We Keep Coding

Keycloak Admin Client throws error in server logs

am using keycloak admin client with my custom SPI.
I am getting this error when am trying to to create keycloak builder.
previously i tried this solution also but this didnt worked for me.
keycloak version 20.0.2 quarkus dist
this is the code I am using for builder
KeycloakBuilder.builder()
.serverUrl("http://localhost:8080/")
.realm("xxxxx")
.username("xxxx")
.password("xxxxx")
.clientId("admin-cli")
.resteasyClient(
new ResteasyClientBuilder()
.connectionPoolSize(10).build()
).build();
here's the error log
2023-01-26 13:11:33,684 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-4) Uncaught server error: java.lang.InstantiationError: org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder
at com.nafath.keycloak.NafathTokenAuthenticator.getKeycloakInstance(NafathTokenAuthenticator.java:178)
at com.nafath.keycloak.NafathTokenAuthenticator.saveNewUser(NafathTokenAuthenticator.java:127)
at com.nafath.keycloak.NafathTokenAuthenticator.authenticate(NafathTokenAuthenticator.java:116)
at org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:446)
at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:250)
at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:1017)
at org.keycloak.authentication.AuthenticationProcessor.authenticate(AuthenticationProcessor.java:879)
at org.keycloak.protocol.AuthorizationEndpointBase.handleBrowserAuthenticationRequest(AuthorizationEndpointBase.java:151)
at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildAuthorizationCodeAuthorizationResponse(AuthorizationEndpoint.java:338)
at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.process(AuthorizationEndpoint.java:194)
at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildGet(AuthorizationEndpoint.java:112)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:577)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:152)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:183)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:84)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:71)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:430)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:408)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82)
at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:564)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:833)
I tried it with resteasy version 4

Connecting to an OPC-UA server using Eclipse Milo, fails on BadHostUnknown

I am new to OPC-UA and Eclipse Milo and I am trying to construct a client that can connect to the OPC-UA server of a machine we have just acquired.
I have been able to set up a simple OPC-UA server on my laptop by using this python tutorial series: https://www.youtube.com/watch?v=NbKeBfK3pfk. Additionally, I have been able to use the Eclipse Milo examples to run the subscription example successfully to read some values from this server.
However, I have been having difficulty connecting to the OPC-UA server of the machine we have just received. I have successfully connected to this server using the UaExpert client, but we want to build our own client using Eclipse Milo. I can see that some warnings come up when using UaExpert to connect to the server which appear to give clues about the issue but I have too little experience in server-client communications/OPC-UA and would appreciate some help. I will explain what happens when I use the UaExpert client as I have been using this to try and diagnose what is going on.
I notice that when I first launch UaExpert I get the following errors which could be relevant:
Discovery FindServersOnNetwork on opc.tcp://localhost:4840 failed (BadTimeout), falling back to FindServers
Discovery FindServers on opc.tpc://localhost:4840 failed (BadTimeout)
Discovery GetEndpoints on opc.tcp://localhost:4840 failed
I am really new to networking so not sure exactly what this means.
I will outline the process I have followed when trying to get the SubscriptionExample of Eclipse Milo working with this machine's server. Firstly, I change the getEndpointUrl() method to the ip address of the device we are using: return "opc.tcp://11.23.1.1:4840". I can successfully ping the device using ping 11.23.1.1 from my laptop. When I try to run the SubscriptionExample with this address I get the following error:
[NonceUtilSecureRandom] INFO o.e.m.o.stack.core.util.NonceUtil - SecureRandom seeded in 0ms.
18:36:23.879 [main] ERROR o.e.m.e.client.ClientExampleRunner - Error running client example: java.net.UnknownHostException: br-automation
java.util.concurrent.ExecutionException: java.net.UnknownHostException: br-automation
at java.util.concurrent.CompletableFuture.reportGet(Unknown Source)
at java.util.concurrent.CompletableFuture.get(Unknown Source)
at org.eclipse.milo.examples.client.SubscriptionExample.run(SubscriptionExample.java:50)
at org.eclipse.milo.examples.client.ClientExampleRunner.run(ClientExampleRunner.java:120)
at org.eclipse.milo.examples.client.SubscriptionExample.main(SubscriptionExample.java:42)
Caused by: java.net.UnknownHostException: br-automation
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$2.lookupAllHostAddr(Unknown Source)
at java.net.InetAddress.getAddressesFromNameService(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at io.netty.util.internal.SocketUtils$8.run(SocketUtils.java:148)
at io.netty.util.internal.SocketUtils$8.run(SocketUtils.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at io.netty.util.internal.SocketUtils.addressByName(SocketUtils.java:145)
at io.netty.resolver.DefaultNameResolver.doResolve(DefaultNameResolver.java:43)
at io.netty.resolver.SimpleNameResolver.resolve(SimpleNameResolver.java:63)
at io.netty.resolver.SimpleNameResolver.resolve(SimpleNameResolver.java:55)
at io.netty.resolver.InetSocketAddressResolver.doResolve(InetSocketAddressResolver.java:57)
at io.netty.resolver.InetSocketAddressResolver.doResolve(InetSocketAddressResolver.java:32)
at io.netty.resolver.AbstractAddressResolver.resolve(AbstractAddressResolver.java:108)
at io.netty.bootstrap.Bootstrap.doResolveAndConnect0(Bootstrap.java:200)
at io.netty.bootstrap.Bootstrap.access$000(Bootstrap.java:46)
at io.netty.bootstrap.Bootstrap$1.operationComplete(Bootstrap.java:180)
at io.netty.bootstrap.Bootstrap$1.operationComplete(Bootstrap.java:166)
at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:577)
at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:551)
at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:490)
at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:615)
at io.netty.util.concurrent.DefaultPromise.setSuccess0(DefaultPromise.java:604)
at io.netty.util.concurrent.DefaultPromise.trySuccess(DefaultPromise.java:104)
at io.netty.channel.DefaultChannelPromise.trySuccess(DefaultChannelPromise.java:84)
at io.netty.channel.AbstractChannel$AbstractUnsafe.safeSetSuccess(AbstractChannel.java:984)
at io.netty.channel.AbstractChannel$AbstractUnsafe.register0(AbstractChannel.java:504)
at io.netty.channel.AbstractChannel$AbstractUnsafe.access$200(AbstractChannel.java:417)
at io.netty.channel.AbstractChannel$AbstractUnsafe$1.run(AbstractChannel.java:474)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:500)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at java.lang.Thread.run(Unknown Source)
18:36:23.881 [ForkJoinPool.commonPool-worker-1] ERROR o.e.m.e.client.ClientExampleRunner - Error running example: java.net.UnknownHostException: br-automation
java.util.concurrent.ExecutionException: java.net.UnknownHostException: br-automation
at java.util.concurrent.CompletableFuture.reportGet(Unknown Source)
at java.util.concurrent.CompletableFuture.get(Unknown Source)
at org.eclipse.milo.examples.client.SubscriptionExample.run(SubscriptionExample.java:50)
at org.eclipse.milo.examples.client.ClientExampleRunner.run(ClientExampleRunner.java:120)
at org.eclipse.milo.examples.client.SubscriptionExample.main(SubscriptionExample.java:42)
Caused by: java.net.UnknownHostException: br-automation
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$2.lookupAllHostAddr(Unknown Source)
at java.net.InetAddress.getAddressesFromNameService(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at io.netty.util.internal.SocketUtils$8.run(SocketUtils.java:148)
at io.netty.util.internal.SocketUtils$8.run(SocketUtils.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at io.netty.util.internal.SocketUtils.addressByName(SocketUtils.java:145)
at io.netty.resolver.DefaultNameResolver.doResolve(DefaultNameResolver.java:43)
at io.netty.resolver.SimpleNameResolver.resolve(SimpleNameResolver.java:63)
at io.netty.resolver.SimpleNameResolver.resolve(SimpleNameResolver.java:55)
at io.netty.resolver.InetSocketAddressResolver.doResolve(InetSocketAddressResolver.java:57)
at io.netty.resolver.InetSocketAddressResolver.doResolve(InetSocketAddressResolver.java:32)
at io.netty.resolver.AbstractAddressResolver.resolve(AbstractAddressResolver.java:108)
at io.netty.bootstrap.Bootstrap.doResolveAndConnect0(Bootstrap.java:200)
at io.netty.bootstrap.Bootstrap.access$000(Bootstrap.java:46)
at io.netty.bootstrap.Bootstrap$1.operationComplete(Bootstrap.java:180)
at io.netty.bootstrap.Bootstrap$1.operationComplete(Bootstrap.java:166)
at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:577)
at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:551)
at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:490)
at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:615)
at io.netty.util.concurrent.DefaultPromise.setSuccess0(DefaultPromise.java:604)
at io.netty.util.concurrent.DefaultPromise.trySuccess(DefaultPromise.java:104)
at io.netty.channel.DefaultChannelPromise.trySuccess(DefaultChannelPromise.java:84)
at io.netty.channel.AbstractChannel$AbstractUnsafe.safeSetSuccess(AbstractChannel.java:984)
at io.netty.channel.AbstractChannel$AbstractUnsafe.register0(AbstractChannel.java:504)
at io.netty.channel.AbstractChannel$AbstractUnsafe.access$200(AbstractChannel.java:417)
at io.netty.channel.AbstractChannel$AbstractUnsafe$1.run(AbstractChannel.java:474)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:500)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at java.lang.Thread.run(Unknown Source)
When using UaExpert, "opc.tcp://11.23.1.1:4840" is the address of the server that I input when adding a new server when using Custom Discovery. When I enter this, a device appears as a dropdown of this server called B&R Embedded OPC-UA Server as the OPC-UA server is hosted on a B&R device in the machine. When I select this device to connect to, I get the following message:
The hostname of the discovery URL used to call GetEndpoints (br-automation) was replaced by the hostname used to call FindServers (11.23.1.1). Do you also want to replace the hostnames of the EndpointURLs with this hostname?
I have to accept this message for the server to be found, but I am confused exactly what is going on. I assume there is a difference in the endpoint used to find the server and the endpoint used for something else? I have found the resources online very difficult to understand. In the UaExpert logs there are three lines of logs in a row which report "Adding Url: ocp.tcp://br-automation:4840". It also then reports the endpoint: "ocp.tcp://br-automation:4840", the application Uri and the security policy (none). If I try change the address in the client's getEndpointUrl method to ocp.tcp://br-automation:4840 then I get the following error:
[main] INFO o.e.m.opcua.sdk.client.OpcUaClient - Eclipse Milo OPC UA Client SDK version: 0.4.3-SNAPSHOT
18:37:46.035 [main] ERROR o.e.m.e.client.ClientExampleRunner - Error getting client: java.util.concurrent.ExecutionException: java.net.UnknownHostException: br-automation
org.eclipse.milo.opcua.stack.core.UaException: java.util.concurrent.ExecutionException: java.net.UnknownHostException: br-automation
at org.eclipse.milo.opcua.sdk.client.OpcUaClient.lambda$create$1(OpcUaClient.java:204)
at java.util.Optional.orElseGet(Unknown Source)
at org.eclipse.milo.opcua.sdk.client.OpcUaClient.create(OpcUaClient.java:204)
at org.eclipse.milo.opcua.sdk.client.OpcUaClient.create(OpcUaClient.java:201)
at org.eclipse.milo.examples.client.ClientExampleRunner.createClient(ClientExampleRunner.java:73)
at org.eclipse.milo.examples.client.ClientExampleRunner.run(ClientExampleRunner.java:94)
at org.eclipse.milo.examples.client.SubscriptionExample.main(SubscriptionExample.java:42)
Caused by: java.util.concurrent.ExecutionException: java.net.UnknownHostException: br-automation
at java.util.concurrent.CompletableFuture.reportGet(Unknown Source)
at java.util.concurrent.CompletableFuture.get(Unknown Source)
at org.eclipse.milo.opcua.sdk.client.OpcUaClient.create(OpcUaClient.java:180)
... 4 common frames omitted
Caused by: java.net.UnknownHostException: br-automation
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at io.netty.util.internal.SocketUtils$8.run(SocketUtils.java:148)
at io.netty.util.internal.SocketUtils$8.run(SocketUtils.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at io.netty.util.internal.SocketUtils.addressByName(SocketUtils.java:145)
at io.netty.resolver.DefaultNameResolver.doResolve(DefaultNameResolver.java:43)
at io.netty.resolver.SimpleNameResolver.resolve(SimpleNameResolver.java:63)
at io.netty.resolver.SimpleNameResolver.resolve(SimpleNameResolver.java:55)
at io.netty.resolver.InetSocketAddressResolver.doResolve(InetSocketAddressResolver.java:57)
at io.netty.resolver.InetSocketAddressResolver.doResolve(InetSocketAddressResolver.java:32)
at io.netty.resolver.AbstractAddressResolver.resolve(AbstractAddressResolver.java:108)
at io.netty.bootstrap.Bootstrap.doResolveAndConnect0(Bootstrap.java:200)
at io.netty.bootstrap.Bootstrap.access$000(Bootstrap.java:46)
at io.netty.bootstrap.Bootstrap$1.operationComplete(Bootstrap.java:180)
at io.netty.bootstrap.Bootstrap$1.operationComplete(Bootstrap.java:166)
at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:577)
at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:551)
at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:490)
at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:615)
at io.netty.util.concurrent.DefaultPromise.setSuccess0(DefaultPromise.java:604)
at io.netty.util.concurrent.DefaultPromise.trySuccess(DefaultPromise.java:104)
at io.netty.channel.DefaultChannelPromise.trySuccess(DefaultChannelPromise.java:84)
at io.netty.channel.AbstractChannel$AbstractUnsafe.safeSetSuccess(AbstractChannel.java:984)
at io.netty.channel.AbstractChannel$AbstractUnsafe.register0(AbstractChannel.java:504)
at io.netty.channel.AbstractChannel$AbstractUnsafe.access$200(AbstractChannel.java:417)
at io.netty.channel.AbstractChannel$AbstractUnsafe$1.run(AbstractChannel.java:474)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:500)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at java.lang.Thread.run(Unknown Source)
I don't know if this is enough information to diagnose the problem, but I would appreciate any help on how I can get the Eclipse Milo server to perform the same process and connect to the machine's server.

The issue is that the computer you're running the client on can't resolve the hostname "br-automation" into an IP address.
The solution if you can't configure your server to return an IP address instead is to manually rebuild the EndpointDescriptions you get from the GetEndpoints service call so they have an endpoint URL that contains the IP address instead of the hostname. This is what UaExpert is doing behind the scenes when it warns you about replacing the hostname.
You can use EndpointUtil#updateUrl to build a new EndpointDescription before it gets passed to the OpcUaClientConfig.

You can find correct Hostname/URL to connect server by using server log.
Once server logs starts it print all valid UR

We were able to solve our problem, by manually overwriting the hostname returned from the OPC UA Server with the hosts IP and port. (see second line of the try statement)
public class OpcUaConnection {
OpcUaClient client;
final int NAMESPACEINDEX = 6;
private static final AtomicLong clientHandles = new AtomicLong(1L);
public OpcUaConnection() {
try {
List<EndpointDescription> endpoints = DiscoveryClient.getEndpoints("opc.tcp://192.168.0.122:4840").get();
EndpointDescription configPoint = EndpointUtil.updateUrl(endpoints.get(0), "192.168.0.122", 4840);
OpcUaClientConfigBuilder cfg = new OpcUaClientConfigBuilder();
cfg.setEndpoint(configPoint);
this.client = OpcUaClient.create(cfg.build());
client.connect().get();
} catch (Throwable ex) {
ex.printStackTrace();
}
}
Hope this can help out others!

Kubernetes Cloud Logging Authentication Issue

I have been trying to switch my application to use Google Cloud logging (aka Stackdriver). I have built a custom Logback appender which uses the Google Java Cloud Logging Library.
When I run my application in the IDE it logs correctly to Google Cloud Logging. When I run it inside a Kubernetes container on GKE, I get an Authentication Error. However in both scenarios I am use the same GCP Service Account.
I have even gone to the length of outputting the Key from the Google credentials object to prove they are the same in each environment. Which they are.
Does anyone have any ideas of what I might be missing? Is there any sort of context related settings that might cause authentication to fail from inside the container? Anyone got any ideas about what to try next?
Update: Here is the stack trace:
java.lang.RuntimeException: java.util.concurrent.ExecutionException: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at java.lang.RuntimeException: java.util.concurrent.ExecutionException: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.cloud.logging.LoggingImpl.flush(LoggingImpl.java:579) at at com.google.cloud.logging.LoggingImpl.write(LoggingImpl.java:560) at at uk.co.processflows.platform.util.StackdriverAppender.append(StackdriverAppender.kt:135) at at uk.co.processflows.platform.util.StackdriverAppender.append(StackdriverAppender.kt:18) at at ch.qos.logback.core.UnsynchronizedAppenderBase.doAppend(UnsynchronizedAppenderBase.java:84) at at ch.qos.logback.core.spi.AppenderAttachableImpl.appendLoopOnAppenders(AppenderAttachableImpl.java:51) at at ch.qos.logback.classic.Logger.appendLoopOnAppenders(Logger.java:270) at at ch.qos.logback.classic.Logger.callAppenders(Logger.java:257) at at ch.qos.logback.classic.Logger.buildLoggingEventAndAppend(Logger.java:421) at at ch.qos.logback.classic.Logger.filterAndLog_0_Or3Plus(Logger.java:383) at at ch.qos.logback.classic.Logger.error(Logger.java:538) at at uk.co.processflows.platform.pushnotification.PushNotificationClient.forward(PushNotificationClient.kt:58) at at uk.co.processflows.platform.push.PushMessagingConnectionHandlerImpl.broadcast(PushMessagingConnectionHandlerImpl.kt:257) at at uk.co.processflows.platform.push.PushMessagingConnectionHandlerImpl.broadcastMessageToTenant(PushMessagingConnectionHandlerImpl.kt:153) at at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at at java.base/java.lang.reflect.Method.invoke(Method.java:567) at at com.google.inject.internal.DelegatingInvocationHandler.invoke(DelegatingInvocationHandler.java:50) at at com.sun.proxy.$Proxy69.broadcastMessageToTenant(Unknown Source) at at uk.co.processflows.platform.workflow.TaskLockControllerImpl$lockTask$2.run(TaskLockControllerImpl.kt:94) at at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) at at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at at java.base/java.lang.Thread.run(Thread.java:835) Caused by: java.util.concurrent.ExecutionException: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.common.util.concurrent.AbstractFuture.getDoneValue(AbstractFuture.java:552) at at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:431) at at com.google.common.util.concurrent.AbstractFuture$TrustedFuture.get(AbstractFuture.java:97) at at com.google.common.util.concurrent.ForwardingFuture.get(ForwardingFuture.java:68) at at com.google.cloud.logging.LoggingImpl.flush(LoggingImpl.java:577) at ... 25 common frames omitted Caused by: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.cloud.logging.spi.v2.GrpcLoggingRpc$2.apply(GrpcLoggingRpc.java:190) at at com.google.cloud.logging.spi.v2.GrpcLoggingRpc$2.apply(GrpcLoggingRpc.java:184) at at com.google.api.core.ApiFutures$GaxFunctionToGuavaFunction.apply(ApiFutures.java:204) at at com.google.common.util.concurrent.AbstractCatchingFuture$CatchingFuture.doFallback(AbstractCatchingFuture.java:206) at at com.google.common.util.concurrent.AbstractCatchingFuture$CatchingFuture.doFallback(AbstractCatchingFuture.java:194) at at com.google.common.util.concurrent.AbstractCatchingFuture.run(AbstractCatchingFuture.java:107) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at com.google.api.core.AbstractApiFuture$InternalSettableFuture.setException(AbstractApiFuture.java:95) at at com.google.api.core.AbstractApiFuture.setException(AbstractApiFuture.java:77) at at com.google.api.gax.rpc.BatchedFuture.setException(BatchedFuture.java:55) at at com.google.api.gax.rpc.BatchedRequestIssuer.sendResult(BatchedRequestIssuer.java:84) at at com.google.api.gax.rpc.BatchExecutor$1.onFailure(BatchExecutor.java:98) at at com.google.api.core.ApiFutures$1.onFailure(ApiFutures.java:68) at at com.google.common.util.concurrent.Futures$CallbackListener.run(Futures.java:1056) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at com.google.api.gax.retrying.BasicRetryingFuture.handleAttempt(BasicRetryingFuture.java:179) at at com.google.api.gax.retrying.CallbackChainRetryingFuture$AttemptCompletionListener.handle(CallbackChainRetryingFuture.java:135) at at com.google.api.gax.retrying.CallbackChainRetryingFuture$AttemptCompletionListener.run(CallbackChainRetryingFuture.java:117) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at com.google.api.core.AbstractApiFuture$InternalSettableFuture.setException(AbstractApiFuture.java:95) at at com.google.api.core.AbstractApiFuture.setException(AbstractApiFuture.java:77) at at com.google.api.gax.grpc.GrpcExceptionCallable$ExceptionTransformingFuture.onFailure(GrpcExceptionCallable.java:97) at at com.google.api.core.ApiFutures$1.onFailure(ApiFutures.java:68) at at com.google.common.util.concurrent.Futures$CallbackListener.run(Futures.java:1056) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at io.grpc.stub.ClientCalls$GrpcFuture.setException(ClientCalls.java:515) at at io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:490) at at io.grpc.PartialForwardingClientCallListener.onClose(PartialForwardingClientCallListener.java:39) at at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:23) at at io.grpc.ForwardingClientCallListener$SimpleForwardingClientCallListener.onClose(ForwardingClientCallListener.java:40) at at io.grpc.internal.CensusStatsModule$StatsClientInterceptor$1$1.onClose(CensusStatsModule.java:699) at at io.grpc.PartialForwardingClientCallListener.onClose(PartialForwardingClientCallListener.java:39) at at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:23) at at io.grpc.ForwardingClientCallListener$SimpleForwardingClientCallListener.onClose(ForwardingClientCallListener.java:40) at at io.grpc.internal.CensusTracingModule$TracingClientInterceptor$1$1.onClose(CensusTracingModule.java:397) at at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:459) at at io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:63) at at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.close(ClientCallImpl.java:546) at at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.access$600(ClientCallImpl.java:467) at at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:584) at at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37) at at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123) at at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) at at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) at ... 3 common frames omitted Caused by: com.google.api.gax.rpc.UnauthenticatedException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.api.gax.rpc.ApiExceptionFactory.createException(ApiExceptionFactory.java:73) at at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:72) at at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:60) at ... 30 common frames omitted Caused by: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at io.grpc.Status.asRuntimeException(Status.java:532) at ... 22 common frames omitted Caused by: java.lang.NoSuchMethodError: io.grpc.MethodDescriptor.getServiceName()Ljava/lang/String; at at io.grpc.auth.GoogleAuthLibraryCallCredentials.serviceUri(GoogleAuthLibraryCallCredentials.java:162) at at io.grpc.auth.GoogleAuthLibraryCallCredentials.applyRequestMetadata(GoogleAuthLibraryCallCredentials.java:103) at at io.grpc.CallCredentials2.applyRequestMetadata(CallCredentials2.java:58) at at io.grpc.internal.CallCredentialsApplyingTransportFactory$CallCredentialsApplyingTransport.newStream(CallCredentialsApplyingTransportFactory.java:107) at at io.grpc.internal.ForwardingConnectionClientTransport.newStream(ForwardingConnectionClientTransport.java:49) at at io.grpc.internal.InternalSubchannel$CallTracingTransport.newStream(InternalSubchannel.java:690) at at io.grpc.internal.ClientCallImpl.start(ClientCallImpl.java:245) at at io.grpc.internal.CensusTracingModule$TracingClientInterceptor$1.start(CensusTracingModule.java:392) at at io.grpc.internal.CensusStatsModule$StatsClientInterceptor$1.start(CensusStatsModule.java:694) at at io.grpc.ForwardingClientCall.start(ForwardingClientCall.java:32) at at com.google.api.gax.grpc.GrpcHeaderInterceptor$1.start(GrpcHeaderInterceptor.java:94) at at io.grpc.stub.ClientCalls.startCall(ClientCalls.java:310) at at io.grpc.stub.ClientCalls.asyncUnaryRequestCall(ClientCalls.java:282) at at io.grpc.stub.ClientCalls.futureUnaryCall(ClientCalls.java:191) at at com.google.api.gax.grpc.GrpcDirectCallable.futureCall(GrpcDirectCallable.java:58) at at com.google.api.gax.grpc.GrpcExceptionCallable.futureCall(GrpcExceptionCallable.java:64) at at com.google.api.gax.rpc.AttemptCallable.call(AttemptCallable.java:86) at at com.google.api.gax.rpc.RetryingCallable.futureCall(RetryingCallable.java:63) at at com.google.api.gax.rpc.RetryingCallable.futureCall(RetryingCallable.java:41) at at com.google.api.gax.tracing.TracedBatchingCallable.futureCall(TracedBatchingCallable.java:82) at at com.google.api.gax.rpc.UnaryCallable$1.futureCall(UnaryCallable.java:126) at at com.google.api.gax.rpc.UnaryCallable.futureCall(UnaryCallable.java:87) at at com.google.api.gax.rpc.BatchExecutor.processBatch(BatchExecutor.java:82) at at com.google.api.gax.rpc.BatchExecutor.processBatch(BatchExecutor.java:53) at at com.google.api.gax.batching.ThresholdBatcher.pushCurrentBatch(ThresholdBatcher.java:233) at at com.google.api.gax.batching.ThresholdBatcher$1.run(ThresholdBatcher.java:76) at ... 6 common frames omitted
Update 2:
I have just spotted deep inside the caused by hiarchy of the stack trace there is this message.
Caused by: java.lang.NoSuchMethodError: io.grpc.MethodDescriptor.getServiceName()Ljava/lang/String; at at io.grpc.auth.GoogleAuthLibraryCallCredentials.serviceUri(GoogleAuthLibraryCallCredentials.java:162)
That doesn't sound much like an authentication problem.

Update I did not see the stack trace when I originally answered this question, and it leads me to be believe your issue is not with authentication at all. My answer may be relevant to those seeing an authentication issue with GCP APIs in GKE, so I'll leave the original here.
Original If you're getting an authentication error, it's likely you're not using the service account key correctly. You can read this tutorial to learn about how it should be done. In short, you need to export the service account key as a JSON file and mount it as a secret.

Given your issue with using the library, you might want to write your logs directly. This doc on creating structured logs might be helpful.

It turns out there was a dependancy compatibility issue with the GRPC jars. Our application uses GRPC as does apparently the Google Could Logging library. Changing our app to use the older version of GRPC that the Google cloud logging library was built against fixed the issue.
It appears when running in the container the jar files are loaded in a different order than running locally. Hence why this only happened inside Kubernetes.

Error in importing IDP metadata into websphere application server 8.5

We are getting
java.lang.Instantiation
exception when importing IDP metadata xml into websphere application server 8.5. IDP is ADFS 3.0. We are following the steps given in Websphere 8.5 saml setup.
Command used in wsadmin is:
AdminTask.importSAMLIdpMetadata('-idpMetadataFileName
"C:/federationmetadata.xml" -idpId 1 -ssoId 1 -signingCertAlias
idpCert1')
The error stack trace in command prompt is shown below:
wsadmin>AdminTask.importSAMLIdpMetadata('-idpMetadataFileName "C:/federationmeta
data.xml" -idpId 1 -ssoId 1 -signingCertAlias idpCert1')
WASX7015E: Exception running command: "AdminTask.importSAMLIdpMetadata('-idpMeta
dataFileName "C:/federationmetadata.xml" -idpId 1 -ssoId 1 -signingCertAlias uma
ng')"; exception information:
com.ibm.bsf.BSFException: exception from Jython:
Traceback (innermost last):
File "<input>", line 1, in ?
com.ibm.ws.scripting.ScriptingException: java.lang.InstantiationError: java.lang
.InstantiationError: oasis.names.tc.saml._2_0.metadata.RoleDescriptorType
at com.ibm.ws.scripting.adminCommand.AdminCmdController.executeCmd(Admin
CmdController.java:1914)
at com.ibm.ws.scripting.adminCommand.AdminCmdController.processCmd(Admin
CmdController.java:318)
at com.ibm.ws.scripting.adminCommand.AdminCmdProxyHandler.invoke(AdminCm
dProxyHandler.java:92)
at com.ibm.ws.scripting.adminCommand.AdminCmdProxyBase.__method3(AdminCm
dProxyBase.java:53)
at com.ibm.ws.scripting.adminCommand.AdminTask.importSAMLIdpMetadata(Unk
nown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java
)
at org.python.core.PyMethod.__call__(PyMethod.java)
at org.python.core.PyObject.__call__(PyObject.java)
at org.python.core.PyInstance.invoke(PyInstance.java)
at org.python.pycode._pyx56.f$0(<input>:1)
at org.python.pycode._pyx56.call_function(<input>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyCode.call(PyCode.java)
at org.python.core.Py.runCode(Py.java)
at org.python.core.Py.exec(Py.java)
at org.python.util.PythonInterpreter.exec(PythonInterpreter.java)
at com.ibm.bsf.engines.jython.JythonEngine$BSFPythonInterpreter.runcode(
Unknown Source)
at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpret
er.java)
at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpret
er.java)
at com.ibm.bsf.engines.jython.JythonEngine.iexec(Unknown Source)
at com.ibm.bsf.BSFManager$7.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:417
)
at com.ibm.bsf.BSFManager.iexec(Unknown Source)
at com.ibm.ws.scripting.AbstractShell.interactive(AbstractShell.java:139
8)
at com.ibm.ws.scripting.AbstractShell.run(AbstractShell.java:2298)
at com.ibm.ws.scripting.WasxShell.main(WasxShell.java:1172)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:234)
at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:96)
at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at org.eclipse.equinox.internal.app.EclipseAppContainer.callMethodWithEx
ception(EclipseAppContainer.java:587)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandl
e.java:198)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runAppli
cation(EclipseAppLauncher.java:110)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(Ec
lipseAppLauncher.java:79)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.ja
va:369)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.ja
va:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at org.eclipse.core.launcher.Main.invokeFramework(Main.java:340)
at org.eclipse.core.launcher.Main.basicRun(Main.java:282)
at org.eclipse.core.launcher.Main.run(Main.java:981)
at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.jav
a:400)
at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:163)
com.ibm.ws.scripting.ScriptingException: com.ibm.ws.scripting.ScriptingException
: java.lang.InstantiationError: java.lang.InstantiationError: oasis.names.tc.sam
l._2_0.metadata.RoleDescriptorType
Anyone having idea about this error? We are using administrator id to run wsadmin.

The only information we really need to know is ADFS server's certificate that sign the SAML. So we took the X509 Certificate from ADFS server, and manually imported into WAS's default trust store(CellDefaultTrustStore). We manually configured IDP by adding following attributes to interceptor properties. We are able to connect to ADFS now.
sso_1.idp_1.entityID
sso_1.idp_1.certAlias
sso_1.idp_1.singleSignOnUrl

Openam - Unable to get Application SSO Token

I am trying to bring up my tomcat server on which OpenAM is installed but the server fails on startup because the Policy Agent installed on the same server is trying to access a naming service on the same server.
I am just in the middle of a proof of concept and I am following the instructions given by ForgeRock documentation but I am unable to get this setup working.
Is there a way to run the OpenAM+Policy Agent on the same server? Any help in this would be really really appreciated! Thanks!
com.sun.identity.authentication.spi.AuthLoginException: Failed to create new Authentication Context: Naming Service is not available
SEVERE: Begin event threw error java.lang.ExceptionInInitializerError
at com.sun.identity.agents.arch.Manager.<clinit>(Manager.java:675)
at com.sun.identity.agents.tomcat.v6.AmTomcatRealm.<clinit>(AmTomcatRealm.java:67)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at java.lang.Class.newInstance(Class.java:379)
at org.apache.tomcat.util.digester.ObjectCreateRule.begin(ObjectCreateRule.java:145)
at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1288)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:509)
at com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:182)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1343)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2786)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:606)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:848)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:777)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1213)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:648)
at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1561)
at org.apache.catalina.startup.Catalina.load(Catalina.java:615)
at org.apache.catalina.startup.Catalina.load(Catalina.java:663)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:280)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:454) Caused by: java.lang.RuntimeException: Failed to load configuration: ApplicationSSOTokenProvider.getApplicationSSOToken(): Unable to get Application SSO Token
at com.sun.identity.agents.arch.AgentConfiguration.bootStrapClientConfiguration(AgentConfiguration.java:790)
at com.sun.identity.agents.arch.AgentConfiguration.initializeConfiguration(AgentConfiguration.java:1140)
at com.sun.identity.agents.arch.AgentConfiguration.<clinit>(AgentConfiguration.java:1579)
... 29 more

I think this part of the documentation is quite relevant:
Do not install the Java EE policy agent in the same container as OpenAM. OpenAM must be up and running before the Java EE policy agent starts. This cannot be guaranteed when both run in the same container. ForgeRock does not support configurations where OpenAM and the Java EE policy agent are installed in the same container.