Call FM RSRD_X_MAP_TO_PRTL_USERS_PROXY , SSO Authentication fail

Dear all:
We have finished EP &BW configuration and also check setting with Diagnosis tool. The lights are all green. But when we tried to publish query to EP, after chosing PCD folder the query would go , an JAVA error message shown up :
Java system error: call FM RSRD_X_MAP_TO_PRTL_USERS_PROXY to ProgId <J2EE Program> on host <EP host name> with SSO not authorized: Authentication fail.
We tried a lot of means, even issued OSS message... Still no good found
HELP !!!
BRs
SZU

Please check if the integration and sso configuration did correctly
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b0a5216a-349c-2a10-9baf-9d4797349f6a
Hope it Helps
Chetan
@CP..

Similar Messages

SSO not authorized: Authentication failed.

Dear Experts,
I made a homogeneous system copy of my BI 70 prod to quality. I followed the steps according to the docs. After the system copy I did applying new licenses( ABAP, Portal, J2ee) , deleting old portal abap certficates, creating them on both portal & abap, exchage the certificates. All done as per the docs
Now the ABAP engine is trusting the portal. I mean I am able to login into portal.
But Portal is not trusting the ABAP, I have issues with BEx tools.
I did many times delete certficates, exchange them manually and using template installer.
I also followed the Notes
917950 - SAP NetWeaver 2004s: Setting Up BEx Web
888687 - BEx Web Java: Analysis of communication/logon problems
No use, Now I coming back to square one.
Has anyone has special thoughts on this issue?
Thanks for your time and help.
MB

I did many times delete certficates, exchange them manually and using template installer.
I also followed the Notes
917950 - SAP NetWeaver 2004s: Setting Up BEx Web
888687 - BEx Web Java: Analysis of communication/logon problems
support desktool as per
note 937697
SE38 ( RSPOR_SETUP ).... etc
All are failing at one point.
================================================
Status 12: Maintain User Assignment in Portal System failure during call of function module RSWR_RFC_SERVICE_TEST
This is the error message we are getting on the Java cluster log
#1.#000255334607006B00000026003D500800044709864436FE#1204006139737#com.sap.engine.services.rfcengine##com.sap.engine.services.rfcengine.handleRequest#J2EE_GUEST#0####522996e0e43111dc9cb8000255334607#SAPEngine_Application_Thread[impl:3]_27##0#0#Error##Plain###java.lang.RuntimeException:
call FM RSWR_PREEXECUTION_PROXY to ProgId BIQ_PORTAL_BIQ on host
afgprd01 with SSO not authorized: Authentication failed.
===============================================
No use, No use ....Now I coming back to square one.
Has anyone has special thoughts on this issue?
Thanks for your time and help.
MB

Managed System Configuration: SSO setup failed for Solution Manager 7.1 sp11

Hi Folks,
While doing Managed System Configuration for Soman system i am getting error in SSO Setup
Currently I am in
8. Configure Automatically :Single Sign On Setup
This is i am going for managed System (Solution Manager System Itself)
Below is error log..
SSO setup failed : a problem occured while attempting to add login modules for ticket authentication
Screen shot attached.
Found SID for SSO ACL entry : SMP
Found login.ticket_client for SSO ACL entry : 000
The Read entry permission on TicketKeystore/SAPLogonTicketKeypair-cert was given to sap.com/tc~webadministrator~solmandiag/servlet_jsp/smd/root/WEB-INF/lib/SetupLib.jar
The TicketKeystore/SAPLogonTicketKeypair-cert was succesfully read (619 bytes)
The SSO ticket Certificate <OU=J2EE,CN=SMP> has been successfully imported into ticket Keystore
SSO setup failed : a problem occured while attempting to add login modules for ticket authentication
SSO setup failed : error while updating login modules : Caller not authorized.; nested exception is:
java.lang.SecurityException: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:634)
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:520)
at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:170)
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:158)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:63)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:225)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:336)
at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:201)
at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:137)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
The SSO ticket Certificate <CN=SMP> has been successfully imported into ticket Keystore
SSO setup failed : a problem occured while attempting to add login modules for ticket authentication
SSO setup failed : error while updating login modules : Caller not authorized.; nested exception is:
java.lang.SecurityException: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:634)
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:520)
at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:170)
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:158)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:63)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:225)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:336)
at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:201)
at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:137)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Exception
java.rmi.RemoteException: Caller not authorized.; nested exception is:
java.lang.SecurityException: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:634)
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:520)
at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:170)
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:158)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:63)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:225)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:336)
at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:201)
at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:137)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:160)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:63)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:225)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:336)
at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:201)
at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:137)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: java.lang.SecurityException: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:634)
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:520)
at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:170)
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:158)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:63)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:225)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:336)
at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:201)
at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:137)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
at com.sap.engine.services.security.exceptions.BaseSecurityException.writeReplace(BaseSecurityException.java:349)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:331)
at java.io.ObjectStreamClass.invokeWriteReplace(ObjectStreamClass.java:910)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1024)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1344)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1316)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1260)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1065)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:282)
at com.sap.engine.services.rmi_p4.DispatchImpl.throwException(DispatchImpl.java:147)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:338)
... 8 more
Regards,
San

Hi Sandeep,
It seems authorization issue. Please check the below SAP Note :
1988642 - Warning 'caller not authorized' in Step 'Single Sign On Setup'
Hope this helps.
Thanks & Regards,
Nisha

SSO is failing in custom login module

Hi All,
We are facing a problem with SSO in Portal, which is being called from another Intranet Application after
SP Upgrade. We have a common Intranet site which is a center point of access to many other applications like Portal, Java etc.
We used Login Custom Module Applicatio to develop the SSO from Local Intranet to Portal.
It was working fine till the SP Upgrade.
We were earlier using EP7 SP15 and IE6.
Now we upgraded to EP7 SP24. IE is 6 only. But now SSO is failing.
When Portal Link is clicked from the Local Intranet site it is re directing to Portal Authentication Screen,
insted of loggging in directly.
Kindly help in this.
Regards,
V V Lakshmi.

Hi,
Thank you for your reply. Already placed log files and it is failing at HttpSetterCallBack Handler.
It is returning a callback.gettype() value "17". Do you have any idea why is this 17 coming from?
Regards,
V V Lakshmi

User Authentication Failed error when trying to display a JSP portlet

The steps carried out are as follows :
1. Created a JSP file named "c.jsp" and deployed it under 902_MidTier_Home\j2ee\home\default-web-app\examples\jsp
2. Created a table named USER_TABLE under Scott schema to store the usernames and passwords to validate this JSP application.
3. Registered this JSP as an external application with the following values :
Application Name           : RAGHU
Login URL          : http://hostname:port/j2ee/examples/jsp/c.jsp
User Name/ID Field Name     : username
Password Field Name     : password
Type of Authentication Used : POST
3. Clicked on the External Application and entered the username as USER1 and password as USER1 ( These values are available
under USER_TABLE for comparison ). Then it shows the message "Hi User1 .. Welcome message"
4. Now created a directory named JSPSAMPLE under "WEB-INF\Providers" and put the provider.xml file under this.
Created a raghu.properties file and placed it under "WEB-INF\deployment".
5. Now tested the testpage using the URL " http://hostname:port/jpdk/providers/raghu " and it works fine.
6. Registered this as a provider in Portal and added this portlet onto a page. Assigned this page to a newly created user.
It gives the message " Authentication Failed - Update Login Information " which is expected. I click on the link and
it takes me to the external application username password. I enter the credentials but this time it comes back again
to the page with the same message " Authentication Failed - Update Login Information ".
7. Basically the values are not passed to the Username and Password in jsp page which is why the problem occurs.
The JSP Code used is as follows :
<%@ page import="java.sql.*" %>
<HTML>
<HEAD><TITLE>DB Connectivity test</TITLE></HEAD>
<BODY BGCOLOR="#FFFFFF">
<CENTER>
<B>user_table</B>
<BR><BR>
<%
String username = request.getParameter("username");
String password = request.getParameter("password");
Connection conn = null;
try
Class.forName("oracle.jdbc.driver.OracleDriver");
conn = DriverManager.getConnection("jdbc:oracle:thin:@hostname:1521:iasdb","scott","tiger");
Statement stmt = conn.createStatement();
String query = "SELECT * FROM user_table where userid= '"+ username +"' and passwd = '" + password + "' " ;
ResultSet rs = stmt.executeQuery(query);
while(rs.next())
out.println("<TR>");
out.println(" <TD> hi " + rs.getString("userid") + ", welcome</TD>");
out.println("</TR>");
out.println("</TABLE>");
catch(SQLException e)
out.println("SQLException: " + e.getMessage() + "<BR>");
while((e = e.getNextException()) != null)
out.println(e.getMessage() + "<BR>");
out.println("invalid userid,password");
catch(ClassNotFoundException e)
out.println("ClassNotFoundException: " + e.getMessage() + "<BR>");
finally
//Clean up resources, close the connection.
if(conn != null)
try
conn.close();
catch (Exception ignored) {}
%>
</CENTER>
</BODY>
</HTML>
The Provider.xml file used is as follows :
<?xml version="1.0" encoding="UTF-8"?>
<?providerDefinition version="3.1"?>
<provider class="oracle.portal.provider.v2.http.URLProviderDefinition">
     <providerInstanceClass>oracle.portal.provider.v2.http.URLProviderInstance</providerInstanceClass>
     <session>true</session>
     <authentication class="oracle.portal.provider.v2.security.Authentication">
          <authType>ExternalApp</authType>
          <userFieldName>username</userFieldName>
          <userPwdName>password</userPwdName>
          <errorPageMessages>Raghu,Please sign in,Sign me up!</errorPageMessages>
     </authentication>
     <portlet class="oracle.portal.provider.v2.http.URLPortletDefinition">
          <id>1</id>
          <name>RaghuPortlet</name>
          <title>Raghu Mail Portlet</title>
          <description>This portlet is to test Integration services using mail.yahoo.com</description>
          <timeout>100</timeout>
          <timeoutMessage>Raghu timed out</timeoutMessage>
          <showEdit>false</showEdit>
          <showEditDefault>false</showEditDefault>
          <showPreview>false</showPreview>
          <showDetails>false</showDetails>
          <hasHelp>false</hasHelp>
          <hasAbout>false</hasAbout>
          <acceptContentType>text/html</acceptContentType>
          <registrationPortlet>false</registrationPortlet>
          <accessControl>public</accessControl>
          <renderer class="oracle.portal.provider.v2.render.RenderManager">
               <showPage class="oracle.portal.provider.v2.render.http.URLRenderer">
                    <pageUrl>http://172.17.24.235:8888/c.jsp</pageUrl>
                    <contentType>text/html</contentType>
                    <filter class="oracle.portal.provider.v2.render.HtmlFilter">
                         <useAuthLinks>true</useAuthLinks>
                         <headerTrimTag><table width="100%" cellpadding=0 cellspacing=0 border=0><tr><td bgcolor=#9bbad6></headerTrimTag>
                         <footerTrimTag><table width="100%" cellpadding=2 cellspacing=1><tr><td bgcolor=#9bbad6></footerTrimTag>
                         <convertTarget>true</convertTarget>
                         <redirectUrlFieldName>.done</redirectUrlFieldName>
                    </filter>
               </showPage>
          </renderer>
          <securityManager class="oracle.portal.provider.v2.security.URLSecurityManager">
               <authorizType>registered</authorizType>
          </securityManager>
     </portlet>
</provider>
The Contents of raghu.properties file
serviceClass=oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter
loaderClass=oracle.portal.provider.v2.http.DefaultProviderLoader
showTestPage=true
definition=providers/raghu/provider.xml
autoReload=true
Any inputs regarding why the values are passed properly in case of External Application but not so when registered as
a portlet in Portal.
Regards
Satish G

As I can see from the information posted, you are trying to
use URL-based portlet's SSO feature, though not in a correct
way.
The SSO feature of URL-based portlets relie on the usage
of Cookies as authentication tokens. For example, in the
present context, http://hostname:port/j2ee/examples/jsp/c.jsp
will write a cookie to the client upon successfull authentication.
Subsequent access to the same JSP or some other JSP in the same
workspace should be checking for the existence of this particular
cookie at the client side and if found should not prompt for
user information again.
If you can fine tune your existing applications as per above
conditions, then everything should work fine. Else you might
want to use page parameters to pass user information.
For more information on page parameters, please visit
http://portalstudio.oracle.com/servlet/page?_pageid=350&_dad=ops&_schema=OPSTUDIO&12678_PDKHOME902_39847486.p_subid=249821&12678_PDKHOME902_39847486.p_sub_siteid=73&12678_PDKHOME902_39847486.p_edit=0#NEW1

802.1x port authentication failing after getting a access-accept packet

Hi all,
Im not 100% sure what the hell is going on here.
Any idea's or help will be appreciated.
Heres the topology.
1 x windows 2012 NPS
1x 3750X
1x Windows 7 x64
data flow
<laptop> - - [gi 1/0/13]<3750X>[gi 1/0/48]- -[gi 5/39]<6513>[po 1] - - [po 4]<6509><5/1> - - <VMWARE>[NPS Server]
The switch that is doing the authentication is the 3750X. Here is the IOS version.
Switch Ports Model              SW Version            SW Image
*    1 54    WS-C3750X-48       15.2(1)E              C3750E-UNIVERSALK9-M
A wireshark trace on the NPS server shows that the packets are arriving and being sent back
Wireshark on a mirror of the trunk port connecting the 6513. It also shows packets being sent and arriving. access-accept packets are being recieved.
As you can see in the debug output, the switch is getting a access-accept, then it is stating a AAA failure.
here is a debug output as you plug in the laptop.
Oct 24 10:53:44.653: dot1x-ev:[Gi1/0/13] Interface state changed to DOWN
Oct 24 10:53:44.653: dot1x-ev:[Gi1/0/13] No DOT1X subblock found for port down
Oct 24 10:53:45.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to down
Oct 24 10:53:46.641: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down
Oct 24 10:53:47.538: dot1x-ev:[Gi1/0/13] Interface state changed to UP
Oct 24 10:53:47.564: dot1x-packet:[6431.500e.9b00, Gi1/0/13] queuing an EAPOL pkt on Auth Q
Oct 24 10:53:47.572: dot1x-ev:DOT1X Supplicant not enabled on GigabitEthernet1/0/13
Oct 24 10:53:47.572: dot1x-packet:EAPOL pak rx - Ver: 0x1 type: 0x1
Oct 24 10:53:47.572: dot1x-packet: length: 0x0000
Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Dequeued pkt: Int Gi1/0/13 CODE= 0,TYPE= 0,LEN= 0
Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Received pkt saddr =6431.500e.9b00 , daddr = 0180.c200.0003, pae-ether-type = 888e.0101.0000
Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Couldn't find the supplicant in the list
Oct 24 10:53:47.572: dot1x-ev:[6431.500e.9b00, Gi1/0/13] New client detected, sending session start event for 6431.500e.9b00
Oct 24 10:53:47.572: AAA/BIND(00000047): Bind i/f
Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Sending create new context event to EAP for 0x15000045 (6431.500e.9b00)
Oct 24 10:53:47.580: EAP-EVENT: Received context create from LL (Dot1x-Authenticator) (0x15000045)
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Received AAA ID 0x00000047 from LL
Oct 24 10:53:47.580: EAP-AUTH-AAA-EVENT: Assigning AAA ID 0x00000047
Oct 24 10:53:47.580: EAP-AUTH-AAA-EVENT: CTS not enabled on interface Gi1/0/13
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Received Session ID "C0A846660000004700DF6030" from LL
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Setting authentication mode: Passthrough
Oct 24 10:53:47.580:     eap_authen : initial state eap_auth_initialize has enter
Oct 24 10:53:47.580: EAP-EVENT: Allocated new EAP context (handle = 0xE8000047)
Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Created a client entry (0x15000045)
Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Dot1x authentication started for 0x15000045 (6431.500e.9b00)
Oct 24 10:53:47.580: %AUTHMGR-5-START: Starting 'dot1x' for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.580: EAP-EVENT: Received EAP event 'EAP_AUTHENTICATOR_START' on handle 0xE8000047
Oct 24 10:53:47.580:     eap_authen : during state eap_auth_initialize, got event 25(eapStartTmo)
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_initialize -> eap_auth_select_action
Oct 24 10:53:47.580:     eap_authen : during state eap_auth_select_action, got event 20(eapDecisionPropose)
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_select_action -> eap_auth_propose_method
Oct 24 10:53:47.580:     eap_authen : idle during state eap_auth_propose_method
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_propose_method -> eap_auth_method_request
Oct 24 10:53:47.580:     eap_authen : idle during state eap_auth_method_request
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_method_request -> eap_auth_tx_packet
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Current method = Identity
Oct 24 10:53:47.580: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_CUSTOMIZE_ID_REQUEST' on handle 0xE8000047
Oct 24 10:53:47.580:     eap_authen : idle during state eap_auth_tx_packet
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_tx_packet -> eap_auth_idle
Oct 24 10:53:47.589: EAP-AUTH-TX-PAK: Code:REQUEST ID:0x1   Length:0x0005 Type:IDENTITY
Oct 24 10:53:47.589: EAP-EVENT: Started 'Authenticator ReqId Retransmit' timer (30s) for EAP sesion handle 0xE8000047
Oct 24 10:53:47.589: EAP-EVENT: Started EAP tick timer
Oct 24 10:53:47.589: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_TX_PACKET' on handle 0xE8000047
Oct 24 10:53:47.597: dot1x-ev:[Gi1/0/13] Sending EAPOL packet to group PAE address
Oct 24 10:53:47.597: dot1x-ev:[Gi1/0/13] Sending out EAPOL packet
Oct 24 10:53:47.597: dot1x-packet:EAPOL pak Tx - Ver: 0x3 type: 0x0
Oct 24 10:53:47.597: dot1x-packet: length: 0x0005
Oct 24 10:53:47.597: dot1x-packet:EAP code: 0x1 id: 0x1 length: 0x0005
Oct 24 10:53:47.597: dot1x-packet: type: 0x1
Oct 24 10:53:47.597: dot1x-packet:[6431.500e.9b00, Gi1/0/13] EAPOL packet sent to client 0x15000045
Oct 24 10:53:47.606: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Queuing an EAPOL pkt on Authenticator Q
Oct 24 10:53:47.606: dot1x-packet:EAPOL pak rx - Ver: 0x1 type: 0x0
Oct 24 10:53:47.606: dot1x-packet: length: 0x001F
Oct 24 10:53:47.606: dot1x-ev:[Gi1/0/13] Dequeued pkt: Int Gi1/0/13 CODE= 2,TYPE= 1,LEN= 31
Oct 24 10:53:47.606: dot1x-ev:[Gi1/0/13] Received pkt saddr =6431.500e.9b00 , daddr = 0180.c200.0003, pae-ether-type = 888e.0100.001f
Oct 24 10:53:47.606: dot1x-packet:EAPOL pak rx - Ver: 0x1 type: 0x0
Oct 24 10:53:47.606: dot1x-packet: length: 0x001F
Oct 24 10:53:47.606: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Response sent to the server from 0x15000045
Oct 24 10:53:47.606: EAP-EVENT: Received LL (Dot1x-Authenticator) event 'EAP_RX_PACKET' on handle 0xE8000047
Oct 24 10:53:47.606: EAP-AUTH-RX-PAK: Code:RESPONSE ID:0x1   Length:0x001F Type:IDENTITY
Oct 24 10:53:47.606:     Payload: 47454E4552414C5C72616E64792E636F ...
Oct 24 10:53:47.606:     eap_authen : during state eap_auth_idle, got event 1(eapRxPacket)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_idle -> eap_auth_received
Oct 24 10:53:47.606: EAP-AUTH-EVENT: EAP Response received by context 0xE8000047
Oct 24 10:53:47.606: EAP-AUTH-EVENT: EAP Response type = Identity
Oct 24 10:53:47.606: EAP-EVENT: Stopping 'Authenticator ReqId Retransmit' timer for EAP sesion handle 0xE8000047
Oct 24 10:53:47.606:     eap_authen : during state eap_auth_received, got event 10(eapMethodData)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_received -> eap_auth_method_response
Oct 24 10:53:47.606: EAP-AUTH-EVENT: Received peer identity: GENERAL\randy.coburn.admin
Oct 24 10:53:47.606: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_IDENTITY' on handle 0xE8000047
Oct 24 10:53:47.606:     eap_authen : during state eap_auth_method_response, got event 13(eapMethodEnd)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_method_response -> eap_auth_select_action
Oct 24 10:53:47.606:     eap_authen : during state eap_auth_select_action, got event 19(eapDecisionPass)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_select_action -> eap_auth_passthru_init
Oct 24 10:53:47.606:     eap_authen : during state eap_auth_passthru_init, got event 22(eapPthruIdentity)
Oct 24 10:53:47.614: @@@ eap_authen : eap_auth_passthru_init -> eap_auth_aaa_req
Oct 24 10:53:47.614: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_GET_PEER_MAC_ADDRESS' on handle 0xE8000047
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Adding Audit-Session-ID "C0A846660000004700DF6030" to RADIUS Req
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Added Audit-Session-ID
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Adding IDB "0x070B90F8" to RADIUS Req
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Added IDB
Oct 24 10:53:47.614: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_CUSTOMIZE_AAA_REQUEST' on handle 0xE8000047
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: eap_auth_aaa_authen_request_shim aaa_service 19, eap aaa_list handle 0, mlist handle 0
Oct 24 10:53:47.614: AAA/AUTHEN/8021X (00000000): Pick method list 'default'
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Request sent successfully
Oct 24 10:53:47.614:     eap_authen : during state eap_auth_aaa_req, got event 24(eapAAAReqOk)
Oct 24 10:53:47.614: @@@ eap_authen : eap_auth_aaa_req -> eap_auth_aaa_idle
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000):Orig. component type = Invalid
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute hwidb
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-authen-type
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-authen-service
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute clid-mac-addr
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute target-scope
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-unique-id
Oct 24 10:53:47.614: RADIUS(00000000): Config NAS IP: 0.0.0.0
Oct 24 10:53:47.614: RADIUS(00000000): sending
Oct 24 10:53:47.614: RADIUS/ENCODE: Best Local IP-Address 192.168.70.102 for Radius-Server 192.168.19.121
Oct 24 10:53:47.614: RADIUS(00000000): Send Access-Request to 192.168.19.121:1645 id 1645/21, len 288
Oct 24 10:53:47.614: RADIUS: authenticator F1 BA E5 31 71 54 BF 1A - A2 B1 5E 1A 63 72 1E 72
Oct 24 10:53:47.614: RADIUS: User-Name           [1]   28 "GENERAL\randy.coburn.admin"
Oct 24 10:53:47.614: RADIUS: Service-Type        [6]   6   Framed                    [2]
Oct 24 10:53:47.614: RADIUS: Vendor, Cisco       [26] 27
Oct 24 10:53:47.614: RADIUS:   Cisco AVpair       [1]   21 "service-type=Framed"
Oct 24 10:53:47.614: RADIUS: Framed-MTU          [12] 6   1500
Oct 24 10:53:47.614: RADIUS: Called-Station-Id   [30] 19 "AC-F2-C5-75-7D-0D"
Oct 24 10:53:47.614: RADIUS: Calling-Station-Id [31] 19 "64-31-50-0E-9B-00"
Oct 24 10:53:47.614: RADIUS: EAP-Message         [79] 33
Oct 24 10:53:47.614: RADIUS:   02 01 00 1F 01 47 45 4E 45 52 41 4C 5C 72 61 6E 64 79 2E 63 6F [GENERAL\randy.co]
Oct 24 10:53:47.622: RADIUS:   62 75 72 6E 2E 61 64 6D 69 6E        [ burn.admin]
Oct 24 10:53:47.622: RADIUS: Message-Authenticato[80] 18
Oct 24 10:53:47.622: RADIUS:   EE 52 4D ED B9 06 F3 CE 63 AC 9D 73 24 1B A7 ED             [ RMcs$]
Oct 24 10:53:47.622: RADIUS: EAP-Key-Name        [102] 2   *
Oct 24 10:53:47.622: RADIUS: Vendor, Cisco       [26] 49
Oct 24 10:53:47.622: RADIUS:   Cisco AVpair       [1]   43 "audit-session-id=C0A846660000004700DF6030"
Oct 24 10:53:47.622: RADIUS: Vendor, Cisco       [26] 20
Oct 24 10:53:47.622: RADIUS:   Cisco AVpair       [1]   14 "method=dot1x"
Oct 24 10:53:47.622: RADIUS: NAS-IP-Address      [4]   6   192.168.70.102
Oct 24 10:53:47.622: RADIUS: NAS-Port            [5]   6   60000
Oct 24 10:53:47.622: RADIUS: NAS-Port-Id         [87] 23 "GigabitEthernet1/0/13"
Oct 24 10:53:47.622: RADIUS: NAS-Port-Type       [61] 6   Ethernet                  [15]
Oct 24 10:53:47.622: RADIUS(00000000): Sending a IPv4 Radius Packet
Oct 24 10:53:47.622: RADIUS(00000000): Started 10 sec timeout
Oct 24 10:53:47.622: RADIUS: Received from id 1645/21 192.168.19.121:1645, Access-Accept, len 66
Oct 24 10:53:47.622: RADIUS: authenticator 92 F6 07 AF C1 AB 0B 4C - 1D 9E A0 D1 01 36 27 26
Oct 24 10:53:47.622: RADIUS: Class               [25] 46
Oct 24 10:53:47.622: RADIUS:   76 E3 06 66 00 00 01 37 00 01 02 00 C0 A8 13 79 00 00 00 00 00 00 00 00 00 00 00 00 01 CE CF F8 1F 7B 75 41 00 00 00 00 00 00 00 50          [ vf7y{uAP]
Oct 24 10:53:47.622: RADIUS(00000000): Received from id 1645/21
Oct 24 10:53:47.622: EAP-EVENT: eap_aaa_reply
Oct 24 10:53:47.622: EAP-AUTH-AAA-EVENT: Reply received session_label 72000033
Oct 24 10:53:47.622: EAP-EVENT: Received AAA event 'EAP_AAA_FAIL' on handle 0xE8000047
Oct 24 10:53:47.622:     eap_authen : during state eap_auth_aaa_idle, got event 8(eapAAAFail)
Oct 24 10:53:47.622: @@@ eap_authen : eap_auth_aaa_idle -> eap_auth_failure
Oct 24 10:53:47.631: EAP-EVENT: Received get canned status from lower layer (0xE8000047)
Oct 24 10:53:47.631: EAP-AUTH-TX-PAK: Code:FAILURE ID:0x1   Length:0x0004
Oct 24 10:53:47.631: EAP-AUTH-EVENT: FAIL for EAP method ID: 1, name: , on handle 0xE8000047
Oct 24 10:53:47.631: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_FAIL' on handle 0xE8000047
Oct 24 10:53:47.631: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Received an EAP Fail
Oct 24 10:53:47.639: %DOT1X-5-FAIL: Authentication failed for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Added username in dot1x
Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Dot1x did not receive any key data
Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Processing client delete for hdl 0x15000045 sent by Auth Mgr
Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] 6431.500e.9b00: sending canned failure due to method termination
Oct 24 10:53:47.639: EAP-EVENT: Received get canned status from lower layer (0xE8000047)
Oct 24 10:53:47.639: dot1x-ev:[Gi1/0/13] Sending EAPOL packet to group PAE address
Oct 24 10:53:47.639: dot1x-ev:[Gi1/0/13] Sending out EAPOL packet
Oct 24 10:53:47.639: dot1x-packet:EAPOL pak Tx - Ver: 0x3 type: 0x0
Oct 24 10:53:47.639: dot1x-packet: length: 0x0004
Oct 24 10:53:47.639: dot1x-packet:EAP code: 0x4 id: 0x1 length: 0x0004
Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] EAPOL canned status packet sent to client 0x15000045
Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Deleting client 0x15000045 (6431.500e.9b00)
Oct 24 10:53:47.639: %AUTHMGR-7-STOPPING: Stopping 'dot1x' for client 6431.500e.9b00 on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.639: %AUTHMGR-5-FAIL: Authorization failed or unapplied for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.648: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Delete auth client (0x15000045) message
Oct 24 10:53:47.648: EAP-EVENT: Received free context (0xE8000047) from LL (Dot1x-Authenticator)
Oct 24 10:53:47.648: dot1x-ev:Auth client ctx destroyed
Oct 24 10:53:47.648: EAP-EVENT: Received LL (Dot1x-Authenticator) event 'EAP_DELETE' on handle 0xE8000047
Oct 24 10:53:47.648: EAP-AUTH-EVENT: Freed EAP auth context
Oct 24 10:53:47.648: EAP-EVENT: Freed EAP context
Oct 24 10:53:48.621: EAP-EVENT: Stopped EAP tick timer
Oct 24 10:53:49.485: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to up
Oct 24 10:53:50.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to up
Oct 24 10:53:53.528: dot1x-ev:[Gi1/0/13] Interface state changed to DOWN
Oct 24 10:53:53.528: dot1x-ev:[Gi1/0/13] No DOT1X subblock found for port down
Oct 24 10:53:54.518: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to down
Oct 24 10:53:55.524: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down

Hi Jatin,
See below the data that you have requested.
show run bits.
aaa new-model
aaa authentication dot1x default group radius
aaa session-id common
clock timezone BST 0 0
clock summer-time UTC recurring last Sun Mar 1:00 last Sun Oct 2:00
dot1x system-auth-control
interface GigabitEthernet1/0/13
switchport access vlan 80
switchport mode access
authentication port-control auto
dot1x pae authenticator
spanning-tree portfast
interface GigabitEthernet1/0/48
switchport trunk encapsulation dot1q
switchport trunk native vlan 70
switchport mode trunk
radius server NPS1
address ipv4 192.168.19.121 auth-port 1645 acct-port 1646
timeout 10
key thesecret
ip default-gateway 192.168.70.1
SW1-randy#show auth sessions interface gig 1/0/13
Interface    MAC Address    Method       Domain          Status    Fg Session ID
Gi1/0/13     803f.5d09.189e N/A          UNKNOWN      Unauth         C0A846660000002F00251DBC
SW1-randy#Show mac address-table Interface GigabitEthernet1/0/13
          Mac Address Table
Vlan    Mac Address       Type        Ports
80    803f.5d09.189e    DYNAMIC     Drop
SW1-randy#ping 192.168.19.121
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.19.121, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
Here is a wireshark of the accept packet.
Message was edited by: randy coburn
Added wireshark trace

Upgrade to Apex 4.1 results in "Error processing SSO authentication"

We recently upgraded our Apex environment to 4.1 from 4.0.2. In our previous environment we used SSO authentication. Some how in the new Apex 4.1 we can get to all our applications with the url https://test.home.org/pls/apex put any application which requires SSO authentication gives this message:
Error processing SSO authentication.ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE.GENERATE_REDIRECT' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored
Has anyone run into a similar issue? Any insights?
Thanks.

After upgrading to APEX release 4.1.0.00.32 we received the following errors when attempt to authenticate to an application setup to use "Oracle Application Server Single Sign-On" as the Scheme Type.
Error message:
Error processing SSO authentication.
ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored
ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE.GENERATE_REDIRECT' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored
This has been identified as BUG 12973090 - SSO WITH SPECIFIED PARTNER APPLICATION NAME FAILS WITH PLS-00201
Workaround:
The work around is to leave the “Partner Application Name” field blank in your authentication scheme. To do this go to: Application Builder > Your Application > Shared Components > Authentication Schemes > Click the Edit Icon on your authentication scheme that uses Single Sign-On > set the “Partner Application Name blank as follows > Apply Changes.
Oracle support says development is currently working the issue and the bug will not be fixed until APEX release 4.1.1.
Sean
Edited by: Sean Harris on Nov 2, 2011 7:59 AM

NPS Authentication Fails (Reason 16) After Migration to 2012 R2 from 2008 R2

I'm using NPS for wired dot1x authentication and I just migrated my NPS server from 2008 R2 to 2012 R2. When I point the network switch to start using the new 2012 R2 NPS as the RADIUS server, I get authentication failures - event 6273, reason code
16. When I switch it back to the 2008 R2 server, it works fine. The two servers are configured EXACTLY the same as far as I can tell - same RADIUS client config, same connection request policies, same network policies - and it should be since I
used the MS prescribed migration process. The only thing that differs is the server's certificate name used in the PEAP setup screen.
I'm using computer authentication only, so everything is based on computer accounts and I've selected to NOT validate server credentials on the group policy.
I've verified the shared secrets multiple times. Both servers are domain controllers.
Here is an example of the errors logged on the 2012 R2 server.
========================================
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
   Security ID:           FAITHCHURCH\youthroom$
   Account Name:           host/YOUTHROOM.faithchurch.net
   Account Domain:           FAITHCHURCH
   Fully Qualified Account Name:   FAITHCHURCH\youthroom$
Client Machine:
   Security ID:           NULL SID
   Account Name:           -
   Fully Qualified Account Name:   -
   OS-Version:           -
   Called Station Identifier:       -
   Calling Station Identifier:       44-37-E6-C0-32-CA
NAS:
   NAS IPv4 Address:       192.168.1.1
   NAS IPv6 Address:       -
   NAS Identifier:           -
   NAS Port-Type:           Ethernet
   NAS Port:           1010
RADIUS Client:
   Client Friendly Name:       Extreme X440
   Client IP Address:           192.168.1.1
Authentication Details:
   Connection Request Policy Name:   Secure Wired (Ethernet) Connections 2
   Network Policy Name:       Secure Wired (Ethernet) Connections 2
   Authentication Provider:       Windows
   Authentication Server:       Sigma.faithchurch.net
   Authentication Type:       PEAP
   EAP Type:           -
   Account Session Identifier:       -
   Logging Results:           Accounting information was written to the local log file.
   Reason Code:           16
   Reason:               Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
========================================

Hi,
Have you added the NPS server to the RAS and IAS Servers
security group in AD DS?
The NPS server needs permission to read the dial-in properties of user accounts during the authorization process.
Try to add a loal user on the NPS server, then test with the local user. If it works, it means that there is something wrong between NPS and DC.
If the issue persists, it means that the configuration between NPS and NAS is wrong.
Steven Lee
TechNet Community Support

Authentication Failed: User xelsysadm javax.security.auth.login.FailedLogin

Hi All,
I have an critical ssue to be solved on Production environemt :(,
we have oim installed on cluster in production(OIM11g installed on server ), the configuration is as mentioned below
cluster 1--oim1,soa1--server1--holds admin server
cluster 2--oim2,soa2--server2--managed server and no admin server
This instance was working fine, we had to restart the server machine for some reason and i am not able to start OIM server :( after that.
following is the exception i get when i start the OIM server , Please help :(
2011-05-13T13:42:29.585+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.weblogic.listeners.ADFApplicationLifecycleListener] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFApplicationLifecycleListener.preStop. Cleaning up Application caches.
[2011-05-13T13:42:29.585+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] Clean up Application Caches
[2011-05-13T13:42:29.585+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[2011-05-13T13:42:29.600+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[2011-05-13T13:42:29.600+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[2011-05-13T13:42:29.600+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[*2011-05-13T13:42:30.193+05:30] [wls_oim1] [ERROR] [] [OIM Authenticator] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] Error while retrieving user xelsysadm*
*[2011-05-13T13:42:30.224+05:30] [wls_oim1] [ERROR] [IAM-0020011] [oracle.iam.platform.auth.client] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] Login Exception encountered when trying to login as admin {0}[[*
*javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: java.lang.SecurityException: [Security:090304]Authentication Failed: User xelsysadm javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User xelsysadm denied*
at weblogic.security.auth.login.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:199)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:684)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at Thor.API.Security.LoginHandler.weblogicLoginHandler.login(weblogicLoginHandler.java:62)
at oracle.iam.platform.OIMClient.login(OIMClient.java:134)
at oracle.iam.platform.OIMClient.login(OIMClient.java:114)
at oracle.iam.platform.OIMInternalClient.loginAsAdmin(OIMInternalClient.java:69)
at oracle.iam.scheduler.impl.util.SchedulerUtil.getSchedulerService(SchedulerUtil.java:735)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.resetRunningJobStatus(SchedulerStartupServlet.java:247)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.stopScheduler(SchedulerStartupServlet.java:123)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.destroy(SchedulerStartupServlet.java:261)
at weblogic.servlet.internal.StubSecurityHelper$ServletDestroyAction.run(StubSecurityHelper.java:303)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.StubSecurityHelper.destroyServlet(StubSecurityHelper.java:81)
at weblogic.servlet.internal.StubLifecycleHelper.destroyOneInstance(StubLifecycleHelper.java:144)
at weblogic.servlet.internal.StubLifecycleHelper.destroy(StubLifecycleHelper.java:134)
at weblogic.servlet.internal.ServletStubImpl.destroy(ServletStubImpl.java:438)
at weblogic.servlet.internal.WebAppServletContext.destroyServlets(WebAppServletContext.java:3232)
at weblogic.servlet.internal.WebAppServletContext.destroy(WebAppServletContext.java:3192)
at weblogic.servlet.internal.ServletContextManager.destroyContext(ServletContextManager.java:241)
at weblogic.servlet.internal.HttpServer.unloadWebApp(HttpServer.java:461)
at weblogic.servlet.internal.WebAppModule.destroyContexts(WebAppModule.java:1540)
at weblogic.servlet.internal.WebAppModule.deactivate(WebAppModule.java:513)
at weblogic.application.internal.flow.ModuleStateDriver$2.previous(ModuleStateDriver.java:389)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:167)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:160)
at weblogic.application.internal.flow.ModuleStateDriver.deactivate(ModuleStateDriver.java:141)
at weblogic.application.internal.flow.ScopedModuleDriver.deactivate(ScopedModuleDriver.java:207)
at weblogic.application.internal.flow.ModuleListenerInvoker.deactivate(ModuleListenerInvoker.java:261)
at weblogic.application.internal.flow.DeploymentCallbackFlow$2.previous(DeploymentCallbackFlow.java:538)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:167)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:160)
at weblogic.application.internal.flow.DeploymentCallbackFlow.deactivate(DeploymentCallbackFlow.java:182)
at weblogic.application.internal.flow.DeploymentCallbackFlow.deactivate(DeploymentCallbackFlow.java:175)
at weblogic.application.internal.BaseDeployment$2.previous(BaseDeployment.java:1281)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:167)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:160)
at weblogic.application.internal.BaseDeployment.deactivate(BaseDeployment.java:453)
at weblogic.application.internal.EarDeployment.deactivate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.deactivate(DeploymentStateChecker.java:199)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.deactivate(AppContainerInvoker.java:98)
at weblogic.deploy.internal.targetserver.BasicDeployment.deactivate(BasicDeployment.java:263)
at weblogic.deploy.internal.targetserver.BasicDeployment.deactivateFromServerLifecycle(BasicDeployment.java:458)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doDeactivate(DeploymentAdapter.java:74)
at weblogic.management.deploy.internal.DeploymentAdapter.deactivate(DeploymentAdapter.java:215)
at weblogic.management.deploy.internal.AppTransition$6.transitionApp(AppTransition.java:67)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.deactivate(ConfiguredDeployments.java:199)
at weblogic.management.deploy.internal.ConfiguredDeployments.undeploy(ConfiguredDeployments.java:191)
at weblogic.management.deploy.internal.DeploymentServerService.shutdownApps(DeploymentServerService.java:195)
at weblogic.management.deploy.internal.DeploymentServerService.shutdownHelper(DeploymentServerService.java:127)
at weblogic.application.ApplicationShutdownService.stop(ApplicationShutdownService.java:106)
at weblogic.t3.srvr.ServerServicesManager.stopInternal(ServerServicesManager.java:495)
at weblogic.t3.srvr.ServerServicesManager.stop(ServerServicesManager.java:316)
at weblogic.t3.srvr.T3Srvr.shutdown(T3Srvr.java:1036)
at weblogic.t3.srvr.T3Srvr.gracefulShutdown(T3Srvr.java:939)
at weblogic.t3.srvr.GracefulShutdownRequest.run(GracefulShutdownRequest.java:41)
at weblogic.work.ContextWrap.run(ContextWrap.java:41)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Thanks in advance

Agreed with all above pointers.
I think you have to raise SR with oracle, because it is prod environment.
If you still want to do some R&D.
1. Also check this URL might help, but not sure.
http://download.oracle.com/docs/cd/E21764_01/doc.1111/e14308/handlinglcm.htm#CIAJCEEF
http://download.oracle.com/docs/cd/E21764_01/doc.1111/e14308/handlinglcm.htm#CIAEFAGF
2. Restart all servers (along with Admin server and DB).

Authentication failed while using the function from JSP.

I am facing a issue with the mail functionality with JAVA Mailing.The problem is that when I am running the stand alone program it is working fine but when same function is called from a JSP it gives Authentication failed Exception.I am attaching the code with the case.testMail() Is the function called from the JSP.
Please Look in to the issue its urgent.
import javax.mail.*;
import javax.mail.internet.*;
import java.util.*;
import java.io.*;
import javax.activation.DataHandler;
import javax.mail.MessagingException;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import javax.mail.internet.MimePartDataSource;
To use this program, change values for the following three constants,
SMTP_HOST_NAME -- Has your SMTP Host Name
SMTP_AUTH_USER -- Has your SMTP Authentication UserName
SMTP_AUTH_PWD -- Has your SMTP Authentication Password
Next change values for fields
emailMsgTxt -- Message Text for the Email
emailSubjectTxt -- Subject for email
emailFromAddress -- Email Address whose name will appears as "from" address
Next change value for "emailList".
This String array has List of all Email Addresses to Email Email needs to be sent to.
Next to run the program, execute it as follows,
SendMailUsingAuthentication authProg = new SendMailUsingAuthentication();
public class SendMailUsingAuthentication
private static final String SMTP_HOST_NAME = "host";
private static final String SMTP_AUTH_USER = "username";
private static final String SMTP_AUTH_PWD = "password";
private static final String emailMsgTxt = "Test Msg";
private static final String emailSubjectTxt = "Notification: New User created";
private static final String emailFromAddress = "[email protected]";
// Add List of Email address to who email needs to be sent to
private static final String[] emailList = {"[email protected]"};
public static void main(String args[]) throws Exception
SendMailUsingAuthentication smtpMailSender = new SendMailUsingAuthentication();
smtpMailSender.postMail( emailList, emailSubjectTxt, emailMsgTxt, emailFromAddress);
System.out.println("Sucessfully Sent mail to All Users");
public void testMail(String msgBody,String senderEmail)throws MessagingException
try{
     String mailBody = msgBody;
     String senderEmailAdd = senderEmail;
     SendMailUsingAuthentication smtpMailSender = new SendMailUsingAuthentication();
     smtpMailSender.postMail( emailList, emailSubjectTxt, mailBody , senderEmail);
     catch(MessagingException me) {
               //System.out.println("Mail not sent");
               throw me;
public void postMail( String recipients[ ], String subject,
String message , String from) throws MessagingException
try{
     boolean debug = false;
//Set the host smtp address
Properties props = System.getProperties();
props.put("mail.smtp.host", SMTP_HOST_NAME);
props.put("mail.smtp.auth", "true");
Authenticator auth = new SMTPAuthenticator();
Session session = Session.getInstance(props, auth);
session.setDebug(debug);
// create a message
Message msg = new MimeMessage(session);
// set the from and to address
InternetAddress addressFrom = new InternetAddress(from);
msg.setFrom(addressFrom);
InternetAddress[] addressTo = new InternetAddress[recipients.length];
for (int i = 0; i < recipients.length; i++)
addressTo[i] = new InternetAddress(recipients);
msg.setRecipients(Message.RecipientType.TO, addressTo);
// Setting the Subject and Content Type
msg.setSubject(subject);
msg.setContent(message, "text/plain");
Transport.send(msg);
     catch(MessagingException me) {
               //System.out.println("Mail not sent");
               throw me;
* SimpleAuthenticator is used to do simple authentication
* when the SMTP server requires it.
public static class SMTPAuthenticator extends javax.mail.Authenticator
public PasswordAuthentication getPasswordAuthentication()
String username = SMTP_AUTH_USER;
String password = SMTP_AUTH_PWD;
          return new PasswordAuthentication(username, password);

Your code doesn't work in stand alone program... just little mistake!
Miss port property :
props.put("mail.smtp.port", "25");
props.put("mail.smtp.starttls.enable", "true"); // tls for gmail
AddressTo method didn' t compile :
InternetAddress[] addressTo = new InternetAddress[recipients.length];
for (int i = 0; i < recipients.length; i++)
     addressTo[i] = new InternetAddress((String) recipients);
msg.setRecipients(Message.RecipientType.TO, addressTo);
And see this post for jsp integration :
http://forum.java.sun.com/thread.jspa?threadID=5184860&tstart=0

Authentication Failed Error

Hello,
I have a button on my page, which when clicked calls a procedure in the backend. The procedure actually submits a request to concurrent program manager and returns a url in a out parameter. The url is actually the path to a letter in pdf format stored on the server. In the controller, I am checking for the error status returned by the api. If it is success, I am redirecting to the same page and setting the url(returned as a out param) to the link using
setDestination().So, when the page renders again, the link has a destination. When I click on the link, the letter is opening in a new window with the correct data. Till, this point everything is happening as required. But when the user closes the letter and again click on the link to open the letter again, it says "Authentication Failed". I tried redirecting the page to same page and setting the url again in procesRequest. This is happening but the letter is not opening, because when we click on a link having both destination and controller code event, only the controller code will be executed.
Please suggest how to solve this issue.

That sometimes means that your AM doesn't know its own name correctly. ie the amconfig.properties and the data in the directory for the paltform settings doesn't match. This can happen if you just switched to SSL or have made other naming changes by hand to the AMConfig.properties file.

Reg:Howq to set Default role on SSO Authentication

We have a scenario where Default roles should be set to Contributor on SSO Authentication(not using LDAP). I have the below configuration
SSO_DefaultRoles=contributor
SSO_ModifyExtraParams=true
SSO_SetAuthInfo=true
SSO_IsSimpleAuth=false
in oraclessopluginfilter_environment.cfg. But on SSO login, I see that users are assigned only guest role because of which they don't have check in option. Can you please help me out with how to set up default roles on SSO authentication.
Thanks in advance for your time and effort
Praveen

Hi Jon,
For any code changes in bsp components we need it's z-instance and that we get after enhancing the respective entity for eg views, context nodes etc..
In case you are not familiar with the enhancement, please refer to some thread which explain about the component enhancement concept.
Coming to this requirement..
You need to enhance bp_roles component, then enhance rolelist view and roles context node.. redefine the GET_V_PARTNERROLE method.. copy the parent class code and do the necessary changes to manipulate the entries in gt_ddlb_add
Check the statement at line no 107..
gr_ddlb_roles->set_selection_table( it_selection_table = gt_ddlb_add ).
Just before above statment call, manipulate gt_ddlb_add to keep the required role value at index 1..
Another thing in my test system i can't see any role as "Account" under SPRO customizing "Business Partner Roles" instead "Business Partner (Gen.)" is available, don't know if you are able to see Account Role in the Roles DDLB..
i would suggest debug the get_v_partnerrole method once at line no 107 see the entries in gt table you will get an idea what you need to change.
Hope this helps..
Cheers,
Sumit Mittal

Discussion Server Authentication Failed From Inside FMW App

Hi Community,
My Env:
Webcenter 11.1.1.3.0
Weblogic 10.3.3
The discussion server shipped with webcenter suite is Jive Forums Silver 5.5.20 .2-oracle.
I wired the discussion server to embedded LDAP server of my weblogic server, and deployed an app that utilize the discussion service.
But when accessing the app page, I got an exception "failure to authenticate the user pbrown, due to: Authentication Failed".
The users do exist in LDAP server and I can login to http://server:8890/owc_discussions page with that users, I also granted all privileges to the users in jive console, but it doesn't work inside the app.
My Jive server log:
[2010-09-05T23:21:22.816-07:00] [WLS_Services] [ERROR] [] [org.codehaus.xfire.handler.DefaultFaultHandler] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [ecid: 0000If_hC7s5e_Vau1q2UH1CWBaI0000E_,0] [APP: owc_discussions#11.1.1.2.0] [dcid: bafcaeab2cd82008:-b3c6f44:12ad6d55fae:-8000-00000000000003c6] Fault occurred![[
com.jivesoftware.base.UnauthorizedException: Authentication Failed
at com.jivesoftware.forum.webservices.server.xfire.PermissionHandler.acquireAuthToken(PermissionHandler.java:194)
at com.jivesoftware.forum.webservices.server.xfire.PermissionHandler.invoke(PermissionHandler.java:98)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:39)
at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:287)
at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:130)
at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:117)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:189)
at com.jivesoftware.base.action.util.JiveFilterDispatcher.doFilter(JiveFilterDispatcher.java:69)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at com.jivesoftware.base.util.webwork.JiveActionContextCleanUp.doFilter(JiveActionContextCleanUp.java:38)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Log of the server that hosts the app:
[2010-09-05T23:21:08.184-07:00] [AdminServer] [WARNING] [] [oracle.adf.controller.internal.metadata.MetadataService] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: anonymous] [ecid: 0000If_h8YC5e_Vau1q2UH1CWBIO0001Nc,0] [APP: StoreFrontModule#V2.0] [dcid: bafcaeab2cd82008:3873773a:12ad6c38b8a:-8000-0000000000001665] ADFc: /WEB-INF/adfc-config.xml:
[2010-09-05T23:21:08.185-07:00] [AdminServer] [WARNING] [ADFC-52024] [oracle.adf.controller.internal.metadata.MetadataService] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: anonymous] [ecid: 0000If_h8YC5e_Vau1q2UH1CWBIO0001Nc,0] [APP: StoreFrontModule#V2.0] [dcid: bafcaeab2cd82008:3873773a:12ad6c38b8a:-8000-0000000000001665] [arg: shoppingCartBean] ADFc: Duplicate managed bean definition for 'shoppingCartBean' detected.
[2010-09-05T23:21:08.190-07:00] [AdminServer] [ERROR] [] [org.apache.myfaces.trinidadinternal.application.StateManagerImpl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: anonymous] [ecid: 0000If_h8YC5e_Vau1q2UH1CWBIO0001Nc,0] [APP: StoreFrontModule#V2.0] [dcid: bafcaeab2cd82008:3873773a:12ad6c38b8a:-8000-0000000000001665] Could not find saved view state for token uutg3hslp
[2010-09-05T23:21:11.851-07:00] [AdminServer] [WARNING] [] [oracle.adfinternal.view.faces.renderkit.rich.NavigationPaneRenderer] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: anonymous] [ecid: 0000If_h9SE5e_Vau1q2UH1CWBIO0001Ni,0] [APP: StoreFrontModule#V2.0] [dcid: bafcaeab2cd82008:3873773a:12ad6c38b8a:-8000-000000000000166f] Warning: There are no items to render for this level
[2010-09-05T23:21:22.821-07:00] [AdminServer] [WARNING] [WCS-04013] [oracle.webcenter.collab.forum.internal.view.backing] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: pbrown] [ecid: 0000If_hC765e_Vau1q2UH1CWBIO0001Nm,0] [APP: StoreFrontModule#V2.0] [dcid: bafcaeab2cd82008:3873773a:12ad6c38b8a:-8000-0000000000001673] [arg: pbrown] [arg: Authentication Failed] failure to authenticate the user pbrown, due to: Authentication Failed[[
oracle.webcenter.collab.share.LoginFailedException: failure to authenticate the user pbrown, due to: Authentication Failed
at oracle.webcenter.collab.forum.internal.jive.JiveAuthenticator.handleException(JiveAuthenticator.java:304)
at oracle.webcenter.collab.forum.internal.jive.JiveAuthenticator.login(JiveAuthenticator.java:247)
at oracle.webcenter.collab.forum.internal.jive.JiveForumSession.login(JiveForumSession.java:128)
at oracle.webcenter.collab.share.Session$1.call(Session.java:353)
at oracle.webcenter.collab.share.Session$1.call(Session.java:347)
at oracle.webcenter.concurrent.Submission$2.run(Submission.java:406)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.webcenter.concurrent.Submission.runAsPrivileged(Submission.java:420)
at oracle.webcenter.concurrent.Submission.run(Submission.java:347)
at oracle.webcenter.concurrent.Submission$SubmissionFutureTask.run(Submission.java:737)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:442)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:139)
at oracle.webcenter.concurrent.ModifiedThreadPoolExecutor$Worker.runTask(ModifiedThreadPoolExecutor.java:657)
at oracle.webcenter.concurrent.ModifiedThreadPoolExecutor$Worker.run(ModifiedThreadPoolExecutor.java:683)
at java.lang.Thread.run(Thread.java:619)
Caused by: Authentication Failed
Thanks,
Todd

I have same problem here. used weblogic admin but still doesnt works. Thats amazing or not?
oracle.webcenter.collab.share.LoginFailedException: failure to authenticate the user Weblogic, due to: Authentication Failed
Edited by: José Carlos on 06/09/2010 06:56

EAP-TLS or PEAP authentication failed during SSL handshake

Hi Pros,
I am a newbie in the ACS 4.2 and EAP-TLS implementation, with that being said. I face an issue during a EAP-TLS implementation. My search shows that this kind of error message is already certificate issue;However, I have deleted and recreated the certificate in both ACS and the client with the same result. I have deleted and re-install the certchain as well.
When I check my log in the failed attemps, there is what I found:
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
Network Access Profile Name
Authen-Failure-Code
Author-Failure-Code
Author-Data
NAS-Port
NAS-IP-Address
Filter Information
PEAP/EAP-FAST-Clear-Name
EAP Type
EAP Type Name
Reason
Access Device
Network Device Group
06/23/2010
17:39:51
Authen failed
000e.9b6e.e834
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1101
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Networ
06/23/2010
17:39:50
Authen failed
[email protected]
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1098
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Network
[email protected] = my windows active directory name
1. Why under EAP-TYPE it shows MS-PEAP not EAP-TLS? I did configure EAP-TLS....
2. Why sometimes it just shows the MAC of the client for username?
3. Why it puts me in DEFAULT-GROUP even though i belongs to a group well definy in the acs?
2. Secondly, When I check in pass authentications... there is what i saw
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
NAS-Port
NAS-IP-Address
Network Access Profile Name
Shared RAC
Downloadable ACL
System-Posture-Token
Application-Posture-Token
Reason
EAP Type
EAP Type Name
PEAP/EAP-FAST-Clear-Name
Access Device
Network Device Group
06/23/2010
17:30:49
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
06/23/2010
17:29:27
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
In the output below, it says that the user is authenticate and it puts the user in the right group with the right username, but the user never really authenticate. Maybe for the first few seconds when I initiate the connection.
Before I forget, the suppliant is using WIN XP and 802.1x is enable. I even uncheck not verify the server and the ACS under External User Databases, I did check ENABLE EAP-TLS machine authentication.
Thanks in advance for your help,
Crazy---

Any ideas on this guys?? In my end, i've been reading some docs... Things started to make sens to me, but I still cannot authenticate, still the same errors. One more thing that catch my attention now is the time it takes to open a telnet session to cisco device which has the ACS for auth server.
My AD(Active Direct) and the ACS server are local same subnet(server subnet). Ping to the ACS from my desktop which is in different subnet is only take 1ms. To confirm that the issue is the ACS server, I decided to use another server in remote location, the telnet connection is way faster than the local ACS.
Let's brain storm together to figure out this guys.
Thanks in advance,
----Paul

User Authentication Failed via http BUT not with Visual Administrator !!?

OS : Win 2k3 Server UK * DB : SQL Server 2005
SAP Netweaver 2004s Application Java
Hi All,
Since a couple of days, I have a problem concerning authentication to the java apllication on a SAP Netweaver 2004s.
Using the user Administrator, I CAN logon the Visual Administrator tool, with the same user I tried to logon via http://host:port/nwa without success.
At the beginning, I was thinking about a problem of password then I enabled the emergency user SAP*, the problem was the same. Ok with Visual Administrator but not via http.
Here is two logs found in folder : D:\usr\sap\SID\JC02\j2ee\cluster\server0\log\system\
     security.3.log
     <i>#1.5#001871E5EA3A00550000006D0000172800043B836D838427#1191335570983#/System/Security/Audit#sap.com/com.sap.security.core.admin#com.sap.security.core.util.SecurityAudit#Guest#0####5aac137070f411dcc513001871e5ea3a#SAPEngine_Application_Thread[impl:3]_11##0#0#Warning#1#com.sap.security.core.util.SecurityAudit#Plain###Guest     | LOGIN.ERROR     | null     |      | Login Method=[default], UserID=[Administrator], IP Address=[192.168.10.125], Reason=[Authentication did not succeed.]#</i>
     server.0.log
     <i>#1.5#001871E5EA3A0052000000130000172800043B835E3661D1#1191335314249#/System/Server/SLDService##com.sap.sldserv.SldServerFrame######c1a349a070f311dcaa68001871e5ea3a#SAPEngine_System_Thread[impl:5]_71##0#0#Warning#1#com.sap.sldserv.SldServerFrame#Plain###Failed to collect SLD data. Failed to send HTTP data: 401 : Unauthorized. Please check if the target SLD system is available and the SLD bridge is started there.#</i>
 I tried to connect http://host:port/sld same problem User Authentication Failed
<b>Do you have an idea for me? Why a user can connect via Visual Administrator and not via the http interface?</b>
Thanks in advance
Yves

Hi,
I found the solution this last week-end.
This behavior let's thinking to a problem of authentication.
But the problem was in SQL, an index was missing in table J2EE_CONFIG, called J2EE_CONFIG_I3
Cheers
Yves

Call FM RSRD_X_MAP_TO_PRTL_USERS_PROXY , SSO Authentication fail

Similar Messages

Maybe you are looking for