000034059 - Upgrading to RSA Via Lifecycle and Governance 7.0 fails with "Failed to find EncryptAVDBPassword"

Document created by RSA Customer Support Employee on Oct 5, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000034059
Applies ToRSA Product Set: Via Lifecycle and Governance
RSA Product/Service Type: Appliance
RSA Version/Condition: 7.0
RSA Platform: WildFly
 
IssueWhile upgrading to RSA Via Lifecycle and Governance 7.0 you might see the error below in the /tmp/aveksa-install.log:
[Wed Sep 14 13:10:29 CDT 2016]: Found login config file at /home/oracle/jboss-4.2.2.GA/server/default/conf/login-config.xml
[Wed Sep 14 13:10:29 CDT 2016]: Finding configured password for EncryptAVDBPassword
[Wed Sep 14 13:10:29 CDT 2016]: Finding EncryptAVDBPassword in the document
[Wed Sep 14 13:10:29 CDT 2016]: Failed to find EncryptAVDBPassword
Caught: Assertion failed:
(ap.size() == 1)
Assertion failed:
(ap.size() == 1)
at com.aveksa.wildfly.Datasources.findPasswords(Datasources.groovy:344)
at com.aveksa.wildfly.Datasources$findPasswords.callStatic(Unknown Source)
at com.aveksa.wildfly.Datasources.configureDataSources(Datasources.groovy:28)
at com.aveksa.wildfly.Datasources$configureDataSources.call(Unknown Source)
at com.aveksa.wildfly.InstallWildfly.run(InstallWildfly.groovy:34)
Failed to configure Wildfly
CauseThis issue occurs if there are duplicate policy names entries in the login-config.xml file located in /home/oracle/jboss-4.2.2.GA/server/default/conf/login-config.xml:
<!-- These policies used by ACM are inserted in login-config.xml as part of the install process -->
    <application-policy name="EncryptDefaultDSPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avuser</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
            </login-module>
        </authentication>
    </application-policy>
    <application-policy name="EncryptAVDBPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avuser</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdb</module-option>
            </login-module>
        </authentication>
    </application-policy>

    <application-policy name="EncryptAVDWDBPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avdwuser</module-option>
                <module-option name="password">-65b15de74b384b26</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdwdb</module-option>
            </login-module>
        </authentication>
    </application-policy>
    <application-policy name="EncryptACMDBPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">acmdb</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdwdb</module-option>
            </login-module>
        </authentication>
    </application-policy>
    <application-policy name="EncryptAVWFPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avuser</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=XATxCM,name=jdbc/WPDS</module-option>
            </login-module>
        </authentication>
    </application-policy>
    
    <application-policy name="EncryptAVPERFPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">perfstat</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdb</module-option>
            </login-module>
        </authentication>
    </application-policy>
    
    <!-- This is the  policies is for Jboss access and the Aveksa Web App -->    
    <application-policy name = "TestAuthProvider">
       <authentication>
          <login-module code = "com.aveksa.server.authentication.TestLoginModule"
          flag = "required">
          </login-module>
       </authentication>
    </application-policy>
    
    
    <!-- These policies used by ACM are inserted in login-config.xml as part of the install process -->
    <application-policy name="EncryptDefaultDSPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avuser</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
            </login-module>
        </authentication>
    </application-policy>
    <application-policy name="EncryptAVDBPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avuser</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdb</module-option>
            </login-module>
        </authentication>
    </application-policy>

    <application-policy name="EncryptAVDWDBPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avdwuser</module-option>
                <module-option name="password">-65b15de74b384b26</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdwdb</module-option>
            </login-module>
        </authentication>
    </application-policy>
    <application-policy name="EncryptACMDBPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">acmdb</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdwdb</module-option>
            </login-module>
        </authentication>
    </application-policy>
    <application-policy name="EncryptAVWFPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">avuser</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=XATxCM,name=jdbc/WPDS</module-option>
            </login-module>
        </authentication>
    </application-policy>
    
    <application-policy name="EncryptAVPERFPassword">
        <authentication>
            <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
                <module-option name="username">perfstat</module-option>
                <module-option name="password">-91f121c430503dd</module-option>
                <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=avdb</module-option>
            </login-module>
        </authentication>
    </application-policy>
ResolutionA proper login-config.xml file will not have duplicate entries of the policy names. To resolve this issue look for duplicate entries of the policy name in the login-config.xml file and remove them. You can also import the login-config.xml file from another environment which does not have duplicate entries in it.
Once you clear the duplicate entries you can either restart the upgrade process following steps in the RSA Via Lifecycle and Governance Upgrade and Migration Guide or you can uninstall Oracle and start over with a clean installation, following the RSA Via Lifecycle and Governance Installation Guide V7.0, depending on the appliance.
 

Attachments

    Outcomes