DWP Catalog - User Group sync script doesn't over SSL

Version 26
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    MyIT Service Broker


    APPLIES TO:

    Any SBE/DWP Catalog version with SSL enabled



    PROBLEM:

    We have enabled native SSL for Service Broker but when we run the user_group sync we see the following errors:

    Exception in thread "main" java.lang.StackOverflowError
    at sun.misc.URLClassPath.getLoader(URLClassPath.java:503)
    at sun.misc.URLClassPath.getNextLoader(URLClassPath.java:484)
    at sun.misc.URLClassPath.access$100(URLClassPath.java:65)
    at sun.misc.URLClassPath$1.next(URLClassPath.java:266)
    at sun.misc.URLClassPath$1.hasMoreElements(URLClassPath.java:277)
    at java.net.URLClassLoader$3$1.run(URLClassLoader.java:601)
    at java.net.URLClassLoader$3$1.run(URLClassLoader.java:599)
     at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader$3.next(URLClassLoader.java:598)
    at java.net.URLClassLoader$3.hasMoreElements(URLClassLoader.java:623)
    at sun.misc.CompoundEnumeration.next(CompoundEnumeration.java:45)
     at com.bmc.myservice.tools.util.WebClient.loginWhenNecessary(WebClient.java:80)
    at com.bmc.myservice.tools.util.WebClient.loginWhenNecessary(WebClient.java:80


    CAUSE:

    Script does not have the SSL parameters that are required for this task. You need to add them.


    SOLUTION:

    FROM DWP 19.11 and beyond

    If DWP Catalog is configured to run on https you will need to add these parameters in user_group_sync.sh

      


    a) Open user_group_sync.sh *this is under artools*

    b) Edit and put cert details. This is almost at the top of the file.
    trust_store_path="/apps/certs/DWPCatalog.jks"
    trust_store_password="keystorepass"

    c) Edit script and update/add > -sb_aw 443 -sb_proto https

    i.e.

    ./user_group_sync.sh -itsm_s xxxxxxx -itsm_u Demo -itsm_p password -itsm_a 0 -sb_s xxxxxxxxxxx  -sb_u hannah_admin@calbroservices.com -sb_p Passw0rd! -sb_a 9988 -sb_aw 443 -sb_proto https -sb_group_creation yes -skip_disabled true >> /apps/dwpc/db/sb_user_sync_ssl.log


    d) Check the /apps/dwpc/db/sb_user_sync_ssl.log to confirm this is  now working. You should see something like:

    Starting Import for { sb_base_url: https://xxxxxxxxxx:443/ tenant_admin_user: hannah_admin@xxxxxxxxxxx.com, user_input_file: User.arx }
    ==== Reading Users Started ====
    ==== Reading Users Done! 1 successfully read. 0 failed. Total of 1 users were parsed in 0 seconds ====
    logging in...
    ==== Login finished in 1060 milliseconds ====
    ==== Import/Update Started ====
    User test with email  successfully created. Response: 200:
    Response: 304: User test not modified, no update to user test needed.
    ==== Import/Update Done! 1 users successfully created. 0 updated. 0 failed. Total of 1 users in 0 seconds ====
    ==== Import finished in 1 seconds ====
    logging in...
    ==== Login finished in 1054 milliseconds ====
     

      
    BEFORE DWP 19.11

    In order for the script to run on an SSL SB Server, you must use the attached updated   user_group_synch script & JAR file 
       
      NOTE: You don't nee the jar file on 3.5 and beyond.  File is located at:  
      /opt/bmc/digitalworkplace/artools/com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar
      
    1. Please backup the current files then extract both of them into the "  /opt/bmc/ARSystem/artools" directory (replacing the old files) 

    2. Edit the   user_group_sync script to include the extract below with your own JRE path   -if needed- in addition to the   keystore path &   password as highlighted below: 

     /opt/jdk1.8.0_121/bin/java -cp dependency/*:com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar -Dsb_base_url="https://$sb_server:$sb_web_port/" -Dtenant_admin_user="$sb_user" -Dtenant_admin_password=$sb_password -Dgroup_format="$group_format" -Dinput_file=People.arx -Djavax.net.ssl.trustStore=/opt/bmc/ARSystem/jetty/etc/keystore -Djavax.net.ssl.trustStorePassword=changeit -Duser_input_file=User.arx com.bmc.myservice.tools.etl.Main

    i.e.
    - Breaking original  user_group_synch into lines   
        
      
      /usr/java/jre1.8.0_181-amd64/bin/java  
    -cp dependency/*:com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar  
    -Dsb_base_url="$sb_web_proto://$sb_server:$sb_web_port/"  
    -Dtenant_admin_user="$sb_user"  
    -Dtenant_admin_password=$sb_password  
    -Dgroup_format="$group_format"  
    -Dinput_file=People.arxt  
    -Duser_input_file=User.arx -Dskip_disabled="$skip_disabled"  
    com.bmc.myservice.tools.etl.Main 
      
       
       You only need to add and edit the things in red, mentioned in the KA, which are these two lines:

    -Djavax.net.ssl.trustStore=/opt/bmc/ARSystem/jetty/etc/keystore
    -Djavax.net.ssl.trustStorePassword=changeit


    So, it looks like this.
      
      /usr/java/jre1.8.0_181-amd64/bin/java
    -cp dependency/*:com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar
    -Dsb_base_url="$sb_web_proto://$sb_server:$sb_web_port/"
    -Dtenant_admin_user="$sb_user"
    -Dtenant_admin_password=$sb_password
    -Dgroup_format="$group_format"
    -Dinput_file=People.arx
    -Djavax.net.ssl.trustStore=/opt/bmc/ARSystem/jetty/etc/keystore
    -Djavax.net.ssl.trustStorePassword=changeit

    -Duser_input_file=User.arx -Dskip_disabled="$skip_disabled"
    com.bmc.myservice.tools.etl.Main
        
    -Put all of this on a single line

    -Do these edits, save and close.
    -Try again.


    NOTE: To know what the actual java version being used is (if no symbolic links are in place). The one having + will be the one that is being used. 

    Run:
       
      alternatives --config java

    Selection    Command
    -----------------------------------------------
       1           java-1.7.0-openjdk.x86_64 (/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.201-2.6.16.1.el7_6.x86_64/jre/bin/java)
    *  2           java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.x86_64/jre/bin/java)
     + 3           /usr/java/jre1.8.0_181-amd64/bin/java   ---THIS ONE
     
     
     
      
      
       

     

      

     


    Article Number:

    000133376


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles