Hello,
We have upgraded from 10.0.2 to 10.0.3 on our Dev and Test Appliance and we have started getting error.
We have an STS Change with Default Map module
And Javascript has first few line
importPackage(Packages.com.tivoli.am.fim.trustserver.sts);
importPackage(Packages.com.tivoli.am.fim.trustserver.sts.oauth20);
importPackage(Packages.com.tivoli.am.fim.trustserver.sts.uuser);
importPackage(Packages.com.ibm.security.access.user);
importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils);
importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.OAuthMappingExtUtils);
importClass(Packages.java.util.ArrayList);
importClass(Packages.java.util.HashMap);
// Read in the STSUU
var stsuu = new STSUniversalUser(stsrequest.getRequestSecurityToken().getBase());
Error I am getting Following error
692 Caused by: com.ibm.security.access.javascript.JSCodeRuntimeException
693 at com.ibm.security.access.javascript.JSCode.execute(JSCode.java:141)
694 at com.tivoli.am.fim.trustserver.sts.modules.STSMapDefault$JavaScriptRule.execute(STSMapDefault.java:289)
695 ... 68 more
696 Caused by: org.mozilla.javascript.EvaluatorException: Access to Java class "com.sun.xml.messaging.saaj.soap.impl.ElementImpl" is prohibited. (token-router#37)
Not sure what is needed to resolve this error...
| IBM Security Identity and Access |
remove preview |
 |
| OAuth: JWT as an Access Token - IBM Security Identity and Access |
| OAuth: JWT as an Access Token on ISAM The OAuth 2.0 specification does not go into great detail about token formats "Access tokens can have different formats, structures, and methods of utilization (e.g., cryptographic properties) based on the resource server security requirements". On IBM Security Access manager(ISAM) access tokens issued are a short opaque string used as [...] |
| View this on IBM Security Identity and Access > |
|
|
a
------------------------------
Piyush Agrawal
https://www.linkedin.com/in/piyush-norway/Gjensidige Norway
------------------------------