Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Highlighted
Keng Super Contributor.
Super Contributor.
352 views

SSPR 5015 Error with Access Manager OAuth Integration for SSO

Hi,

I am trying setup my AM 4.5 Appliance to integrate with SSPR 4.4 using OAuth for SSO. I had following the SSPR Integration with Access Manager documentation and configured accordingly.

When I try to access SSPR, it was redirected to AM for login. After AM Login, SSPR displayed the following error

Error 5015

An error has occurred. If this error occurs repeatedly please contact your help desk. { 5015 ERROR_INTERNAL (unexpected error processing request: com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_ARRAY at line 1 column 98 path $., cause:java.lang.IllegalStateException: Expected a string but was BEGIN_ARRAY at line 1 column 98 path $. [615C28403BD4C6EB1EA0307326F9F4DB0ABE7E79]) }

SSPR Error.png

 

Any clues?

Regards,

Keng

Labels (1)
0 Likes
13 Replies
Nihii Respected Contributor.
Respected Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

Try to reimport eDir cert into sspr and give it a try. 

0 Likes
Knowledge Partner
Knowledge Partner

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

And the NAM cert into the OSP and Tomcat keystores.

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

No OSP in used.

Regards,

Keng

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

Nihhi,

Error remain the same.

Regards,

Keng

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

All,

Updated the SSPR to SSPR 4.4.0.3, and the error now is different.

Error

SSPR 5071

An error using the OAuth authentication protocol has occurred. Please try again later. { 5071 ERROR_OAUTH_ERROR (OAuth server did not respond with an username value for configured attribute 'cn') } 

Strange,

Keng

0 Likes
Knowledge Partner
Knowledge Partner

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

I want to say, what does the OSP log show, but you are using NAM.  What does NAM show in its logs at the IDP level I think.

 

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

Geofrey,

IDP showed something like this


<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.OAuthApplication: 19 * Server has received a request on thread ajp-nio-127.0.0.1-9019-exec-25
19 > POST https://access.ijm.com/nidp/oauth/nam/userinfo
19 > accept-encoding: gzip
19 > authorization: Bearer eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIiwiY3R5IjoiSldUIiwiemlwIjoiREVGIiwia2lkIjoiMCJ9.rMabAg--d_SPqvcgDSQcJwwaeCHLic89.7SmAy5jTJJCc_Gpk.VaYUaAVM3VMWY6c9ujHseAkIBw6w3dIy3P3vsBWuToMvlmNgF4lmlFpUmLHHqBJJ2NXDymrjISX_3i86sFnKx2L8raMvZdOF5rcYJcUhhcwEeSK-47-vKdTx-LSI3tj4n0GXhkOyWjxLyA73TxZZrs4sM_UQZxjb8nHWPhlXrSgmPmaUiQPfnYhIfXLxc3Uij2x8GZuz9EvxHXYUP5uDf7mzjs7yoTxEGs7QSS-EQpKyY3ZG9BN1wyhWwpMSxAgQY0kO0PP5EVQ_y4YbK-Dt6NAHxtCUtXJ-G8ridMOnWpLRrWu_cQjPZO5mr3pVD7O4U-lgcv9SCtJodP_YQ01ByxctRWgc8jVRCG6Ap7PVuBHTzkEvcKAgsJluOaQRuSKdOKdCtjcdh5hEzTVTmMEPT1Z59gcBFg5Tavu40bSk0soNhmeA4PaRGC4ZCUS6Y4T9dgRxjzyf4SfX_ZVF_ws6_PdpvwtLve6nhaZWLgE_J96oCARl0RyX35Fu5fofrKOexPj64PBz2C3Q_PNua_ZEUfO1ecfNo044DaSDZVC3a0h1yXqmd-gqtx5UAO0xMUSqTmlU9a58FZIvujRiNKONk2nnqolw8ZT70WIeJR0aJY_bdci0iZNm5A_zP9RlcZDD_oy1yXk9t7Y8pkf8AOTIc4MHGZIrEAb944dvdZEsY6fBABH3Zh6aeJt6lQXKG-crIY8oPQDmO1rzB-aovIxsFsaxKQQX1Lztf3rqUtQhMZ0SNODvrNokZMaHpMe4bNvBoK2BBO27b2XOBGLkN-aVi0XK8hnSsyMZb6RuDYUb0EeFeiGybX1aev0xyd5kmZ3I2MxqR8bWqYT053eb4Ch80Lldys04h7wATzBQakLXv5ERE_zbyoepqq4q44mVB6Fjq6GaN_zDpFTUW9J_HOfxcKgPcs3sGsO9ao07MEbqyubBZCQ-hUp8RzsYLce1-jbJ3b6Fod0vIcVFlnBP1Dzotx7-ITupx34z3ka3PTF7SYEYx7tWjAca3cHp0nw10j5o2CYSkBjsWZS2OKxNFqfiNo4UHOQR8OtKfGqxQIpUzVjun9S-He8akIJAgatXN64Yt8xkQ6ztf6u9XViibuD_xdAL9TM7qCwNgghtZHiQebMLBoQIf_MVrwxzkrUBC54rVfTuWx36Nj0EpmFQDXtLJda5Y5qMG-zfPuUErNsT_3ZBaXOTpNqCjFinhvdcQuZr1AB2Wj-2ZguJX0xg1p_SUCNkT_btLl8FD7p-6vPGdmxlrKGE0D3acXQ6uRo0vxLQCOzHggarjU2vpoiZbzG43YVPUV1LxLJtLqMW_R4OJS-JasAkxc5Yd-N5tAtrsz-kF-npzGKCZiPOOsEKfgZ0gUQVwpXBhF2H3gsxV5vEBgOoJ_4929aGygVWknF5DQoE8ArbOibdEuJD3b-Z8Lx8yUZSTXWSrNN2thbis-1Q5g2Mggk_kv-6wNZ9_jVlT0zcgnNvExb8mKN_3Fmo-a5MGyYaZZ7MU7x1YK7fJUPXmiHbEw0smKabkIJATNOp4O2v6P5NlysoAQ6_bKuFYbHmvDtNKR-E4xvhj02zDB3vpzwnlJjTvV94sdb91wl32FR1Wo3dSET8scg_DwPOIAjYAFQzftxnIpg14dGszAXwbYqTO5o.360j05fGJ6n8IM2wPI_ZcA
19 > connection: Keep-Alive
19 > content-length: 1852
19 > content-type: application/x-www-form-urlencoded; charset=UTF-8
19 > host: access.ijm.com
19 > user-agent: SSPR v4.4.0.3 b380 r39786
19 > Via: 1.1 access.ijm.com (Access Gateway-ag-231274FE13CD3C7F-29)
</amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPKeyService: Searching enc key with alias name=OAuth2_Enc_key_0 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.config.OAuth2ConfigManager: found tenant: nam for kid: 276628955765656148455151535342113914100 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.tokens.OAuth2Token: verifySign: signature valid </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPKeyService: Searching enc key with alias name=OAuth2_Enc_key_0 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPKeyService: Searching enc key with alias name=OAuth2_Enc_key_0 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.config.OAuth2ConfigManager: found tenant: nam for kid: 276628955765656148455151535342113914100 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.tokens.OAuth2Token: verifySign: signature valid </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPKeyService: Searching enc key with alias name=OAuth2_Enc_key_0 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
Target object dn: cn=ktlow,ou=HQ,o=ijm
Acting as: cn=ktlow,ou=HQ,o=ijm
Attr: GUID
Attr: fullname
Attr: cn
Attr: loginIntruderAttempts
</amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: LDAPUserAuthority.doLoginPolicyCheck
Thread: ajp-nio-127.0.0.1-9019-exec-25
Invoking login policy execution on server (thru ldap extension) for user cn=ktlow,ou=HQ,o=ijm </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.UserInfoEndpoint: Validating token... </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.UserInfoEndpoint: Token format is JWT, token type is: ACCESS, access token ID: 42e1aeee-77f2-44ba-832c-fb0439652d98 its corresponding refresh token ID: 06b9f8e9-2f0b-4967-9c3e-9723c308dabc </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.config.OAuth2ConfigManager: is Token Revocation disabled for tenant nam - false </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPLoginService: Verify token 42e1aeee-77f2-44ba-832c-fb0439652d98 is revoked or not </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPLoginService: LDAP Replica Id in the token 2ba484a5-78d7-3656-8c00-895a3b874235 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPLoginService: Before call getAttribute() - ReplicaId: 2ba484a5-78d7-3656-8c00-895a3b874235 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
Target object dn: cn=ktlow,ou=HQ,o=ijm
Acting as: cn=ktlow,ou=HQ,o=ijm
Attr: nidsOAuthGrant
</amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
getNextConnection() replica selected from preferred </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPLoginService: After call getAttribute() - ReplicaId: 2ba484a5-78d7-3656-8c00-895a3b874235 </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.grants.OAuth2ClientGrant: Check user's issued refresh token list contains refresh tokenID: 06b9f8e9-2f0b-4967-9c3e-9723c308dabc </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.grants.OAuth2ClientGrant: Token found in user's issued token list. </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.NIDPLoginService: The token is valid. </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Session Logger: com.novell.nam.nidp.oauth.core.UserInfoEndpoint: Is valid token: true </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: NIDPResourceManager.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
NIDPResource LDAPModelResources_en_US.properties not yet registered! Loading!
NIDPResource loaded and cached! name: LDAPModelResources_en_US.properties, value: LDAPModelResources_en_US.properties
</amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: ae87a5fb6e433a62a0a05f34f814b611480857359b342b8e3670bf8b1770c7a1, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: ae87a5fb6e433a62a0a05f34f814b611480857359b342b8e3670bf8b1770c7a1, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
Target object dn: cn=ktlow,ou=HQ,o=ijm
Acting as: cn=ktlow,ou=HQ,o=ijm
Attr: *
Attr: +
</amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: ajp-nio-127.0.0.1-9019-exec-25
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: e5c5904264b1dad76f63216a683b552db468db86b70f0a3b370270f1215dc2cb, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: e5c5904264b1dad76f63216a683b552db468db86b70f0a3b370270f1215dc2cb, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: 4fbf278026ef7c69ffa3ffe12f2769bb5b5ae39121bb299c55db6121efd1f94c, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: 4fbf278026ef7c69ffa3ffe12f2769bb5b5ae39121bb299c55db6121efd1f94c, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: cb96574f49af588a079b1a59306d7a5e6d3ccaf749105fd5d12a6985ff845ce5, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: cb96574f49af588a079b1a59306d7a5e6d3ccaf749105fd5d12a6985ff845ce5, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: a41232ec944302a81b87e247d1090dad7cb037a102fa2071d83c8e16584930b4, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: a41232ec944302a81b87e247d1090dad7cb037a102fa2071d83c8e16584930b4, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: 24fa04cea2c7ca74390da9822a931872de79bb4d4b18c798b59cdc4d80f23a2b, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: 24fa04cea2c7ca74390da9822a931872de79bb4d4b18c798b59cdc4d80f23a2b, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: e2997393d5dbf720665877e08e8ec4ce5b56d56fb54953f03e73df86dd51f43b, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: e2997393d5dbf720665877e08e8ec4ce5b56d56fb54953f03e73df86dd51f43b, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: ca6fd14afc8458e7cb6b174574a73813d6b4f2362ca63f2b370abb36c0d1b77e, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: ca6fd14afc8458e7cb6b174574a73813d6b4f2362ca63f2b370abb36c0d1b77e, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: dda5dce36c9f3354bcaa62bfe6eb6b4785544a33152b1cae8a445293df02b131, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: dda5dce36c9f3354bcaa62bfe6eb6b4785544a33152b1cae8a445293df02b131, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: a3a45ed963d81d52da3c5710a2de3cc47d3d96dc8e3413929de8f3b028f7f121, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: a3a45ed963d81d52da3c5710a2de3cc47d3d96dc8e3413929de8f3b028f7f121, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: 3b01b2748049aee4a8798cb8c759d31cc4da69bdef2fdde6e0bdfdaebe7419df, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: 3b01b2748049aee4a8798cb8c759d31cc4da69bdef2fdde6e0bdfdaebe7419df, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: 8218a6da81ffa2ffa997f45097781b7fbba723637ae890c543205cb2eb0997fa, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: 8218a6da81ffa2ffa997f45097781b7fbba723637ae890c543205cb2eb0997fa, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: ddfdf0f3f6198ce9556969b8c713195930dcf931ef0a210e1d3bd25b75379615, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: ddfdf0f3f6198ce9556969b8c713195930dcf931ef0a210e1d3bd25b75379615, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from in memory HashMap: Key: 161d17f6ec6485e3824fec4f8e3932e3d1b124582a5ae135dddab68d86c16156, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z DEBUG NIDS Application:
Method: SwapHashMap.get
Thread: ajp-nio-127.0.0.1-9019-exec-25
Object gotten from swap file: Key: 161d17f6ec6485e3824fec4f8e3932e3d1b124582a5ae135dddab68d86c16156, low memory: false, Object: null </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.core.OAuth2ClaimsResponse: OAuth2 Claim response success </amLogEntry>

<amLogEntry> 2019-09-23T07:43:44Z INFO NIDS Session Logger: com.novell.nam.nidp.oauth.nidp.servlets.OAuthApplication: 20 * Server responded with a response on thread ajp-nio-127.0.0.1-9019-exec-25
20 < 200
20 < Content-Type: application/json
</amLogEntry>

Regards,

Keng

0 Likes
ericveysey Trusted Contributor.
Trusted Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

That looks clean, can you post your SSPRConfiguration.xml and your Catalina.out from SSPR?

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

Hi,

Here they are

0 Likes
ericveysey Trusted Contributor.
Trusted Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

I had a look at these and there are a number of errors preceding the one you posted. 

5076 ERROR_CRYPT_ERROR (unexpected error reading login cookie, will clear and ignore; error: 5076 ERROR_CRYPT_ERROR

Seems to be the first one. 

I did see this one as well. 

5071 ERROR_OAUTH_ERROR (OAuth server did not respond with an username value for configured attribute 'cn'

Did you configure your scope to send the cn?

 

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

Hi,

YES. I am using the default NAM scope "profile" which have the cn as part of attribute.

Regards,

Keng

0 Likes
Keng Super Contributor.
Super Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

Hi All,

The issue is resolved. 

I was using the dafault OAuth Scope 'profile' which have LDAP:cn attribute in place which is as specified in the documentation. However after under a lot of test and even with a SR Support, nothing seems wrong.

However with deeper investigating the 'Profile' Attribute Set, it was found that it was mapping as 'nickname' remote attribute. This sounded a bit strange to me.

Screenshot 2019-10-11 at 2.36.15 PM.png

Hence I create a new 'SSPR' Attribute Set with LDAP:cn local attribute and mapping of 'cn' remote attribute. Create a new OAuth Scope 'sspr' and Update Identity Server. Modify SSPR to use the sspr scope and apply configuration.

Screenshot 2019-10-11 at 2.35.29 PM.png

Test SSPR Login, and this time I can successfully login to SSPR via NAM.

Then doing further test by modify SSPR to use the default NAM scope 'profile' and this time use 'nickname' as the Login Attribute. Apply and test. No error.

So this is where the Documentation is not clear I presumed.

Regards,

Keng

0 Likes
ericveysey Trusted Contributor.
Trusted Contributor.

Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO

That makes sense. So the CN wasn’t mapped to CN. A bit strange the default profile would be like that. I’m assuming most people would have to change it back to CN-CN.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.