Skip to content

OIDC Claims Script cannot be deleted #263

New issue
New issue
Open
Bug
Open
OIDC Claims Script cannot be deleted#263
Bug
Labels
backport-sustaining/15.xPR marker for features that should be backported to sustaining/15.x.good first issueBeginner-friendly issues that serve as an excellent starting point for new contributors.
@fyrbach

Description

@fyrbach
fyrbach
opened on Nov 27, 2025

OIDC Claims Script cannot be deleted from web administration when the OAuth2 Provider service is not added to the realm.

The ssoadm delete-sub-cfg command works.

This issue occurs in the main branch (16.0.0-M2-SNAPSHOT) and also in the sustaining/15.x (15.2.3-SNAPSHOT).

Stack trace from CoreSystem log 
frRest:2025-11-27T11:21:54.542+01:00: http-nio-8080-exec-3: TransactionId[e310af99-6dee-4abb-9961-d39aecf585e7-864]
ERROR: A runtime exception occurred during the CREST request handling
java.lang.NullPointerException: Cannot invoke "java.util.Map.containsKey(Object)" because "map" is null
        at com.sun.identity.shared.datastruct.CollectionHelper.getMapSetThrows(CollectionHelper.java:110)
        at org.forgerock.openam.scripting.service.ScriptConfigurationService.oidcClaimsUsageCount(ScriptConfigurationService.java:556)
        at org.forgerock.openam.scripting.service.ScriptConfigurationService.getUsageCount(ScriptConfigurationService.java:471)
        at org.forgerock.openam.scripting.service.ScriptConfigurationService.delete(ScriptConfigurationService.java:201)
        at org.forgerock.openam.scripting.rest.ScriptResource.deleteInstance(ScriptResource.java:230)
        at org.forgerock.json.resource.InterfaceCollectionInstance.handleDelete(InterfaceCollectionInstance.java:48)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:83)
        at org.forgerock.json.resource.Resources$CollectionInstanceIdContextFilter.filterDelete(Resources.java:512)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.json.resource.FilterChain.handleDelete(FilterChain.java:242)
        at org.forgerock.json.resource.Router.handleDelete(Router.java:286)
        at org.forgerock.json.resource.Router.handleDelete(Router.java:286)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:83)
        at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter$3.apply(AuthorizationFilters.java:293)
        at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter$3.apply(AuthorizationFilters.java:289)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:255)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:244)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:223)
        at org.forgerock.authz.filter.crest.AuthorizationFilters$AuthorizationFilter.filterDelete(AuthorizationFilters.java:289)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.json.resource.FilterChain.handleDelete(FilterChain.java:242)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:83)
        at org.forgerock.openam.rest.fluent.AuditFilter.filterDelete(AuditFilter.java:131)
        at org.forgerock.openam.rest.fluent.AuditFilterWrapper.filterDelete(AuditFilterWrapper.java:72)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.openam.rest.fluent.CrestLoggingFilter.filterDelete(CrestLoggingFilter.java:110)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.openam.rest.ContextFilter.filterDelete(ContextFilter.java:69)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.openam.rest.AuthenticationEnforcer.filterDelete(AuthenticationEnforcer.java:155)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.json.resource.FilterChain.handleDelete(FilterChain.java:242)
        at org.forgerock.json.resource.Router.handleDelete(Router.java:286)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:83)
        at org.forgerock.openam.rest.ContextFilter.filterDelete(ContextFilter.java:69)
        at org.forgerock.json.resource.FilterChain$Cursor.handleDelete(FilterChain.java:81)
        at org.forgerock.json.resource.FilterChain.handleDelete(FilterChain.java:242)
        at org.forgerock.json.resource.InternalConnection.deleteAsync(InternalConnection.java:55)
        at org.forgerock.json.resource.http.RequestRunner.visitDeleteRequest(RequestRunner.java:230)
        at org.forgerock.json.resource.http.RequestRunner.visitDeleteRequest(RequestRunner.java:95)
        at org.forgerock.json.resource.Requests$DeleteRequestImpl.accept(Requests.java:317)
        at org.forgerock.json.resource.http.RequestRunner.handleResult(RequestRunner.java:141)
        at org.forgerock.json.resource.http.HttpAdapter$1.apply(HttpAdapter.java:725)
        at org.forgerock.json.resource.http.HttpAdapter$1.apply(HttpAdapter.java:722)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:255)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:244)
        at org.forgerock.json.resource.http.HttpAdapter.doRequest(HttpAdapter.java:722)
        at org.forgerock.json.resource.http.HttpAdapter.doDelete(HttpAdapter.java:331)
        at org.forgerock.json.resource.http.HttpAdapter.handle(HttpAdapter.java:287)
        at org.forgerock.http.handler.Handlers$HandlerDescribableAsDescribableHandler.handle(Handlers.java:154)
        at org.forgerock.http.filter.OptionsFilter.filter(OptionsFilter.java:77)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.http.routing.Router.handle(Router.java:108)
        at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.http.routing.Router.handle(Router.java:108)
        at org.forgerock.http.routing.Router.handle(Router.java:108)
        at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:64)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:197)
        at org.forgerock.caf.authentication.framework.AuthenticationFramework$2.apply(AuthenticationFramework.java:189)
        at org.forgerock.caf.authentication.framework.AuthenticationFramework$2.apply(AuthenticationFramework.java:182)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:255)
        at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:244)
        at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:153)
        at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:143)
        at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:92)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.openam.http.GuiceHandler.handle(GuiceHandler.java:59)
        at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:215)
        at org.forgerock.http.routing.Router.handle(Router.java:108)
        at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:70)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:122)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.openam.http.OpenAMHttpApplication$1.filter(OpenAMHttpApplication.java:70)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:60)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
        at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:237)
        at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:195)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:111)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:51)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:116)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:666)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:398)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:903)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1769)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1189)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:658)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
        at java.base/java.lang.Thread.run(Thread.java:840)

Metadata

Metadata

Assignees

No one assigned

    Labels

    backport-sustaining/15.xPR marker for features that should be backported to sustaining/15.x.good first issueBeginner-friendly issues that serve as an excellent starting point for new contributors.

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions