While deploying OpenSSO on Glassfish (I used v2ur2), I ran in an interesting situatation:
Although deployment goes well, OpenSSO’s configurator (that is the process OpenSSO goes through the very first time you launch it after deployment) failed with a rather laconic LDAP operation failed message. Searching into the Glassfish server log, I could see that indeed LDAP had a problem:

Message:The LDAP operation failed.
--------------------------------------------------
The lower level exception message
error result
The lower level exception:
netscape.ldap.LDAPException: error result (68); The entry
ou=BasicUser,ou=CreationTemplates,ou=templates,ou=default,
ou=GlobalConfig,ou=1.0,ou=DAI,ou=services,dc=opensso,dc=java,
dc=net cannot be added because an entry with that name already exists
at netscape.ldap.LDAPConnection.checkMsg(LDAPConnection.java:4866)
at netscape.ldap.LDAPConnection.add(LDAPConnection.java:2864)
at netscape.ldap.LDAPConnection.add(LDAPConnection.java:2879)
at netscape.ldap.LDAPConnection.add(LDAPConnection.java:2829)
/.../

After consulting experts on the matter, I had the solution to my issue:
Modify Glassfish’s domain.xml configuration file of the domain OpenSSO is deployed in (most of the time it will be the default: domain1).
The change is fairly simple:
Replace
<jvm-options>-client</jvm-options>
with
<jvm-options>-server</jvm-options>

Good to know…

Advertisements