RSA FIM error 'The specified role is not defined in Entity'
Originally Published: 2014-06-17
Article Number
Applies To
This error should not occur if the default FIM endpoints are used. This error indicates that the partner is trying to initiate SLO (Single Log Out) as an SP against the SP SLO endpoint URL, or as and IDP against the IDP endpoint URL. FIM cannot identify the SLO request as the endpoint is not correct for the SP role (or IDP role).
Issue
The following stack trace is thrown in the system.log and debug.log:
om.rsa.fim.profile.logout.LogoutProfileException: Exception encountered at the top-level of the profile bean: The specified role is not defined in Entity
at com.rsa.fim.profile.logout.LogoutHelper.handleThrowable(LogoutHelper.java:1181)
at com.rsa.fim.profile.logout.LogoutProfileBean.processLogoutRequest(LogoutProfileBean.java:517)
at com.rsa.fim.profile.common.FIMProfileBean.processLogoutRequest(FIMProfileBean.java:134)
at com.rsa.fim.profile.common.FIMProfile_mzkd72_EOImpl.processLogoutRequest(FIMProfile_mzkd72_EOImpl.java:589)
at com.rsa.fim.servlet.logout.LogoutService.doGet(LogoutService.java:66)
at com.rsa.fim.servlet.logout.LogoutService.doPost(LogoutService.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.rsa.fim.servlet.FIMGenericServletFilter.doFilter(FIMGenericServletFilter.java:38)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
Caused by: com.rsa.fim.exception.ProfileException: The specified role is not defined in Entity
at com.rsa.fim.profile.util.ProfileHelper.nullCheck(ProfileHelper.java:2088)
at com.rsa.fim.profile.util.ProfileHelper.getPartnerAsyncEndpoint(ProfileHelper.java:2035)
at com.rsa.fim.profile.logout.LogoutHelper.getPartnerAsyncLogoutEndpoint(LogoutHelper.java:342)
at com.rsa.fim.profile.logout.LogoutHelper.getLogoutService(LogoutHelper.java:899)
at com.rsa.fim.profile.logout.LogoutProfileBean.processLogoutRequest(LogoutProfileBean.java:387)
... 21 more
Resolution
The SP (Service Provider) SLO endpoint is defined as /slo/request/AP instead of the default /slo/request/RP
Related Articles
Delete a Large Number of Expired Tokens from the Authentication Manager 8.x Database Number of Views RSA Authentication Manager 8.x database backup fails Number of Views Running RSA Authentication Manager 8.1 Bulk Administration (AMBA) using --ini parameter Number of Views RSA Authentication Manager 8.7 SP2 Bulk Administration Utility (AMBA) Guide Number of Views Unable to Install/Upgrade RSA MFA agent for Microsoft Windows Number of Views
Trending Articles
How to Download OTP Token Seed Files from myRSA RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
