConstructorAccessorImpl.newInsta nce0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInsta nce(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newI nstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at
com.novell.idm.security.authorization.Authorizatio nManagerServiceFactory.<clinit>(AuthorizationManag erServiceFactory.java:54)

at
com.novell.afw.portal.util.NavigationHelper.hasCom plianceAccess(NavigationHelper.java:628)

at
com.novell.afw.portal.util.NavigationHelper.create HeaderUtilityInformation(NavigationHelper.java:570 )

at
com.novell.afw.portal.portlet.core.header.HeaderPo rtlet.doView(HeaderPortlet.java:250)

at javax.portlet.GenericPortlet.doDispatch(Unknown Source)
at javax.portlet.GenericPortlet.render(Unknown Source)
at com.novell.soa.portlet.IDMBasePortlet.render(IDMBa sePortlet.java:88)
at
com.novell.afw.portlet.core.EboPortletContainer.pr ocessOperation(EboPortletContainer.java:459)

at
com.novell.afw.portlet.core.EboPortletContainer.ge tMarkup(EboPortletContainer.java:217)

at
com.novell.afw.portal.aggregation.EboPortletProxyH elper.renderPortlet(EboPortletProxyHelper.java:287 )

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionHelper.renderSynchPortlets(EboPortalAggregatio nHelper.java:1241)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionHelper.callRender(EboPortalAggregationHelper.j ava:1329)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionControllerImpl.initiateRendering(EboPortalAggr egationControllerImpl.java:1340)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionControllerImpl.attemptPortalRenderResponseFrom Cache(EboPortalAggregationControllerImpl.java:762)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionControllerImpl.renderPortalResponse(EboPortalA ggregationControllerImpl.java:625)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionServlet.handlePortalContainerRequest(EboPortal AggregationServlet.java:732)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionServlet.callService(EboPortalAggregationServle t.java:380)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionServlet.doGet(EboPortalAggregationServlet.java :141)

at javax.servlet.http.HttpServlet.service(HttpServlet .java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:717)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.common.AntiCsrfServletFilter.doFilter(A ntiCsrfServletFilter.java:203)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.afw.portal.i18n.CharacterEncodingFilter .doFilter(CharacterEncodingFilter.java:135)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.soa.common.i18n.URILoggerServletFilter. doFilter(URILoggerServletFilter.java:63)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at com.novell.common.auth.JAASFilter.doFilter(JAASFil ter.java:104)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.common.auth.saml.AuthTokenGeneratorFilt er.doFilter(AuthTokenGeneratorFilter.java:88)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at com.novell.common.auth.sso.SSOFilter.doFilter(SSOF ilter.java:87)
at com.novell.common.auth.sso.KerberosFilter.doFilter (KerberosFilter.java:58)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at com.novell.common.auth.sso.SSOFilter.doFilter(SSOF ilter.java:87)
at com.novell.common.auth.sso.SAPFilter.doFilter(SAPF ilter.java:37)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doF ilter(ReplyHeaderFilter.java:96)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:235)

at
org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:191)

at
org.jboss.web.tomcat.security.SecurityAssociationV alve.invoke(SecurityAssociationValve.java:190)

at
org.apache.catalina.authenticator.AuthenticatorBas e.invoke(AuthenticatorBase.java:433)

at
org.jboss.web.tomcat.security.JaccContextValve.inv oke(JaccContextValve.java:92)

at
org.jboss.web.tomcat.security.SecurityContextEstab lishmentValve.process(SecurityContextEstablishment Valve.java:126)

at
org.jboss.web.tomcat.security.SecurityContextEstab lishmentValve.invoke(SecurityContextEstablishmentV alve.java:70)

at
org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:127)

at
org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)

at
org.jboss.web.tomcat.service.jca.CachedConnectionV alve.invoke(CachedConnectionValve.java:158)

at
org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)

at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:829)
at
org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.process(Http11Protocol.java:598)

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException:
at com.sssw.fw.util.crypto.KeyManager.decrypt(Unknown Source)
at
com.novell.idm.security.authorization.service.Auth orizationManagerService.getLdapAdminDn(Authorizati onManagerService.java:1371)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.processAdministratorReques tInternal(AuthorizationManagerService.java:1090)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.addDomainAdministrator(Aut horizationManagerService.java:680)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.processDomainAdminInitial( AuthorizationManagerService.java:1352)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.initDomainAdmins(Authoriza tionManagerService.java:1208)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.initInternal(Authorization ManagerService.java:934)

at com.novell.srvprv.impl.service.ServiceBase.init(Se rviceBase.java:83)
... 72 more
2013-12-04 16:00:41,997 INFO [STDOUT] (http-0.0.0.0-8180-3) ERROR
[RBPM]
[com.novell.idm.security.authorization.service.Auth orizationManagerFactory:<init>]
Failed to initialize RBPM authorization manager service.
com.novell.srvprv.spi.security.IDMAuthorizationExc eption: Failed to
initialize RBPM authorization manager service.
at
com.novell.idm.security.authorization.service.Auth orizationManagerFactory.<init>(AuthorizationManage rFactory.java:58)

at sun.reflect.NativeConstructorAccessorImpl.newInsta nce0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInsta nce(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newI nstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at
com.novell.idm.security.authorization.Authorizatio nManagerServiceFactory.<clinit>(AuthorizationManag erServiceFactory.java:54)

at
com.novell.afw.portal.util.NavigationHelper.hasCom plianceAccess(NavigationHelper.java:628)

at
com.novell.afw.portal.util.NavigationHelper.create HeaderUtilityInformation(NavigationHelper.java:570 )

at
com.novell.afw.portal.portlet.core.header.HeaderPo rtlet.doView(HeaderPortlet.java:250)

at javax.portlet.GenericPortlet.doDispatch(Unknown Source)
at javax.portlet.GenericPortlet.render(Unknown Source)
at com.novell.soa.portlet.IDMBasePortlet.render(IDMBa sePortlet.java:88)
at
com.novell.afw.portlet.core.EboPortletContainer.pr ocessOperation(EboPortletContainer.java:459)

at
com.novell.afw.portlet.core.EboPortletContainer.ge tMarkup(EboPortletContainer.java:217)

at
com.novell.afw.portal.aggregation.EboPortletProxyH elper.renderPortlet(EboPortletProxyHelper.java:287 )

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionHelper.renderSynchPortlets(EboPortalAggregatio nHelper.java:1241)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionHelper.callRender(EboPortalAggregationHelper.j ava:1329)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionControllerImpl.initiateRendering(EboPortalAggr egationControllerImpl.java:1340)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionControllerImpl.attemptPortalRenderResponseFrom Cache(EboPortalAggregationControllerImpl.java:762)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionControllerImpl.renderPortalResponse(EboPortalA ggregationControllerImpl.java:625)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionServlet.handlePortalContainerRequest(EboPortal AggregationServlet.java:732)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionServlet.callService(EboPortalAggregationServle t.java:380)

at
com.novell.afw.portal.aggregation.EboPortalAggrega tionServlet.doGet(EboPortalAggregationServlet.java :141)

at javax.servlet.http.HttpServlet.service(HttpServlet .java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:717)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.common.AntiCsrfServletFilter.doFilter(A ntiCsrfServletFilter.java:203)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.afw.portal.i18n.CharacterEncodingFilter .doFilter(CharacterEncodingFilter.java:135)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.soa.common.i18n.URILoggerServletFilter. doFilter(URILoggerServletFilter.java:63)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at com.novell.common.auth.JAASFilter.doFilter(JAASFil ter.java:104)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
com.novell.common.auth.saml.AuthTokenGeneratorFilt er.doFilter(AuthTokenGeneratorFilter.java:88)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at com.novell.common.auth.sso.SSOFilter.doFilter(SSOF ilter.java:87)
at com.novell.common.auth.sso.KerberosFilter.doFilter (KerberosFilter.java:58)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at com.novell.common.auth.sso.SSOFilter.doFilter(SSOF ilter.java:87)
at com.novell.common.auth.sso.SAPFilter.doFilter(SAPF ilter.java:37)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doF ilter(ReplyHeaderFilter.java:96)

at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)

at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)

at
org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:235)

at
org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:191)

at
org.jboss.web.tomcat.security.SecurityAssociationV alve.invoke(SecurityAssociationValve.java:190)

at
org.apache.catalina.authenticator.AuthenticatorBas e.invoke(AuthenticatorBase.java:433)

at
org.jboss.web.tomcat.security.JaccContextValve.inv oke(JaccContextValve.java:92)

at
org.jboss.web.tomcat.security.SecurityContextEstab lishmentValve.process(SecurityContextEstablishment Valve.java:126)

at
org.jboss.web.tomcat.security.SecurityContextEstab lishmentValve.invoke(SecurityContextEstablishmentV alve.java:70)

at
org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:127)

at
org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)

at
org.jboss.web.tomcat.service.jca.CachedConnectionV alve.invoke(CachedConnectionValve.java:158)

at
org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)

at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:829)
at
org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.process(Http11Protocol.java:598)

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source)
Caused by: com.novell.srvprv.spi.service.ServiceException: Failed to
initialize
com.novell.idm.security.authorization.service.Auth orizationManagerService
service!
at com.novell.srvprv.impl.service.ServiceBase.init(Se rviceBase.java:90)
at
com.novell.idm.security.authorization.service.Auth orizationManagerService.<init>(AuthorizationManage rService.java:150)

at
com.novell.idm.security.authorization.service.Auth orizationManagerFactory.<init>(AuthorizationManage rFactory.java:56)

... 70 more
Caused by: java.security.AccessControlException:
at com.sssw.fw.util.crypto.KeyManager.decrypt(Unknown Source)
at
com.novell.idm.security.authorization.service.Auth orizationManagerService.getLdapAdminDn(Authorizati onManagerService.java:1371)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.processAdministratorReques tInternal(AuthorizationManagerService.java:1090)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.addDomainAdministrator(Aut horizationManagerService.java:680)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.processDomainAdminInitial( AuthorizationManagerService.java:1352)

at
com.novell.idm.security.authorization.service.Auth orizationManagerService.initDomainAdmins(Authoriza tionManagerService.java:1208)

at com.novell.idm.security.authorization.serv
2013-12-04 16:00:41,997 INFO [STDOUT] (http-0.0.0.0-8180-3)
ice.AuthorizationManagerService.initInternal(Autho rizationManagerService.java:934)

at com.novell.srvprv.impl.service.ServiceBase.init(Se rviceBase.java:83)
... 72 more
--

The workaround is to always log into UserApp after configuration and
before patching.
Regards,

Mark
--
i d f o c u s
Identity | Access | Security
http://www.idfocus.nl