Could not validate base system?

Similar Messages

• Supplied credentials not accepted by the server and Could not validate SPNEGO token

  Hi,
  We have installed and configured SSO 2.0 SP02 on HP-UX system. We have exported the client policy files, root certificate from SLS and imported the same in the client PC. Then we have installed the SLC in client PC with logging enabled option. Now when we try to manually login using SLC we are getting the below error.
  In SLC - "Supplied credentials not accepted by the server"
  In Diatool - "Could not validate SPNEGO token"
  Attached the trace file from SLC and logs from diatool. Anyone suggest how to rectify this error.
  The trace file from SLC
  [2014.03.28 12:08:50.434][TRACE][sbus.exe            ][sbus.dll    ][  4856] CToken:: Secure Login token [toksw:mem://securelogin/Windows Authentication (SPNEGO) :: login
  [2014.03.28 12:08:50.452][TRACE][sbus.exe            ][sbusresloade][  4856] { GetLocale
  [2014.03.28 12:08:50.453][TRACE][sbus.exe            ][sbusresloade][  4856] }        0
  [2014.03.28 12:08:50.453][TRACE][sbus.exe            ][sbusslogin.d][  4856] { CSecureLogin_Protocol_2_0::Send_Init
  [2014.03.28 12:08:50.453][TRACE][sbus.exe            ][sbusslogin.d][  4856] { CSecureLogin::Send_Any
  [2014.03.28 12:08:50.515][ERROR][sbus.exe            ][BASE        ][  2800] ERROR(0xA0100017) in CRYPT->sec_crypt_cipher_get_cipher_len(): An attribute is missing
  [2014.03.28 12:08:50.563][TRACE][sbus.exe            ][sbusslogin.d][  4856] }        0
  [2014.03.28 12:08:50.563][TRACE][sbus.exe            ][sbusslogin.d][  4856] }        0
  [2014.03.28 12:08:50.566][TRACE][sbus.exe            ][sbusresloade][  4856] { CResourceManager::New
  [2014.03.28 12:08:50.566][TRACE][sbus.exe            ][sbusresloade][  4856] { GetLocale
  [2014.03.28 12:08:50.566][TRACE][sbus.exe            ][sbusresloade][  4856] }        0
  [2014.03.28 12:08:50.566][TRACE][sbus.exe            ][sbusresloade][  4856] { CResourceManager::Init
  [2014.03.28 12:08:50.568][TRACE][sbus.exe            ][sbusresloade][  4856] }        0
  [2014.03.28 12:08:50.568][TRACE][sbus.exe            ][sbusresloade][  4856] }        0
  [2014.03.28 12:09:00.979][ERROR][sbus.exe            ][sbus.dll    ][  4856] LogonUser failed with error 0x0000052e
  [2014.03.28 12:09:12.628][TRACE][sbus.exe            ][Kerberos    ][  4856] Got kerberos ticket for 'HTTP/ssodev' with server key type 23 and session key type 23
  [2014.03.28 12:09:12.628][TRACE][sbus.exe            ][BASE/RANDOM ][  4856] Get 8 bytes random data
  [2014.03.28 12:09:12.628][TRACE][sbus.exe            ][sbusslogin.d][  4856] { CSecureLogin_Protocol_2_0::Send_Auth_SPNEGO
  [2014.03.28 12:09:12.628][TRACE][sbus.exe            ][sbusslogin.d][  4856] { CSecureLogin::Send_Any
  [2014.03.28 12:09:12.727][TRACE][sbus.exe            ][sbusslogin.d][  4856] }        0
  [2014.03.28 12:09:12.727][TRACE][sbus.exe            ][sbusslogin.d][  4856] { CSecureLogin_Protocol_2_0::Handle_Auth_Response
  [2014.03.28 12:09:12.727][TRACE][sbus.exe            ][sbusslogin.d][  4856] }        0
  [2014.03.28 12:09:12.727][TRACE][sbus.exe            ][sbusslogin.d][  4856] } 80070005
  Regards,
  Yogesh Kumar D

  Hello Yogesh,
  With regards to the 2nd error "Could not validate SPNEGO Token"
  Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
  1. com.sap.security.core.server.jaas.SPNegoLoginModule                     SUFFICIENT  ok          exception             true       Could not validate SPNEGO token. Reason: No user with account attributes [[namespace=com.sap.security.core.authentication, name=principal, value=sap.helpdesk1, isCaseSensitive=false], [namespace=com.sap.security.core.authentication, name=realm, value=HZL01.VEDANTARESOURCE.LOCAL, isCaseSensitive=false]] found
  No logon policy was applied
  It means that the user "sap.helpdesk1" was decrypted from the kerberos
  token but there is no user with this name in the AS Java. The reason for that is a misconfiguration in the SPNEGO user mapping.
  Therefore, please open the SPNEGO wizard in the NWA and configure
  how AS Java should choose a user from the UME based on the received
  SPNEGO token. Here is some documentation about configuring the user
  mapping:
  http://help.sap.com/saphelp_nw73/helpdata/en/f4/1978c3a37a441b87a89d61c1a08689/frameset.htm
  Regards,
  David

• Installer could not validate the contents of the "BaseSystem"

  Reference the quite volumnious "Installer could not validate the contents of the 'BaseSystem'".
  Given the dual-layer DVD inserted in a single-layer SuperDrive fact, I tried installing just the Base System with nothing else and got the same error. On the surface, this may indicate that even the BaseSystem is spread out between both layers.
  Has anyone tried making a DVD/CD Master sparse image, cloning it to a spare partition, restarting the Mac from this partition and installing Leopard on another partition or other drive? I got this idea from the indispensable "Macfixit.com" web site.
  Would that totally eliminate trying to install an OS from a double-layer DVD in a single-layer Drive?
  So I am trying to determine if anyone has been successful using this image approach.

  If the drive couldn't read DL DVDs, DVD Player would have trouble with most movies. There may be some burned DL DVDs that won't work in some drives, but factory pressed DL disks, such as Leopard, (if not defective) should be readable in any DVD drive. There may be defective discs, or defective drives, but a DL drive is not a requirement. The DL for a DVD drive only applies to its burning capability, not its reading capability.

• Erroe while invoking a process (could not validate SAML)

  Hi,
  I am getting the following error while invoking a process from
  Weblogic  Portal Server.The invocation happens properly always but
  after frequent  intervals(approx 1-1.5 hrs) this error comes.Then if
  the Portal Server(the  client which is invoking the process) is
  restarted again it works properly.
  This is very urgent to resolve.Any pointers to this will be very 
  helpful.
  Thannks in advance,
  Leena Jain
  Stack Trace of the error:
  ALC-DSC-215-000:  com.adobe.idp.dsc.DSCAuthenticationException: None of
  the Auth Provider  could authenticate the user. Authentication Failed
          at 
  com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.authenticate 
  (AbstractMessageReceiver.java:157)
          at 
  com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.invoke 
  (AbstractMessageReceiver.java:312)
          at 
  com.adobe.idp.dsc.provider.impl.soap.axis.sdk.SoapSdkEndpoint.invokeCall 
  (SoapSdkEndpoint.java:138)
          at 
  com.adobe.idp.dsc.provider.impl.soap.axis.sdk.SoapSdkEndpoint.invoke 
  (SoapSdkEndpoint.java:81)
          at  sun.reflect.GeneratedMethodAccessor377.invoke(Unknown
  Source)
          at  sun.reflect.DelegatingMethodAccessorImpl.invoke 
  (DelegatingMethodAccessorImpl.java:25)
          at  java.lang.reflect.Method.invoke(Method.java:585)
          at  org.apache.axis.providers.java.RPCProvider.invokeMethod 
  (RPCProvider.java:397)
          at  org.apache.axis.providers.java.RPCProvider.processMessage 
  (RPCProvider.java:186)
          at  org.apache.axis.providers.java.JavaProvider.invoke
  (JavaProvider.java:323) 
          at org.apache.axis.strategies.InvocationStrategy.visit 
  (InvocationStrategy.java:32)
          at  org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:
  118)
          at  org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
          at  org.apache.axis.handlers.soap.SOAPService.invoke
  (SOAPService.java:454) 
          at org.apache.axis.server.AxisServer.invoke(AxisServer.java: 
  281)
          at org.apache.axis.transport.http.AxisServlet.doPost 
  (AxisServlet.java:699)
          at  javax.servlet.http.HttpServlet.service(HttpServlet.java:
  727)
          at  org.apache.axis.transport.http.AxisServletBase.service 
  (AxisServletBase.java:327)
          at  javax.servlet.http.HttpServlet.service(HttpServlet.java:
  820)
          at  weblogic.servlet.internal.StubSecurityHelper 
  $ServletServiceAction.run(StubSecurityHelper.java:226)
          at  weblogic.servlet.internal.StubSecurityHelper.invokeServlet 
  (StubSecurityHelper.java:124)
          at  weblogic.servlet.internal.ServletStubImpl.execute
  (ServletStubImpl.java:283) 
          at weblogic.servlet.internal.TailFilter.doFilter 
  (TailFilter.java:26)
          at  weblogic.servlet.internal.FilterChainImpl.doFilter
  (FilterChainImpl.java:42) 
          at 
  com.adobe.idp.dsc.provider.impl.soap.axis.InvocationFilter.doFilter 
  (InvocationFilter.java:43)
          at  weblogic.servlet.internal.FilterChainImpl.doFilter
  (FilterChainImpl.java:42) 
          at weblogic.servlet.internal.WebAppServletContext 
  $ServletInvocationAction.run(WebAppServletContext.java:3393)
          at  weblogic.security.acl.internal.AuthenticatedSubject.doAs 
  (AuthenticatedSubject.java:321)
          at  weblogic.security.service.SecurityManager.runAs(Unknown
  Source)
           at
  weblogic.servlet.internal.WebAppServletContext.securedExecute 
  (WebAppServletContext.java:2140)
          at  weblogic.servlet.internal.WebAppServletContext.execute 
  (WebAppServletContext.java:2046)
          at  weblogic.servlet.internal.ServletRequestImpl.run 
  (ServletRequestImpl.java:1366)
          at  weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
          at  weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
  Caused by: |  [com.adobe.idp.um.api.impl.AuthenticationManagerImpl]
  errorCode:16421  errorCodeHEX:0x4025 message:Could not validate SAML
  Token --- Assertion is  not valid. Current time is greater than
  NOTonOrAfter time specified in the  Assertion| [IDPLoggedException]
  errorCode:12804 errorCodeHEX:0x3204  message:Could not validate SAML
  Token --- Assertion is not valid. Current  time is greater than
  NOTonOrAfter time specified in the Assertion
           at com.adobe.idp.um.api.impl.ManagerImpl.handleException 
  (ManagerImpl.java:246)
          at  com.adobe.idp.um.api.impl.ManagerImpl.handleException
  (ManagerImpl.java:192) 
          at 
  com.adobe.idp.um.api.impl.AuthenticationManagerImpl.validateAssertionCheck 
  (AuthenticationManagerImpl.java:587)
          at 
  com.adobe.idp.um.api.impl.AuthenticationManagerImpl.validateAssertion 
  (AuthenticationManagerImpl.java:552)
          at 
  com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.authenticate 
  (AbstractMessageReceiver.java:132)
          ... 33 more

  This happens due to expiry of the SAML assertion that the client has. Have a look at the Renew Assertion Recipe at the cookbook site

• Could not validate SPNEGO token.java.lang.Exception: Checksum error.

  Hello consultant:
  We are trying configurated SSO usind SPNEGO  module
  We have a portal 7.0 ehp1 and Active Directory Microsoft versión 2003 native
  we have followed the steps described in note Sap 1457499"Note 1457499 - SPNego add-on"
  When we have logged with user Active Directory and we try access to portal we obtain following error:
  Authorization check user error
  We have Deploy the Web diagtool from SAP Note 1045019 on the J2EE server, run it and perform the
  following steps:
  1. Select "Component" = "security" and "Activity" = "all"
  2. Click the "Go" button, followed by the "Add All" button
  3. Select "Component" = "All" and in the "Search pattern" field write "com.sap.security.spnego"
  4. Click the "Go" button, followed by the "Add All" button
  5. Start the tool
  Then we have reproduce the problem and stop the tool. The generated zip file will contain following error:
  15:45:20:078 Error J2EE_GST_PRD SAPEngine_Application_Thread[impl:3]_15 ~p.security.spnego.krb5.crypto.DesCrypto Checksum error! checksum: 0xc46bfed8d0dbc54221ee75405c8cd5ac; calculated checksum: 0x6ead7e801608b729a6957597327f2ba5
  15:45:20:078 Error J2EE_GST_PRD SAPEngine_Application_Thread[impl:3]_15 ~m.sap.security.spnego.SPNEGOLoginModule Could not validate SPNEGO token.
  java.lang.Exception: Checksum error.
  at com.sap.security.spnego.krb5.crypto.DesCrypto.decrypt(DesCrypto.java:43)
  at com.sap.security.spnego.krb5.KrbEncryptedData.decrypt(KrbEncryptedData.java:81)
  at com.sap.security.spnego.krb5.KrbApReq.decrypt(KrbApReq.java:67)
  at com.sap.security.spnego.SPNEGOLoginModule.parseAndValidateSPNEGOToken(SPNEGOLoginModule.java:234)
  at com.sap.security.spnego.SPNEGOLoginModule.processAuthorizationHeader(SPNEGOLoginModule.java:385)
  at com.sap.security.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:102)
  at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:185)
  at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
  at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
  at java.lang.reflect.Method.invoke(Method.java:391)
  at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)
  at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)
  at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)
  at javax.security.auth.login.LoginContext.login(LoginContext.java:557)
  at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.logon(SAPJ2EEAuthenticator.java:912)
  at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.login(AuthenticationService.java:367)
  at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:126)
  at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:181)
  at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:541)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:430)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
  at com.sap.portal.navigation.Gateway.service(Gateway.java:126)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
  at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
  at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
  at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
  at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
  at java.security.AccessController.doPrivileged(AccessController.java:219)
  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Could you help us?
  Many thanks for your collaboration

  << Do not post the same question across a number of forums >>

• Disk image Restore returns "Could not validate source - error 254"

  I had backed up an older G4 with a disk image of the boot disk. I was having severe problems so I reformatted the boot drive and started a restore (using disk utility from startup disk). The restore started fine and ran a while but then "stalled." The "progress" bar stopped and the system just kept "hitting" the Utility DVD install disk non-stop (as shown by disk access light).
  Now when I try again, I immediately get a "Restore Failure - Could not validate source - error 254"
  The disk image being restored is on a hard drive. I copied it to another drive and tried again with the same result.
  This is being done on an old G4 Tower, dual 1 GHz PPC under 10.5.8
  Comments?
  (This won't kill me as all my data files are also on my MBP, I just don't want to have to reinstall all my apps, setups, etc.)

  Yes, for my "real" machine (my Intel MBP) I have images, clones, and Time Machine Backups not to mention my data files written to DVD. I've got at least triplicate backup. This was a old machine I was setting up for a specific purpose. I'm not losing any data but I just didn't want to have to reload apps and such. But guess I have no alternative. Thanks for the tip. I had never used the "scan for restore option" before so I learned something. Usually I just trust my multiple backup method so if one source is bad, no big deal. Thanks baltwo!

• "Could not validate Essentials package" - How to solve?

  Hi there,
  I tried doing an upgrade install of Leopard and got the notorious "could not validate package" error. I'd checked the install DVD, and the same disc worked on other machines.
  The problem was that the installation process was incomplete and left my system in an inconsistent state, so I couldn't reboot. Trying an erase-and-install gave me the same error.
  Now I'm wondering whether I can copy a Leopard image from another machine using Carbon Copy Cloner and then apply the image to my MacBook. I haven't done this before, so would appreciate some tips on the exact process.
  The other machine is a MacBook (although a newer model). Thanks a lot.
  Ben

  I've been having this problem. Apple's support documents instruct to remove all third party RAM that may be installed in your machine.
  http://docs.info.apple.com/article.html?artnum=106693
  (head to the bottom of the page!)
  I'm going to be trying that later this evening. I've heard of RAM conflicts before so this is most likely going to be cause!
  Unfortunately I have no idea if it's OK to put the RAM back in once the install is complete!
  Hope this helps
  Cheers
  Mat
  At least you're up and running in the mean time!

• Exception: "Could not validate SAML Token"

  We have an evaluation system setup that we are using to generate PDF from PS. We're connecting via the EJB client, and typically have had no problems. Until today. At some point today we began seeing exceptions being thrown on the client:
  Caused by: com.adobe.idp.um.api.UMException | [com.adobe.idp.um.api.impl.AuthenticationManagerImpl] errorCode:16421 errorCodeHEX:0x4025 message:Could not validate SAML Token --- Assertion has expired and hence not valid for user [administrator@DefaultDom]. Its valid till time [Tue Feb 04 10:58:45 MST 2014] was found to be before the current time [Tue Feb 04 16:04:41 MST 2014]
  Simply bouncing the app server where the client code is running solved the problem, however we'd like to better understand what is going on and why. Nothing that I can find in the docs seems to indicate the cause/solution, and possible solutions have links that appear to no longer function: http://cookbooks.adobe.com/post_Renewing_the_context_to_handle_session_expiry-16410.html
  Any suggestions and/or insight would be greatly appreciated. Thanks!

  PROBLEM
  Using the same instance of ServiceClientFactory to remotely invoke the services exposed by the LiveCycle container can lead to
  exception related to assertion expiry
  Solution
  To handle the timeout use the ThrowHandler mechanism provided by the ServiceClientFactory framework
  Detailed explanation
  LiveCycle provides a client sdk for java based client to invoke its services remotely.
  An invocation involves Creation of a ServiceClientFactory instance Setting the user credential in thefactory instance Pass that factory to a service client or use that to create InvocationRequest directly
  Use the client to make the actual request.
  For more details refer to Invoking
  LiveCycle ES Using the Java API .
  A ServiceClientFactory instance once created is valid for a ceratin
  period of time which is by default 120 min. if the same instance is used to invoke beyond this period then it would lead to an exception stating that
  the session has expired [com.adobe.idp.um.api.impl.AuthenticationManagerImpl]
  errorCode:16421 errorCodeHEX:0x4025 message:Could not validate SAML
  Token --- Assertion has expired and hence not valid for user
  [administrator@DefaultDom]. Its valid till time [Thu Oct 22
  17:07:53 IST
  2009] was found to be before the current time [Thu Oct
  22 17:58:18 IST 2009]
  This is not an issue if the ServiceClientFactory instance is used for short duration. However if you are going to perform a long
  running task like converting large number of documents to pdf ,applying policies to them etc then it would be an issue.
  Session Expiry
  Before fxing the issue some info on what is session expiry.
  When you use a ServiceClientFactory instance to invoke the service following fow happens
  You set the credentials in the properties and invoke theservice
  LiveCycle on server side validates the credentials and issues a Context. It is sort of a ticket which can be reused later instead of the actual credentials.
  Upon receiving the response from the server the ServiceClientFactory instance deletes its own copy of credentials and instead stores the Context For later invocations this Context instance is passed instead of the user credentials
  This whole fow is done to ensure that user's credentials are not sent for each remote call thus improving the security.
  For more information on Context refer to
  User Identity in LiveCycle .
  Solution
  To fx this issue you would have to re authenticate to LiveCycle and get the Context reissued. the best way to do that is to make use of the ThrowHandler provided by the ServiceClientFactory framework
  STEP1 -  Create a Throwhandler
  * This ThrowHandler caches the user credentials and uses them
  to refresh the Context in the
  * ServiceClientFactory upon expiry.
  private static class SimpleTimeoutThrowHandler implements
  ThrowHandler {
  private String username;
  private String password;
  public SimpleTimeoutThrowHandler(String username, String
  password) {
  this.username = username;
  this.password = password;
  public boolean handleThrowable(Throwable t, ServiceClient
  sc,
  ServiceClientFactory scf, MessageDispatcher md,
  InvocationRequest ir, int numTries) throws
  DSCException {
  if(timeoutError(t)){
  //The call to AuthenticationManager do not require
  authentication so the default properties
  //are suffcient
  AuthenticationManager am =
  new
  AuthenticationManagerServiceClient(ServiceClientFactory.createInstance (getDefaultProperties()));
  AuthResult ar = null;
  try {
  ar =
  am.authenticate(username,password.getBytes());
  } catch (UMException e) {
  throw new IllegalStateException(e);
  Context ctx = new Context();
  ctx.initPrincipal(ar);
  //Refresh the ServiceClientFactory instance with
  the new context
  scf.setContext(ctx);
  logger.info("Refreshed the context associated with
  ServiceCLientFactory");
  //Now tell SCF to try the invocation again
  return true;
  //Check so that we do not wrap the exception again
  if(t instanceof DSCException)
  throw (DSCException)t;
  if(t instanceof RuntimeException)
  throw (RuntimeException)t;
  // how is it possible to get this far?
  throw new IllegalStateException(t);
  private boolean timeoutError(Throwable t) {
  if(!(t.getCause() instanceof UMException)){
  return false;
  UMException ue = (UMException) t.getCause();
  //Check that UMException is due to the
  assertion/context expiry
  if(UMConstants.ErrorCodes.E_TOKEN_INVALID ==
  ue.getErrCode()){
  return true;
  return false;
  This ThrowHandler would be invoked by the ServiceClientFactory upon receiving any exception. The handler would then determine if its a timeout related exception and then would refresh the Context associated with the factory instance and tells it to retry the invocation.
  STEP - 2 Register the handler
  ServiceClientFactory.installThrowHandler(new
  SimpleTimeoutThrowHandler(username, password));
  Note: The handler should be registered only once in the application
  STEP 3 - Perform your invocation
  Following sample would try to apply policies on all the fles present in a directory
  Properties p = getDefaultProperties();
  p.setProperty(DSC_CREDENTIAL_USERNAME, username);
  p.setProperty(DSC_CREDENTIAL_PASSWORD, password);
  ServiceClientFactory scf =
  ServiceClientFactory.createInstance(p);
  //Now do some long running operation
  String inputDirName ="path-to-input-dir";
  String outDirName = "path-to-out-dir";
  String policyName = "the-policy-name";
  File inDir = new File(inputDirName);
  File outDir = new File(outDirName);
  RightsManagementClient rmClient = new
  RightsManagementClient(scf);
  DocumentManager docManager = rmClient.getDocumentManager();
  //Iterate over all the pdf in the inDir and apply the
  policies. If this takes a
  for(File pdfFile : inDir.listFiles()){
  Document inDoc = new Document(pdfFile, false);
  Document securedDoc = docManager.applyPolicy(inDoc,
  pdfFile.getName(), null, policyName, null, null);
  securedDoc.copyToFile(new
  File(outDir,pdfFile.getName()));
  Now the invocation would complete even if it takes a long time. if any session expiry occurs then our ThrowHandler would take care of that.
  here's a sample:
  TimeOutSample.zip

• SPNEGO -Could not validate SPNEGO token.

  Hi All,
  we have configured SPENGO wizard. we have followed the steps provided in the SAP note #1457499 and deployed the files in the SPNego_AddOn_700.zip and followed all the steps in the pdf.
  We are getting below error --
  Could not validate SPNEGO token.
  [EXCEPTION]
  java.lang.Exception: Invalid ticket endtime: 20110117223730Z
  at com.sap.security.spnego.krb5.KrbApReq.throwValidationException(KrbApReq.java:112)
  at com.sap.security.spnego.krb5.KrbApReq.validate(KrbApReq.java:100)
  at com.sap.security.spnego.SPNEGOLoginModule.parseAndValidateSPNEGOToken(SPNEGOLoginModule.java:240)
  at com.sap.security.spnego.SPNEGOLoginModule.processAuthorizationHeader(SPNEGOLoginModule.java:385)
  at com.sap.security.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:102)
  at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:185)
  at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
  at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  Please suggest what could be the issue.
  Regards
  Amit

  Hi
  web diagtool also shows the same error :--
  Could not validate SPNEGO token.
  [EXCEPTION]
  java.lang.Exception: Invalid ticket endtime: 20110118140218Z
  at com.sap.security.spnego.krb5.KrbApReq.throwValidationException(KrbApReq.java:112)
  at com.sap.security.spnego.krb5.KrbApReq.validate(KrbApReq.java:100)
  at com.sap.security.spnego.SPNEGOLoginModule.parseAndValidateSPNEGOToken(SPNEGOLoginModule.java:240)
  at com.sap.security.spnego.SPNEGOLoginModule.processAuthorizationHeader(SPNEGOLoginModule.java:385)
  at com.sap.security.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:102)
  at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:185)
  at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
  at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
  at java.lang.reflect.Method.invoke(Method.java:391)
  at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)
  at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)
  at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)
  at javax.security.auth.login.LoginContext.login(LoginContext.java:557)
  at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:149)
  at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:303)
  at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
  at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
  at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:523)
  at java.security.AccessController.doPrivileged(AccessController.java:246)
  at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:412)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
  at com.sap.portal.navigation.Gateway.service(Gateway.java:126)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
  at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
  at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
  at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
  at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
  at java.security.AccessController.doPrivileged(AccessController.java:219)
  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Regards
  Amit

• ASSIGN  TO betrag could not be performed (system error)

  Hi Gurus,
  Can anybody let me know when we will get the above said Subject error.
  I had encountered it in MIGO GR transaction.
  Iam pasting the total text of the error below
  ASSIGN  TO <betrag> could not be performed (system error)
      Message no. M7103
  Diagnosis
      A system error has occurred during internal processing by the program.
  Procedure
      Contact your system administrator.
  Regards
  Mohan

  Hi ,
  Sit with Abaper and process MIGO in foreground it seems something related to program which runs in background during material document generation.
  Thanks
  Suresh

• SPNEGO Login module Stack issue: Could not validate SPNEGO token

  Hello to all,
  We are deploying a SAP Netweavear 7.3 Enterprise Portal with SPNego login module activated.
  We are performing some tests (performances and concurrent accesses).
  During the tests we have found several times the folloiwing Issue linked to the spnego.
  Could not validate SPNEGO token.
  [EXCEPTION]
  java.lang.NumberFormatException: multiple points
  at sun.misc.FloatingDecimal.readJavaFormatString(FloatingDecimal.java:1082)
  at java.lang.Double.parseDouble(Double.java:510)
  at java.text.DigitList.getDouble(DigitList.java:151)
  at java.text.DecimalFormat.parse(DecimalFormat.java:1303)
  at java.text.SimpleDateFormat.subParse(SimpleDateFormat.java:1934)
  at java.text.SimpleDateFormat.parse(SimpleDateFormat.java:1312)
  at java.text.DateFormat.parse(DateFormat.java:335)
  at com.sap.security.core.server.jaas.spnego.util.Utils.generalizedTimeStringToData(Utils.java:167)
  at com.sap.security.core.server.jaas.spnego.krb5.KrbTicketEncryptedData.parseDecryptedData(KrbTicketEncryptedData.java:67)
  at com.sap.security.core.server.jaas.spnego.krb5.KrbEncryptedData.decrypt(KrbEncryptedData.java:94)
  at com.sap.security.core.server.jaas.spnego.krb5.KrbApReq.decrypt(KrbApReq.java:68)
  at com.sap.security.core.server.jaas.SPNegoLoginModule.parseAndValidateSPNEGOToken(SPNegoLoginModule.java:315)
  at com.sap.security.core.server.jaas.SPNegoLoginModule.processAuthorizationHeader(SPNegoLoginModule.java:474)
  at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:160)
  at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:254)
  at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:65)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:254)
  at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:352)
  at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.loginWithRequestCredentials(AuthenticationService.java:337)
  at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:321)
  at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:60)
  at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:163)
  at com.sap.portal.prt.dispatcher.DispatcherServlet.service(DispatcherServlet.java:132)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:152)
  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doCached(RequestDispatcherImpl.java:655)
  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:488)
  at com.sap.portal.navigation.Gateway.service(Gateway.java:147)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
  at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:202)
  at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:103)
  at com.sap.portal.http.EnrichNavRequestFilter.doFilter(EnrichNavRequestFilter.java:49)
  at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:79)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:432)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:210)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:441)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:430)
  at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:38)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:81)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:276)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:81)
  at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
  at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.SessionSizeFilter.process(SessionSizeFilter.java:26)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:57)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:43)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
  at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:475)
  at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:269)
  at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56)
  at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)
  at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)
  at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328)
  The user rlinked to this user is Guest.
  could you please advice us how to solve this reccuring issue?
  Kind regards
  Julien LEFEVRE

  Hello Cathal,
  Thank you for your answer.
  In fact the new spnego wizard of the SAP Enterprise Portal 7.3 is used to get the the two keys files. The SAP Jvm is used in fact with the 1.6.1.
  And in fact , it functions perfectly sometimes. but during the test of massive access ( More than 30 conurent users), I have this error that comes frequently.
  Best regards
  Julien LEFEVRE

• Aspnet_compiler web.config(132): error ASPCONFIG: Could not load type 'System.Data.Entity.Design.AspNet.EntityDesignerBuildProvider'

  My latest MVC 5 project built with VS 2013 compiled and works fine on my PC but can not be published to server using command line aspnet_compiler. I kept getting the web.config(132): error ASPCONFIG: Could not load type 'System.Data.Entity.Design.AspNet.EntityDesignerBuildProvider'
  In my web.config file, I have the following as suggested by many for solution:
  <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
   <add assembly="System.Data.Entity.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
  However, the error is persisting.  I have no clue how to fix this.  Hope someone can help.

  Hello FredVanc,
  As you mentions, it could work with your develop environment, so I am wondering it is that on the server machine, the assembly is not there actually. Here are some information I found which might be helpful:
  https://support.microsoft.com/en-gb/kb/958975?wa=wsignin1.0
  https://social.msdn.microsoft.com/Forums/en-US/1295cfa8-751b-4e9b-a7a7-14e1ad1393b6/compiling-error?forum=adodotnetentityframework
  By the way, since this issue is related with ASP.ENT project, I suggest that you could post it to the ASP.NET forum, there are web experts will help you:
  http://forums.asp.net/
  Regards.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• The installer could not validate the contents of the 'BaseSystem' package

  Hello all,
  Sorry for my first post being a problem, but I am not the worlds greatest Mac person and I have been asked to support our Macs here at work.
  I have had a hard drive go in a MacBook, and I have fitted a new 160Gb hard drive (upgrading from the original 80Gb one) and I am getting the above error.
  I tried installing Leopard 10.5.4 from its original CD (we bought a full version when we upgraded this Macbook previously) and got the above error.
  SO I thought I would have to install the original version of Tiger and upgrade from there, in the same way that I did before. I reinstalled Tiger no problems from the disks which came with the MacBook, and then tried to do the upgrade, but got the same error.
  Am I doing something wrong or is there a problem do you think ?
  The MacBook has been upgraded form this particular disk once before, and no changes to the MacBook have been made apart from replacing the defunct hard drive.
  Thanks in advance, and I apologise if I have missed out any important needed information because as I say I am fairly new to Macs.

  I have your solution! I just experienced the same problem after installing a new hard drive to replace a crashed drive in an iMac (Ambient Light Sensor) model.
  I initially thought it was the optical drive and/or the Leopard DVD. I tried two Leopard DVD's and both the internal slot-load and an external FireWire drive. All resulted in the same error at the calculation stage of the install...could not verify basesystem. All hard drive tests passed.
  I used the Apple Hardware Test (your original OS DVD) and what did I discover? A failed memory DIMM! Even though the Mac would boot from an external, I thought everything was OK. The failed memory DIMM is the culprit!
  Here is why: The Mac OS X installer copies data to memory, then copies to the hard drive. When the copied data encountered the failed memory DIMM, the Installer kicks back the failure that it could not validate the basesystem. The data in the memory becomes corrupt because the DIMM is corrupt.
  I replaced both DIMMS in my iMac (an upgrade from 1 GB to 2 GB) and sure enough, the installer is running smoothly without any problems.
  So replace your memory and your problem is solved. Or figure out which DIMM went bad and replace it.

• WS-Security: "Could not validate the signature..."

  Hello,
  We get the following fault when calling a web service demanding signature:
  <soapenv:Fault xmlns:wsse="....">
  <faultcode>wsse:InvalidSecurity</faultcode>
  <faultstring>Could not validate encryption against any of the supported token types</faultstring>
  </soapenv:Fault>
  Client signs the request using X509V1 certificate, but in the SOAP request, type of BinarySecurityToken claims "X509V3":
  <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 ...>
  Is this possible the reason that the message can't get validated?
  We should have use V3 certificate, but seem JDK's keytool can't generate V3 self-signed certificate and we don't want to bother request a V3 certificate from any CA.
  Seem openSSL can do that. I will try but I can't install any thhing on the company PC. Hard to believe? :-)

  X509V1 is not a valid value for "Valuetype". So I guess this should not be the problem.

• Has anyone had this problem with VPN iPad vpn connection could not validate the server certificate

  Has anyone had this problem with IPad 3 after upgrade to IOS 7,
  trying to to connect VPN , but I get this messag, "could not validate the server certificate".
  I am trying to connect to Oracle VPN.

  Has anyone found a solution for this yet? I am still getting the could not validate server certificate error. I have tried importing the entire certificate chain as well as importing each individual cert in the chain. My certificate works perfectly with the cisco vpn on my pc.
  This is my first experience owning an apple product, and I am very disappointed with the customer support that I have received. I tried calling the help line and no one would even attempt to answer my question. I was then told that the Mac "geniuses" wouldn't know either and that I may be able to find an answer on the message boards. So I am reaching out to the community...Has anyone been able to figure out how to resolve this issue or even the specific cause? Any help is appreciated.