Highlighted
Absent Member.. Absent Member..
Absent Member..
4746 views

SSO error

Jump to solution

Hi Experts ..,

 

i am getting error

 



Authentication failed. Contact your system administrator for assistance.

Authentication failure

 

while tryin to login to web using SSO , version is SM 9.30

0 Likes
18 Replies
Highlighted
Contributor.. Contributor..
Contributor..

Hi Roberto,

 

Iam also facing the same problem .The SSO in web is not working by giving the error "Authentication failed.Contact your system administrator for assistance"

 

I have put my web component in a different box .Using Windows client installed in that web server Iam able to connect using SSO.

 

Attached all the files

 

Please help .

 

Regards,

Shameer

0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Hi Shameer,

 

Which SM version is yours?

 

Also, as I first said on this thread. It is important fist to verify if SSL is working before testing SSO. Can you confirm if SSL works?

 

For what I have seen on your files, they seem to be OK. I just have 1 question regarding this parameter (inside the web.xml file):

 

<param-name>keystore</param-name>
<param-value>AUHHPSMWEBP01.gcaa-uae.gov.keystore</param-value>

 

Can you tell me where is this file located? I mean on which path. Remember that if you copied this file in your WEB-INF folder, the parameter should look as follows:

 

<param-name>keystore</param-name>
<param-value>/WEB-INF/AUHHPSMWEBP01.gcaa-uae.gov.keystore</param-value>

 

In case you modify any of this, remember to stop tomcat, clear the cache and restart it before testing.

 

Once again, be sure to get SSL working before you proceed to test SSO.

 

Regards,

Roberto

0 Likes
Highlighted
Contributor.. Contributor..
Contributor..

Hi Roberto,

 

Thanks for your reply

 

The HPSM Version Iam using is 9.34 .

 

SSL is perfectly working for me and I have corrected the path of the keystore also as per your suggestion .

 

But still it is not working .

 

Regards,

Shameer

0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Hi,

 

If you have confirmed that SSL is working on your webtier then there is not much left on SM to do. Your SM (server and client) configuration files seem to be OK to be able to connect to the application using also SSO.

 

The issue could be related to the web configuration, maybe your HTTP server (I guess you are using Apache HTTP) is not sending the user credentials on the HTTP request so it is not connecting; or in case it is sending that information, you need to make sure that this user (the one sent in the HTTP request) exists as a SM operator to be able to connect.

 

At this point I would suggest you to open a support ticket so that all SM details can be verified and/or you get a confirmation that you need to work on the HTTP and web app servers.

 

Regards,

Roberto.

0 Likes
Highlighted
Contributor.. Contributor..
Contributor..

Hi Roberto,

 

I told that the SSL is working for the windows clients and the SSL is not working from the webtier .

 

When i am trying to connect using the port 8080 using ssl it is giving an error saying that  "Service Manager Server is currently not available, please try again later."

 

What this error means ??

 
please help .
 
Regards,
Shameer
0 Likes
Highlighted
Established Member..
Established Member..

Hi Roberto,

 

I have Done the below configuration in SM Configuration file.

 

sm -loadBalancer -httpPort:13080 -httpsPort:13081 -sslConnector:1 -ssl:1
sm -httpPort:13082 -httpsPort:13083 -sslConnector:1 -ssl:0
sm -httpPort:13084 -httpsPort:13085 -sslConnector:1 -ssl:0

 

then its working obsolutely fine for SSO and Non SSO.

 

thanks for your solution.

 

 

Regards,

Nagaraja B Sagar

 

0 Likes
Highlighted
Absent Member.
Absent Member.

Hi Roberto,

I have a same issue like this, please guide.

In my SM environment SSO is enabled, when I'm consuming external web service in RUNwsdlTOjs i'm getting below error:-

Is thier any way I can remove SSL but SSO should work as it is?

WSDL request failed with exception Error calling method: doHttpRequest in class: com/hp/ov/sm/server/utility/HttpClient Exception (javax.net.ssl.SSLHandshakeEx
ception: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid
certification path to requested target)
Error calling method: doHttpRequest in class: com/hp/ov/sm/server/utility/HttpClient Exception (javax.net.ssl.SSLHandshakeException: sun.security.validator.Val
idatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested tar
get)

Below is my ini and cfg file

 

SM.ini+++++++++++++++

shared_memory:60000000
log:../logs/sm.log
system:13080
httpPort:13080
sslConnector:1
truststoreFile:cacerts
truststorePass:changeit
keystoreFile:servercert.keystore
keystorePass:Servercert
trustedsignon:1
ssl:1
ssl_trustedClientsJKS:trustedclients.keystore
ssl_trustedClientsPwd:TrustedClients
ssl_reqClientAuth:2
httpsPort:13444
ir_disable:0
debughttp:1
groupbindaddress:10.5.153.167
[oracle11]
sqldictionary:oracle11
sqldb:SM93
sqllogin:SM93_4/Helllo!u
sqllibrary:sqoracle.oci11.so
plugin0:libkmplugin.so
sessiontimeout:15
threadsperprocess:50
ldapauthenticateonly
ldapnostrictlogin:1
ldapstats:0

 

sm.cfg++++++++++++++++++++

# dedicated for thick client
#
sm -httpPort:13099 -httpsPort:13100 -trustedsignon:0 -ssl:0 -debugnode:1

#
# web client load balancer
#
sm -loadBalancer -httpPort:13080 -httpsPort:13444 -log:../logs/lb.log
sm -httpPort:13081 -httpsPort:13082
sm -httpPort:13083 -httpsPort:13084
sm -sync

#
# start background schedulers
#

sm system.start

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.