User Application throws error after login in with OSP

 
Hi Team,
 
I have set up NetIQ IDM in Windows Server 2016.
 
When I access Identity Applications, I am prompted for credentials by OSP and after authentication, I get redirected to Application, the application throws following error on Browser. On refreshing the application keeps on loading.
 
Error!
An error has occurred while processing your request. Please contact the administrator, or click the refresh button and try again
 
 
 
idapps.out file gives following error
2019-08-06 20:44:58,340 [ERROR] OAuthRestFilter [RBPM] An error occurred while attempting to contact the authentication service.
2019-08-06 20:44:58,353 [ERROR] OAuthRestFilter [RBPM] An error occurred while attempting to contact the authentication service.
 
 
Any help greatly appreciated.
 
Thanks,
Jaydeep Mehta
 
 
 
Parents
  • So has this ever worked?

    If not, check for certificates.

    OSP Cert - self signed

    Tomcat Cert - usually publicallly signed

    eDir tree CA Cert - usually not trusted.

    NAM SAML Cert - usually self signed.

     

    The osp keystore has the OSP private key.

    The Tomcat keystore has the Tomcat private key.

    OSP Keystore should tehn get added the public key of the signers/trusted roots of the Tomcat, eDir CA, and NAM certs.

    Tomcat keystore should then get added the public key of the signers/trusted roots of the OSP, eDir CA and NAM certs.

    Steve says there is a specific pattern that minimizes this, however I find this seems to guarentee everything is trusted.

     

Reply
  • So has this ever worked?

    If not, check for certificates.

    OSP Cert - self signed

    Tomcat Cert - usually publicallly signed

    eDir tree CA Cert - usually not trusted.

    NAM SAML Cert - usually self signed.

     

    The osp keystore has the OSP private key.

    The Tomcat keystore has the Tomcat private key.

    OSP Keystore should tehn get added the public key of the signers/trusted roots of the Tomcat, eDir CA, and NAM certs.

    Tomcat keystore should then get added the public key of the signers/trusted roots of the OSP, eDir CA and NAM certs.

    Steve says there is a specific pattern that minimizes this, however I find this seems to guarentee everything is trusted.

     

Children
No Data