User Application throws error after login in with OSP

 
Hi Team,
 
I have set up NetIQ IDM in Windows Server 2016.
 
When I access Identity Applications, I am prompted for credentials by OSP and after authentication, I get redirected to Application, the application throws following error on Browser. On refreshing the application keeps on loading.
 
Error!
An error has occurred while processing your request. Please contact the administrator, or click the refresh button and try again
 
 
 
idapps.out file gives following error
2019-08-06 20:44:58,340 [ERROR] OAuthRestFilter [RBPM] An error occurred while attempting to contact the authentication service.
2019-08-06 20:44:58,353 [ERROR] OAuthRestFilter [RBPM] An error occurred while attempting to contact the authentication service.
 
 
Any help greatly appreciated.
 
Thanks,
Jaydeep Mehta
 
 
 
Parents
  • This sounds like a broken / not configured RBPM SAML authentication.

    In the idapps.out log file, on startup, do you see something like:

    2019-09-13 16:06:54,161 [ERROR] OAuthFilter [RBPM] Missing private key for SSO header signature. 2019-09-13 16:06:54,161 [ERROR] OAuthFilter [RBPM] Failed to initialize SSO Filter oauth due to configuration problem. 2019-09-13 16:06:54,164 [ERROR] OAuthRestFilter [RBPM] Missing private key for SSO header signature. 2019-09-13 16:06:54,164 [ERROR] OAuthRestFilter [RBPM] Failed to initialize SSO Filter oauth due to configuration problem. 2019-09-13 16:06:55,017 [WARN] AuthTokenGenerator [RBPM] Failed to initialize SSO: Missing or corrupted SSO filter settings. 2019-09-13 16:06:55,017 [INFO] AuthTokenGenerator [RBPM] SSO Framework is disabled.

    If so, run configupdate.sh, enable advanced settings, switch to the SSO Clients tab, and find the RBPM to eDirectory SAML configuration option. Change it to "Auto" and save the change. It will (re)create the objects under the cn=Security container that allows RBPM to do SSO to eDirectory.

    You should see something like:

    2019-09-16 12:07:38,385 [INFO] OAuthFilter [RBPM] SSO Filter oauth is enabled. 2019-09-16 12:07:38,388 [INFO] OAuthRestFilter [RBPM] SSO Filter oauth is enabled. 2019-09-16 12:07:39,289 [INFO] AuthTokenGenerator [RBPM] SSO Framework is enabled.

    if SSO is working.

     

Reply
  • This sounds like a broken / not configured RBPM SAML authentication.

    In the idapps.out log file, on startup, do you see something like:

    2019-09-13 16:06:54,161 [ERROR] OAuthFilter [RBPM] Missing private key for SSO header signature. 2019-09-13 16:06:54,161 [ERROR] OAuthFilter [RBPM] Failed to initialize SSO Filter oauth due to configuration problem. 2019-09-13 16:06:54,164 [ERROR] OAuthRestFilter [RBPM] Missing private key for SSO header signature. 2019-09-13 16:06:54,164 [ERROR] OAuthRestFilter [RBPM] Failed to initialize SSO Filter oauth due to configuration problem. 2019-09-13 16:06:55,017 [WARN] AuthTokenGenerator [RBPM] Failed to initialize SSO: Missing or corrupted SSO filter settings. 2019-09-13 16:06:55,017 [INFO] AuthTokenGenerator [RBPM] SSO Framework is disabled.

    If so, run configupdate.sh, enable advanced settings, switch to the SSO Clients tab, and find the RBPM to eDirectory SAML configuration option. Change it to "Auto" and save the change. It will (re)create the objects under the cn=Security container that allows RBPM to do SSO to eDirectory.

    You should see something like:

    2019-09-16 12:07:38,385 [INFO] OAuthFilter [RBPM] SSO Filter oauth is enabled. 2019-09-16 12:07:38,388 [INFO] OAuthRestFilter [RBPM] SSO Filter oauth is enabled. 2019-09-16 12:07:39,289 [INFO] AuthTokenGenerator [RBPM] SSO Framework is enabled.

    if SSO is working.

     

Children
No Data