RSA FIM error 'The specified role is not defined in Entity'

3 years ago

Originally Published: 2014-06-17

Article Number

000048941

Applies To

RSA Federated Identity Manger (FIM) 4.1
This error should not occur if the default FIM endpoints are used. This error indicates that the partner is trying to initiate SLO (Single Log Out) as an SP against the SP SLO endpoint URL, or as and IDP against the IDP endpoint URL. FIM cannot identify the SLO request as the endpoint is not correct for the SP role (or IDP role).

Issue

RSA FIM error "The specified role is not defined in Entity"
The following stack trace is thrown in the system.log and debug.log:

om.rsa.fim.profile.logout.LogoutProfileException: Exception encountered at the top-level of the profile bean: The specified role is not defined in Entity

at com.rsa.fim.profile.logout.LogoutHelper.handleThrowable(LogoutHelper.java:1181)

at com.rsa.fim.profile.logout.LogoutProfileBean.processLogoutRequest(LogoutProfileBean.java:517)

at com.rsa.fim.profile.common.FIMProfileBean.processLogoutRequest(FIMProfileBean.java:134)

at com.rsa.fim.profile.common.FIMProfile_mzkd72_EOImpl.processLogoutRequest(FIMProfile_mzkd72_EOImpl.java:589)

at com.rsa.fim.servlet.logout.LogoutService.doGet(LogoutService.java:66)

at com.rsa.fim.servlet.logout.LogoutService.doPost(LogoutService.java:120)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226)

at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)

at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)

at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)

at com.rsa.fim.servlet.FIMGenericServletFilter.doFilter(FIMGenericServletFilter.java:38)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)

at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393)

at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

at weblogic.security.service.SecurityManager.runAs(Unknown Source)

at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)

at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)

at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)

at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)

at weblogic.work.ExecuteThread.run(ExecuteThread.java:172)

Caused by: com.rsa.fim.exception.ProfileException: The specified role is not defined in Entity

at com.rsa.fim.profile.util.ProfileHelper.nullCheck(ProfileHelper.java:2088)

at com.rsa.fim.profile.util.ProfileHelper.getPartnerAsyncEndpoint(ProfileHelper.java:2035)

at com.rsa.fim.profile.logout.LogoutHelper.getPartnerAsyncLogoutEndpoint(LogoutHelper.java:342)

at com.rsa.fim.profile.logout.LogoutHelper.getLogoutService(LogoutHelper.java:899)

at com.rsa.fim.profile.logout.LogoutProfileBean.processLogoutRequest(LogoutProfileBean.java:387)

... 21 more

Resolution

Delete the entity and create the entity again using the default FIM endpoints. Customers should not edit the SLO endpoints manually.
The SP (Service Provider) SLO endpoint is defined as /slo/request/AP instead of the default /slo/request/RP

Don't see what you're looking for?

Related Articles

Trending Articles