Unable to publish XACML policy in wso2 application manager and throwing NoSuchMethodError exception

1
votes

I followed the steps provided by the below links to create a policy in the wso2 application manager and publshing

http://wso2.com/library/articles/2014/02/use-of-wso2-api-manager-to-validate-fine-grained-policy-decisions-using-xacml/

After created the XACML Policy trying to publish it to PDP,getting the following error

[2014-09-15 15:52:53,007] ERROR - ApplicationDispatcher Servlet.service() for servlet bridgeservlet threw exception
java.lang.NoSuchMethodError: org.wso2.carbon.identity.entitlement.stub.EntitlementPolicyAdminServiceStub.publishPolicies([Ljava
g;Ljava/lang/String;ZI)V
        at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.publish(EntitlementPolicyAdminSer
        at org.apache.jsp.entitlement.publish_002dfinish_jsp._jspService(org.apache.jsp.entitlement.publish_002dfinish_jsp:133)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:403)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
        at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155)
        at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)

I want to integrate the XACML policies in the WSO2 APIM. And below is the XACML policy I want to publish in the wso2 api manager.

<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="TestPolicy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable" Version="1.0">
 <Target>
  <AnyOf>
     <AllOf>
        <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
           <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">foo</AttributeValue>
           <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>
        </Match>
     </AllOf>
  </AnyOf>
</Target>
<Rule Effect="Permit" RuleId="Rule-1">
  <Target>
     <AnyOf>
        <AllOf>
           <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
              <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue>
              <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>
           </Match>
        </AllOf>
     </AnyOf>
  </Target>
  <Condition>
     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of">
        <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/>
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">test</AttributeValue>
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>
     </Apply>
  </Condition>
</Rule>
<Rule Effect="Deny" RuleId="Deny-Rule"/>
</Policy>
2
wso2wso2iswso2-am
Can you share your XACML policy?David Brossard
Hi David Brossard, I have added the XACML policy which I want to publish. Please let me know how to resolve the above issue.Geetha Gupta
The policy looks fine to me. I successfully imported it into the Axiomatics Policy Administration Point. It validates as XACML 3.0. What tool did you use to write it?David Brossard
In the WSO2 API Manager, through "Policy administration" I have wrote that policy. Using try option I am able to validate that policy. But when I trying to publish the policy its giving the above error..Geetha Gupta

2 Answers

0
votes

This is not an error with XACML policy. According in to the error it clearly says that java.lang.NoSuchMethodError: org.wso2.carbon.identity.entitlement.stub.EntitlementPolicyAdminServiceStub.publishPolicies([Ljavag;Ljava/lang/String;ZI)V

So this is a problem with the web service API that you calling. It means most probably there is an API change in the web service API and some component is still calling the older API. As you have installed the XACML features in to API manager, you may have installed some older version of XACML features. However Could you please check whether there are two version of following jar file in the system.

  1. You can go to the <APIM_HOME>/repository/components/plugin directory and search for name.

org.wso2.carbon.identity.entitlement.stub

  1. If there are two jar file, please remove the one jar file (say older version)

  2. Please remove the OSGI entry for that jar file in bundle.info file which can be found at <APIM_HOME>repository/components/default/configuration/org.eclipse.equinox.simpleconfigurator directory

  3. Restart the server and try out your operation.

  4. If did not work, please remove other jar file and add older jar file and also remember add new deleted entry to above file mentioned in step3

This is not the correct way to resolve this. I guess, best thing, you can re-install the XACML features by finding correct P2 repo for the APIM version that you are using. You can find it from here

0
votes

This is due to you have installed wrong feature version of XACML and XACML mediator. Please uninstall the features again using management console and reinstall the correct version.

Example: If your using WSO2 APIM 1.7

  • XACML mediator 4.2.2
  • XACML 4.2.1

is the correct versions you should select. You can find out it using this table.

Reference : https://wso2.org/jira/browse/APIMANAGER-3106