Error 21 for SSO Token
Hi, I have Tomcat with opensso installed on the same machine with IIS 6 + agent.
While trying to browse any of pages in IIS pages get immediately that error after authentication:
2009-10-06 11:16:43.357 Error 3240:161bd38 AM_SSO_SERVICE: SSOTokenService::getSessionInfo(): Error 21 for sso token ID AQIC5wM2LY4SfczzPs5KzV6tcQMK0T1shHOpKmXvAr8vmSQ=@AAJTSQACMDE=#.
2009-10-06 11:16:43.357 Error 3240:161bd38 PolicyEngine: am_policy_evaluate: InternalException in Service::initialize() with error message:Session query failed during service creation. and code:21
2009-10-06 11:16:43.357 Error 3240:161bd38 PolicyAgent: HttpExtensionProc(): status: HTTP error (21)Any suggestion is welcome !
Thank You !
Edited by: AlexanderL on Oct 6, 2009 11:20 AM
I think the problem is due to agent configuration...
What i did is to add the property (com.sun.am.ignore.naming_service = true) to the AMAgent.properties file to disable looking for the naming service url. The problem was solved but i am not sure if it's really the good solution or not.
Any suggestions?
Similar Messages
-
Hello everybody,
Here is the configuration i am trying to deploy:
- Apache server 2.0.55 secured with ssl
- Tomcat 6.0.14 also secured with ssl
- An fam-samples.war configured as IdP on tomcat
- Web agent installed on apache server
Now if a non authenticated user tries to access a resource on apache, the web agent redirect him to IdP for authentication. After giving the write login and password he's redirected to the resource initially requested. Here i got an "Internal server error" and when i looked in the amAgent file for error i found this:
<--
2007-09-17 15:17:06.594 Error 6447:98a16d8 all: LineBuffer::findEndOfLine():
2007-09-17 15:17:06.608 Error 6447:98a16d8 all: LineBuffer::findEndOfLine():
2007-09-17 15:17:06.617 Error 6447:98a16d8 all: LineBuffer::findEndOfLine():
2007-09-17 15:17:06.618 Error 6447:98a16d8 AM_SSO_SERVICE: SSOTokenService::getSessionInfo(): Error 12 for sso token ID AQIC5wM2LY4SfcxUl+Qrr8Za5tjVgKq5XRocwCegb79ttmE=@AAJTSQACMDE=#.
2007-09-17 15:17:06.618 Error 6447:98a16d8 PolicyEngine: am_policy_evaluate: InternalException in Service::initialize() with error message:Session query failed during service creation. and code:12
-->
I tried to look in the web agent configuration file AmAgent.properties for some properties to change but i didn't found the solution!
Does anyone please have an idea about this problem?
Note: If tomcat is not secured all works perfectly.
THANKSI think the problem is due to agent configuration...
What i did is to add the property (com.sun.am.ignore.naming_service = true) to the AMAgent.properties file to disable looking for the naming service url. The problem was solved but i am not sure if it's really the good solution or not.
Any suggestions? -
Policy Agent 3.0 for Tomcat - Cannot obtain Application SSO token
Hi
I am trying to configure Sun OpenSSO Enterprise Policy Agent 3.0 for Apache Tomcat Application Server 6.
After installing the Policy Agent, Tomcat is not starting.
The Error in the stack is :
=========
Jun 14, 2009 2:21:00 AM
org.apache.tomcat.util.digester.Digester startElement
SEVERE: Begin event threw error
java.lang.ExceptionInInitializerError
at
com.sun.identity.agents.arch.AgentConfiguration.bootStrapClientConfig
uration(AgentConfiguration.java:682)
Caused by:
com.sun.identity.security.AMSecurityPropertiesException:
AdminTokenAction: FATAL ERROR: Cannot obtain Application
SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at
com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:
258)
=========
There is no AMConfig.properties file. The Agent uses "OpenSSOAgentBootstrap.properties".
Is there a workaround for this issue ?
Cheers.Hi,
I have the same Problem, did you come up with a solution for it?
thanks
Matrius -
IM Installation - FATAL ERROR: Cannot obtain Application SSO token
Hi Guys,
I am having a problem trying to install IM, I got the following error,
Registering services with Access Manager...exist exception - AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
I got the IM + DA+ AM 7.1 + AS 9.1 U2 installed in the same server with the DS 6.3 installed remotly. I installed the following components for the AM
*[X] 1. Access Manager Core Services
*[X] 2. Access Manager Administration Console
*[X] 3. Common Domain Services for Federation Management
*[X] 4. Access Manager SDK
yes, the Application server is up and running before I start the installation of IM and the access manager is working fine, do you know why I am getting this error?
p.s. i tried to set those variable in the following file (/etc/opt/SUNWam/config/AMConfig.properties) but i got the same error
com.sun.identity.agents.app.username=amadmin
com.iplanet.am.service.password=encrypted password
thanks a lot guysI give up finding the problem....i will re-install AM, these are the questions that the installer will ask, are my values ok ?
*[X] 1. Access Manager Core Services
*[X] 2. Access Manager Administration Console
*[X] 3. Common Domain Services for Federation Management
*[X] 4. Access Manager SDK
Specify Common Server Settings
Enter Host Name [convergence] {"<" goes back, "!" exits}
Enter DNS Domain Name [domain.com] {"<" goes back, "!" exits}
Enter IP Address [192.168.2.82] {"<" goes back, "!" exits}
Enter Server admin User ID [admin] {"<" goes back, "!" exits}
Enter Admin User's Password (Password cannot be less than 8 characters) []
{"<" goes back, "!" exits}
Confirm Admin User's Password [] {"<" goes back, "!" exits}
Enter System User [root] {"<" goes back, "!" exits}
Enter System Group [root] {"<" goes back, "!" exits}
Access Manager: Specify Configuration Information
Install type (Realm/Legacy) Mode [Legacy] {"<" goes back, "!" exits}:
Administrator User ID: amAdmin
Administrator Password [] {"<" goes back, "!" exits}:
Retype Password [] {"<" goes back, "!" exits}:
LDAP User ID: amldapuser
LDAP Password [] {"<" goes back, "!" exits}:
Retype Password [] {"<" goes back, "!" exits}:
Password Encryption Key [gdtrt576ythjgut7erehejr8] {"<" goes back,
"!" exits}:
Access Manager: Choose Deployment Container
1. Sun Java(TM) System Application Server
2. Sun Java(TM) System Web Server
Select the container to deploy the component and hit enter key [1] {"<" goes
back, "!" exits} 1
Access Manager: Specify Sun Java System Application Server
Installation Directory [opt/SUNWappserver/appserver] {"<" goes back, "!"
exits}: /opt/SUNWappserver
Instance Directory [var/opt/SUNWappserver/domains/domain1] {"<" goes back,
"!" exits}: /opt/SUNWappserver/domains/domain1
Access Manager Runtime Instance [server] {"<" goes back, "!" exits}:
Access Manager Instance Port [8080] {"<" goes back, "!" exits}: 80
Document Root [var/opt/SUNWappserver/domains/domain1/docroot] {"<" goes
back, "!" exits}: /opt/SUNWappserver/domains/domain1/docroot
Administrator User ID [admin] {"<" goes back, "!" exits}:
Administrator Password [] {"<" goes back, "!" exits}:
Master Password [] {"<" goes back, "!" exits}:
Administrator Port [4849] {"<" goes back, "!" exits}: 4848
Secure Server Instance Port [No] {"<" goes back, "!" exits}:
Secure Administration Server Port [Yes] {"<" goes back, "!" exits}:
Access Manager: Specify Web Container for Running Access Manager Services
Host Name [convergence.domain.com] {"<" goes back, "!" exits}:
Services Deployment URI [amserver] {"<" goes back, "!" exits}:
Common Domain Deployment URI [amcommon] {"<" goes back, "!" exits}:
Cookie Domain(Assure it is not a top level domain) [.domain.com] {"<" goes
back, "!" exits}:
Password Deployment URI [ampassword] {"<" goes back, "!" exits}:
1. HTTP
2. HTTPS
Console Protocol [1] {"<" goes back, "!" exits}:
Access Manager: Choose Access Manager Console
Administration Console [Yes] {"<" goes back, "!" exits}:
Console Deployment URI [amconsole] {"<" goes back, "!" exits}:
Access Manager: Specify Directory Server Information
Directory Server Host [] {"<" goes back, "!" exits}: mail.domain.com
Directory Server Port [389] {"<" goes back, "!" exits}:
Directory Root Suffix [dc=domain,dc=com] {"<" goes back, "!" exits}:
Directory Manager DN [cn=Directory Manager] {"<" goes back, "!" exits}:
Directory Manager Password [] {"<" goes back, "!" exits}:
Access Manager: Specify Directory Server Data
Is Directory Server provisioned with user data [No] {"<" goes back, "!"
exits}?
Ready to Install -
"Cannot obtain Application SSO token" error
Hello,
I configured my agent as follows:
Version: 3.0
Build Date: 20071212
Application Server Config Directory : C:\Sun\SDK\domains\domain1\config
Application Server Instance name : server
Access Manager URL : http://juno:6140/opensso
Domain Administration Server Host is remote : false
Agent URL : http://juno:8080
Deployment URI for the Agent Application : /agentapp
Encryption Key : J+KQLOM+s6gAQb1Y1H8uJoej3bzKBAEN
Agent Profile name : asagent
Agent Profile Password file name : c:\temp\password.TXT
Agent installed on the DAS host for a remote instance : false
The AM and the sample applications are both running on separate domains.
Following steps I performed:
1. I started my SSO domain (domain2) first and then the application domain where my agent is installed (domain1).
2. I deployed the agentsample.ear file after compilation through build.xml file
When I try to access the URL (http://localhost:8080/agentsample/index.html), it throw the following exception (recorded in amSSO log file located in the Agent_001
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:233)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.common.PropertiesFinder.getProperty(PropertiesFinder.java:49)
at com.iplanet.am.util.SystemProperties.get(SystemProperties.java:255)
at com.iplanet.am.util.SystemProperties.get(SystemProperties.java:298)
at com.iplanet.dpro.session.SessionID.<clinit>(SessionID.java:90)
... 46 more
|#]
[#|2007-12-14T11:32:42.881-0500|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-1;_RequestID=30ba22ac-dd83-461b-a835-440480970033;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: Could not initialize class com.sun.identity.agents.filter.AmFilterManager
at com.sun.identity.agents.filter.AmAgentBaseFilter.initializeFilter(AmAgentBaseFilter.java:217)
at com.sun.identity.agents.filter.AmAgentBaseFilter.getAmFilterInstance(AmAgentBaseFilter.java:279)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:64)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:361)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
I spent lot of time refering the supporting document but could not find any solution.
Your assistance will be greatly appreciated.
Thanks,
VinitI tried to deploy "agentapp.war" in the "domain1" which I configured to install J2EE Agent. The "domain2" deployed opensso.war file. When I tried to invoke "http://test.domain.org:8080/agentapp", it threw the following error:
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:233)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.common.configuration.ConfigurationBase.isLegacy(ConfigurationBase.java:180)
at com.sun.identity.common.configuration.ConfigurationObserver.createAttributeMapping(ConfigurationObserver.java:62)
at com.sun.identity.common.configuration.ConfigurationObserver.<init>(ConfigurationObserver.java:58)
at com.sun.identity.common.configuration.ConfigurationObserver.<clinit>(ConfigurationObserver.java:50)
... 35 more
|#]
[#|2007-12-17T21:24:21.453-0500|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=fde18bdd-a04f-48ba-b4f1-7a88a756c315;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: Could not initialize class com.sun.identity.agents.filter.AmFilterManager
at com.sun.identity.agents.filter.AmAgentBaseFilter.initializeFilter(AmAgentBaseFilter.java:217)
at com.sun.identity.agents.filter.AmAgentBaseFilter.getAmFilterInstance(AmAgentBaseFilter.java:279)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:64)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
I do not understand why it is looking for AMConfig.properties file in domain1? This file exist in domain2 and not in domain1. Secondly, it also throws NoClassDefFoundError Exception. However, config.xml file sets classpath as :
<java-config classpath-suffix="${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/lib/agent.jar${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/lib/openssoclientsdk.jar${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/locale${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/Agent_001/config" debug-enabled="false" debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9009" env-classpath-ignored="true" java-home="${com.sun.aas.javaRoot}" javac-options="-g" rmic-options="-iiop -poa -alwaysgenerate -keepgenerated -g" system-classpath="">
I am not sure whether both these problems are related or independent.
Thanks in advance,
Vinit -
JAXB unmarshalling error for " " token as part of xsd:string type element
JAXB unmarshalling error for "<" token as part of xsd:string type element
We are getting a JAXB unmarshalling error:
while processing the following <condition> tag which is of type xsd:string
<condition> x < 100 </condition>
The error is probably happening due to "<" token as a part of string type.
xml.bind.JAXBException: Unexpected error in Unmarshalling
at oracle.xml.jaxb.JaxbUnmarshaller.unmarshal(JaxbUnmarshaller.java:224)
Any ideas how to resolve this issue?
Note
<condition> x > 100 </condition> is getting unmarshalled successfully by JAXB unmarshaller.
ThanksHi,
Did you tried to put & lt; (without space) instead of < ?
Best Regards,
Paweł -
ORA-06502 error after SSO login
Hi all.
In our intranet i'm trying to use the AS 10g SSO
as authentication with my HTML DB application.
HTML DB is into a 9.2.0.4 database in a Alpha open VMS server.
AS 10g infrastructure and AS 10g mid-tier on two difference Linux RedHat AS 2.1 servers.
Infrastructure server: http://giedi.marinarinaldi.it:7779
Mid-tier server: http://si.marinarinaldi.it:7778
HTML DB application: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/f?p=106:1
I followed the related how-to document
and the SSO login page shows correctly
but when i click "login":
Error Error determining caller of process_success:l_owner::p_partner_app_name:HTML_DB Please contact administrator.
ORA-06502: PL/SQL: numeric or value error: character to number conversion error
The SSO logi page is a our custom login page
but it works perfectly with portal.
The SSO partner application parameters:
ID: 97F428BC
Token: 4PW44GF797F428BC
Encryption Key: 12E3971BE26C4E5D
Login URL: http://giedi.marinarinaldi.it:7779/pls/orasso/orasso.wwsso_app_admin.ls_login
Single Sign-Off URL: http://giedi.marinarinaldi.it:7779/pls/orasso/orasso.wwsso_app_admin.ls_logout
Name: HTML_DB
Home URL: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/f?p=106:1
Success URL: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/wwv_flow_custom_auth_sso.process_success
Logout URL: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/htmldb
The parameters of regapp.sql script on the Alpha HTMLDB database:
Enter value for listener_token: HTML_DB:si.marinarinaldi.it:7778
Enter value for site_token: 4PW44GF797F428BC
Enter value for site_id: 97F428BC
Enter value for login_url: http://giedi.marinarinaldi.it:7779/pls/orasso/orasso.
wwsso_app_admin.ls_login
Enter value for cookie_version: v1.0
Enter value for encryption_key: 12E3971BE26C4E5D
Enter value for ip_check: N
Thank you all in advance for help.SQL> select * from WWSEC_SSO_LOG$;
1
entry: papp_show_config
05-AUG-04
2
IN papp_show_config: after the select.
05-AUG-04
3
site name is 4PW44GF797F428BC
05-AUG-04
4
exit: papp_show_config
05-AUG-04
5
entry: urlencode
05-AUG-04
6
encoded URL is http%3A%2F%2Fsi.marinarinaldi.it%3A7778%2Fpls%2FhtmldbSVIL%2Ff%3F
p%3D106%3A1%3A6300852000501899701
05-AUG-04
7
exit: urlencode
05-AUG-04
8
entry: urlencode
05-AUG-04
9
encoded URL is http%3A%2F%2Fsi.marinarinaldi.it%3A7778
05-AUG-04
10
exit: urlencode
05-AUG-04
11
entry: encrypt_url_cookie
05-AUG-04
12
Before bake_site2pstore_token: listener token: HTML_DB:si.marinarinaldi.it:7778u
rlcookie_version: v1.0papp_url_cookie: http%3A%2F%2Fsi.marinarinaldi.it%3A7778%2
Fpls%2FhtmldbSVIL%2Ff%3Fp%3D106%3A1%3A6300852000501899701~http%3A%2F%2Fsi.marina
rinaldi.it%3A7778enabler_config.site_token: 4PW44GF797F428BCkey: 12E3971BE26C4E5
D
05-AUG-04
13
entry: bake_site2pstore_token
05-AUG-04
14
entry get_enabler_config
05-AUG-04
15
site token is 4PW44GF797F428BC
05-AUG-04
16
exit: get_enabler_config
05-AUG-04
17
In hash string. Input is 308-05-2004 10:06:52
05-AUG-04
18
In hash string. Input is ud)xc`8L`GJd~4PW44GF797F428BC~20040805100652~http%3A%2F
%2Fsi.marinarinaldi.it%3A7778%2Fpls%2FhtmldbSVIL%2Ff%3Fp%3D106%3A1%3A63008520005
01899701~http%3A%2F%2Fsi.marinarinaldi.it%3A7778
05-AUG-04
19
temp site2pstoretoken is :ud)xc`8L`GJd~4PW44GF797F428BC~20040805100652~http%3A%2
F%2Fsi.marinarinaldi.it%3A7778%2Fpls%2FhtmldbSVIL%2Ff%3Fp%3D106%3A1%3A6300852000
501899701~http%3A%2F%2Fsi.marinarinaldi.it%3A7778~5169F5D95694EE7F4EEC7D80056B56
A5
05-AUG-04
20
entry: encrypt_des
05-AUG-04
21
Key is: 12E3971BE26C4E5D
05-AUG-04
22
before rpad
05-AUG-04
23
pre mask: 503504C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB62850973AF1503504
C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB6
2850973AF1503504C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB628
05-AUG-04
24
post mask: 45FBB10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1C861EBF9AE645FBB
10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1
C861EBF9AE645FBB10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1C86
05-AUG-04
25
exit: bake_site2pstore_token
05-AUG-04
26
After bake_site2_pstore_token. Value is: C061F10FBDDAACCB4A5B536D036656AF013D33B
17261B66BD9C46A02004CF08081B0EB68834FA1594884A2088A6E1829A35EEA97ECF7B0F9B728B60
B7DDEFEC846EA96CDB4208783B26F7DE976B3E7912554A8FA2B383EBF0C4221858C88B10A00A2789
65C85703BEF6C3C1E3F069FF9C41059B5982CBADB7F662D481C9812EBCD7B44A7E24819CD152BB29
9F2B40F08138F7DAE05BCC58CF87FECFA89B1BEE195FB2A314699AA2C8D406AC52FCE4F5B6DCE910
A4B31714D99918BEC39E3E067BE031F5E9DF031192064B1ECAE0B100775AD76EF4D478844
05-AUG-04
27
Redirect URL generated is : http://giedi.marinarinaldi.it:7779/pls/orasso/orasso
.wwsso_app_admin.ls_login?site2pstoretoken=v1.0~97F428BC~C061F10FBDDAACCB4A5B536
D036656AF013D33B17261B66BD9C46A02004CF08081B0EB68834FA1594884A2088A6E1829A35EEA9
7ECF7B0F9B728B60B7DDEFEC846EA96CDB4208783B26F7DE976B3E7912554A8FA2B383EBF0C42218
58C88B10A00A278965C85703BEF6C3C1E3F069FF9C41059B5982CBADB7F662D481C9812EBCD7B44A
7E24819CD152BB299F2B40F08138F7DAE05BCC58CF87FECFA89B1BEE195FB2A314699AA2C8D406AC
52FCE4F5B6DCE910A4B31714D99918BEC39E3E067BE031F5E9DF031192064B1ECAE0B100775AD76E
F4D478844
05-AUG-04 -
URL Decode SSO Token Flag Property IIS 6.0
I have the Policy Agent 2.2 for IIS 6.0 to install. I have been installing the agents before and all of them had the option of URL Decode SSO Token Flag Property (com.sun.identity.agents.config.sso.decode), but I can not find it here. Has it been disabled? I really needed it to get rid of some error. Thank you very much for you help!
Apparently there is no need for such an option. The agent works fine without it. The idea behind the scenes is that I used to get an invalid session and and thought that this could be the problem that the SSO Token does not get decode right, the problem was actually something else.
The time between the Access Manager machine and the Server where IIS is installed has to be in sync. And by that I mean day, year, hour, minutes and this is what I have missed - TimeZone! -
Error in SSO login page.
HI all,
This time in windows 2000 Professional,I install infrastructure without error or warning(But in the installation log file I saw one error i.e., as follows.)(I put th error line into bold face.)
Create Group URLrefreshed:oiddas/ui/oracle/ldap/das/admin/AppCreateGroupInfoAdmin
Edit Group URL refreshed:oiddas/ui/oracle/ldap/das/admin/AppEditGroupAdmin
Delete Group URL refreshed:oiddas/ui/oracle/ldap/das/admin/AppDeleteGroupAdmin
Group LOV URL refreshed:oiddas/ui/oracle/ldap/das/search/LOVGroupSearch
People Search URL refreshed:oiddas/ui/oracle/ldap/das/search/AppUserSearch
Directory Administration URL
refreshed:oiddas/ui/oracle/ldap/das/mypage/ViewMyPage
Local OID cache refreshed
PL/SQL procedure successfully completed.
Disconnected from Oracle9i Enterprise Edition Release 9.0.1.4.0 - Production
With the Partitioning option
JServer Release 9.0.1.4.0 - Production
NLS_LANG character set = UTF8
NLS_LANG param = AMERICAN_AMERICA.UTF8
Portal SMI: Oracle home: D:\ocsinfra was registered.
Portal SMI: ERROR: Web DAV: /dav_portal/orasso could not be found.
Portal SMI: Update config was successful.
Portal SMI: Save changes was successful.
Portal SMI: Updated DAD: /pls/orasso
Portal SMI: Terminating.
Portal SMI: Terminated in: 20 milliseconds.
D:\ocsinfra\jdk\bin\java -jar D:\ocsinfra\jlib\emConfigInstall.jar targets D:\ocsinfra\sso\sso_server_target2add.xml
End output from spawned process.
Configuration assistant "Single Sign-On Configuration Assistant" succeeded
Result code for launching of configuration assistant is: 0
Launched configuration assistant 'Patch SSO'
Tool type is: Optional.
The command being spawned is: 'D:\ocsinfra/sso/bin/ssoca.bat patch D:\ocsinfra'
Start output from spawned process:
Parameters passed to ssoca : param0:patch param1:D:\ocsinfra
INSTALL_ACTION: SSOConfigAssistant: Install Mode is PATCH
INSTALL_ACTION: SSOConfigAssistant: SSO configuration status valid
INSTALL_ACTION: SSOConfigAssistant : Invoking sqlplus
D:\ocsinfra\bin\sqlplus ORASSO/*****@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=esysocs2)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=iasdb.esysocs2))) @D:\ocsinfra\sso\admin\plsql\sso\ssopachk.sql
SQL*Plus: Release 9.0.1.4.0 - Production on Mon Feb 13 12:04:39 2006
(c) Copyright 2001 Oracle Corporation. All rights reserved.
SQL> Connected.
SQL> Checking current SSO Server version...
INFO: SSO Server version : 9.0.2.2.22
INFO: SSO Server version to be checked: 9.0.2.2
INFO: SSO Server version check ok
INFO: SSO patch check status : 0
PL/SQL procedure successfully completed.
Disconnected from Oracle9i Enterprise Edition Release 9.0.1.4.0 - Production
With the Partitioning option
JServer Release 9.0.1.4.0 - Production
INSTALL_ACTION: SSOConfigAssistant: Invoking sqlplus
D:\ocsinfra\bin\sqlplus ORASSO/*****@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=esysocs2)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=iasdb.esysocs2))) @D:\ocsinfra\sso\admin\plsql\sso\ssopatch.sql
SQL*Plus: Release 9.0.1.4.0 - Production on Mon Feb 13 12:04:42 2006
(c) Copyright 2001 Oracle Corporation. All rights reserved.
SQL> Connected.
SQL> Calling ssopatch.sql
Oracle 9iAS Single Sign-On Server
Loading Package(s)...
Package created.
No errors.
.After that i go to address http://esysocs2:7777/oiddas. Off this point when i click on login all addresses on Address bar covert to http://esysocs:7777/oiddas/....(remind of the system name). In otherwords "esysocs2" changes to "esysocs".i also tried again by using IP address of my machine(which is static). At this time i receive page "Single Sign On" with ERROR :Unexpected errors (WWC-41400).( this is the situation when creating the new oid users)
Q 1)Is this error( i.e.,ERROR :Unexpected errors (WWC-41400)) is effected by the error showed as bold face in the above log file?describe me when that log file error(i.e., Portal SMI: ERROR: Web DAV: /dav_portal/orasso could not be found will occurs(I mean in which situation?)
In services window, Oracle OLAP 9.0.1.0.1,OracleOCSInfra_homewebcachemon services are not starting when i attempted to start. I installed the infrastructure 8or 9 times in this week. Every installation time it is same that services are not starting and the error in SSO page.
Q 2) Why these services are not starting for me? Is the services basically doesn't start or any mistakes i did in the installation process? ( I know i didn't do any mistake at the installation time.) describe me when these services needed and how to start those sevices if necessary?
One more thing is which password we will enter when we attemp for the first time on the SSO. In manuals it is saying that "enter the oid username and the password". At first, in installation time we didn't create the oid users. By default what is the oid username and the password.
Q 3) What is the default OID & SSO username and the password.
>>>> Please solve my problem waiting for the replies eagerly.
with thank in advance./kumaraswamy.nI solved all my problems By setting the domain name to my system and using the windows 2003 server.
-
We have a SharePoint Enterprise 2013 system at RTM level. We've installed Workflow Manager 1.0 by following the steps at
http://technet.microsoft.com/en-us/library/jj658588.aspx. For the final step of Validating the Installation we created a simple list-level workflow and verified that the workflow
is invoked successfully. This is working successfully, but only for a single user. If other users in the same site collection try to invoke the workflow on this same list we get the ULS Log Error:
Claims Authentication af3zp Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'Microsoft.SharePoint.SPException: The specified user or domain group was not found. --->
System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
followed by:
Failed to issue new security token. Exception: Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
(as details below).
All accounts that are attempting to use the Test Workflow (both working and non-working user accounts) are valid AD accounts and are included in the User Profile Sync that runs nightly. All have Contribute or Design permission level (and for testing,
Full Control).
What could cause the Claims Authentication to fail when certain users attempt to launch the workflow?
Thank you for your response.
Jim Mac.
08/29/2013 10:22:51.94 w3wp.exe (0x2020) 0x26D8 SharePoint Foundation
Claims Authentication af3zp Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'Microsoft.SharePoint.SPException: The specified user or domain group was
not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType,
Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity,
SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdent... 94aa5c2d-fa45-9b83-b203-a92b20102583
08/29/2013 10:22:51.94* w3wp.exe (0x2020) 0x26D8 SharePoint Foundation
Claims Authentication af3zp Unexpected ...ity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String
encodedIdentityClaimSuffix) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.CreateTokenCacheReferenceFromTokenSignature(SPRequestInfo requestInfo, IClaimsIdentity identity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentTokenCacheReferenceClaim(SPRequestInfo
requestInfo, IClaimsIdentity identity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
principal, RequestSecurityToken request, Scope scope)'. 94aa5c2d-fa45-9b83-b203-a92b20102583
08/29/2013 10:22:51.94 w3wp.exe (0x2020) 0x26D8 SharePoint Foundation
Claims Authentication fo1t Monitorable STS Call: Failed to issue new security token. Exception: Microsoft.SharePoint.SPException: The specified user or domain group was not found. --->
System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim)
--- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim logi... 94aa5c2d-fa45-9b83-b203-a92b20102583
08/29/2013 10:22:51.94* w3wp.exe (0x2020) 0x26D8 SharePoint Foundation
Claims Authentication fo1t Monitorable ...nClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix)
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.CreateTokenCacheReferenceFromTokenSignature(SPRequestInfo requestInfo, IClaimsIdentity identity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentTokenCacheReferenceClaim(SPRequestInfo
requestInfo, IClaimsIdentity identity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
principal, RequestSecurityToken request, Scope scope) at Microsoft.IdentityModel.Securi... 94aa5c2d-fa45-9b83-b203-a92b20102583
08/29/2013 10:22:51.94* w3wp.exe (0x2020) 0x26D8 SharePoint Foundation
Claims Authentication fo1t Monitorable ...tyTokenService.SecurityTokenService.Issue(IClaimsPrincipal principal, RequestSecurityToken request) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.Issue(IClaimsPrincipal
principal, RequestSecurityToken request) 94aa5c2d-fa45-9b83-b203-a92b20102583Hi Aries,
I am facing issue with work flow where Workflow goes to Suspend mode.
I am facing an issue with SP2013 Custom Workflow developed using Visual Studio 2012.
Objective of the Custom workflow: User fills the form and submit, list get updated and workflow will initiate and go for the process.
Issue: After the deployment of WF, for first time when user is filling the form and submit, list is getting updated. But the Workflow Goes to "Suspend" mode. (
This Custom Workflow has a configuration file where we are providing other details including ID of Impersonator (farm is running under Claim Based Authentication).
Work flow works fine once when the Impersonator initiate the workflow (Fill the form and submit for approval) and everything works fine after that.
Following steps are already performed
1.Make sure User profile synchronization is started.
2.Make sure the user is not the SharePoint system user.
3.Make sure the user by whom you are logged is available in User Profile list.
4.Step full synchronization of User Profile Application.
From the ULS logs it seems the user's security token from the STS service and User profile service is not being issued.
Appreciate any thoughts or solution.
Following are the log files.
<-------------------------------Information taken from "http://YYYY.XXXXX.com/sites/xxxx/_layouts/15/wrkstat.aspx" where it is showing workflow status as "Suspend"------->
http://yyyy.XXXX.com/sites/xxxx/_vti_bin/client.svc/sp.utilities.utility.ResolvePrincipalInCurrentcontext(input=@ParamUser,scopes='15',sources='15',inputIsEmailOnly='false',addToUserInfoList='False')?%40ParamUser='i%3A0%23.w%7CXXXXX%5Csps_biscomdev'
Correlation Id: f5bd8793-a53c-2127-bfb1-70bc172425e8 Instance Id: 14a985a0-60c8-42db-a42c-c752190b8106
RequestorId: f5bd8793-a53c-2127-0000-000000000000. Details: RequestorId: f5bd8793-a53c-2127-0000-000000000000. Details: An unhandled exception occurred during the execution of the workflow instance. Exception details: System.ApplicationException: HTTP 401
{"error_description":"The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug>
configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs."} {"x-ms-diagnostics":["3001000;reason=\"There
has been an error authenticating the request.\";category=\"invalid_client\""],"SPRequestGuid":["f5bd8793-a53c-2127-8654-672758a68234"],"request-id":["f5bd8793-a53c-2127-8654-672758a68234"],"X-FRAME-OPTIONS":["SAMEORIGIN"],"SPRequestDuration":["34"],"SPIisLatency":["0"],"Server":["Microsoft-IIS\/7.5"],"WWW-Authenticate":["Bearer
realm=\"b14e1e0f-257f-42ec-a92d-377479e0ec8d\",client_id=\"00000003-0000-0ff1-ce00-000000000000\",trusted_issuers=\"00000005-0000-0000-c000-000000000000@*,[email protected]79e0ec8d\"","NTLM"],"X-Powered-By":["ASP.NET"],"MicrosoftSharePointTeamServices":["15.0.0.4420"],"X-Content-Type-Options":["nosniff"],"X-MS-InvokeApp":["1;
RequireReadOnly"],"Date":["Fri, 10 Apr 2015 19:48:07 GMT"]} at Microsoft.Activities.Hosting.Runtime.Subroutine.SubroutineChild.Execute(CodeActivityContext context) at System.Activities.CodeActivity.InternalExecute(ActivityInstance
instance, ActivityExecutor executor, BookmarkManager bookmarkManager) at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)
ULS Log
04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Authentication Authorization agb9s Medium OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0 f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Runtime ajd6k Verbose Value for isAnonymousAllowed is : False f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Runtime ajd6l Verbose Value for checkAuthenticationCookie is : True f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly)). Execution Time=18.7574119057031 f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.73 PowerShell.exe (0x29BC) 0x2B9C SharePoint Foundation General narq Verbose Releasing SPRequest with allocation Id {AF89E1D7-C47F-467B-8FD4-D7DC768820EE}
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly)). Parent No
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80.
04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly) f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Application Authentication Pipeline). Parent Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly) f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Claims Authentication ah25l Medium SPJsonWebSecurityBaseTokenHandler: ValidateActorIsSelfIssuer! Issuer '00000005-0000-0000-c000-000000000000' is not self
issuer. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Getting Site Subscription Id). Parent [S2S] Getting token from STS and setting Thread Identity f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Getting Site Subscription Id). Execution Time=0.341314329055788 f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Reading token from Cache using token signature). Parent [S2S] Getting token from STS and setting Thread
Identity f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General ajji6 High Unable to write SPDistributedCache call usage entry. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Reading token from Cache using token signature). Execution Time=7.5931438213516 f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Application Authentication ajwpx Medium SPApplicationAuthenticationModule: Failed to build cache key for user f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Topology aeayb Medium SecurityTokenServiceSendRequest: RemoteAddress: 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc' Channel:
'Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustChannelContract' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue' MessageId: 'urn:uuid:fd5eba94-c39d-4667-89bd-089411c87f09' f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.77 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Topology aeax9 Medium SecurityTokenServiceReceiveRequest: LocalAddress: 'http://c1vspwfe01.vitas.com:32843/SecurityTokenServiceApplication/securitytoken.svc'
Channel: 'System.ServiceModel.Channels.ServiceChannel' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue' MessageId: 'urn:uuid:fd5eba94-c39d-4667-89bd-089411c87f09' f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.77 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (ExecuteSecurityTokenServiceOperationServer). Parent No f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication ah25l Medium SPJsonWebSecurityBaseTokenHandler: ValidateActorIsSelfIssuer! Issuer '00000005-0000-0000-c000-000000000000' is not self
issuer. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General narq Verbose Releasing SPRequest with allocation Id {F17590DF-49D9-439D-86BC-5AE6416BB765} f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8b Verbose Looking up site
http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General narq Verbose Releasing SPRequest with allocation Id {3847D5A4-15C6-4AF9-B062-E22BB555DF4F} f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Portal Server User Profiles ae0s1 High Identity claims mapped to '0' user profiles. Claims: [nameid: '', nii: 'windows', upn: '', smtp: '', sip: ''], User Profiles: f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Portal Server User Profiles ae0sr Unexpected UserProfileException caught.. Exception Microsoft.Office.Server.Security.UserProfileNoUserFoundException: 3001002;reason=The
incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator. at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() is thrown. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Portal Server User Profiles ae0su High The set of claims could not be mapped to a single user identity. Exception 3001002;reason=The incoming identity is not mapped
to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator. has occured. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication ae0tc High The registered mappered failed to resolve to one identity claim. Exception: Microsoft.Office.Server.Security.UserProfileNoUserFoundException:
3001002;reason=The incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator. at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
secureCode) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri
contextUri, List`1 claims) f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication af3zp Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'Microsoft.Office.Server.Security.UserProfileNoUserFoundException:
3001002;reason=The incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator. at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
secureCode) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri
contextUri, List`1 claims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.ResolveUserIdentityClaim(Uri contextUri, ClaimCollection inputClaims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetIdentityClaim(Uri
contextUri, ClaimCollection inputClaims, SPCallingIdentityType callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetLogonIdentityClaim(SPRequestInfo requestInfo, IClaimsIdentity inputIdentity, IClaimsIdentity
outputIdentity, SPCallingIdentityType callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.EnsureSharePointClaims(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity, SPCallingIdentityType callerType)
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
principal, RequestSecurityToken request, Scope scope)'. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication fo1t Monitorable STS Call: Failed to issue new security token. Exception: Microsoft.Office.Server.Security.UserProfileNoUserFoundException:
3001002;reason=The incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator. at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
upManager, IEnumerable`1 identityClaims) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
secureCode) at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri
contextUri, List`1 claims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.ResolveUserIdentityClaim(Uri contextUri, ClaimCollection inputClaims) at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetIdentityClaim(Uri
contextUri, ClaimCollection inputClaims, SPCallingIdentityType callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetLogonIdentityClaim(SPRequestInfo requestInfo, IClaimsIdentity inputIdentity, IClaimsIdentity
outputIdentity, SPCallingIdentityType callerType) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.EnsureSharePointClaims(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity, SPCallingIdentityType callerType)
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
principal, RequestSecurityToken request, Scope scope) at Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.Issue(IClaimsPrincipal principal, RequestSecurityToken request) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.Issue(IClaimsPrincipal
principal, RequestSecurityToken request) f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (ExecuteSecurityTokenServiceOperationServer). Execution Time=17.1551132895382 f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Claims Authentication fsq7 High SPSecurityContext: Request for security token failed with exception: System.ServiceModel.FaultException: The server was
unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in
order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs. at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message
response) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken
rst) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties) f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Claims Authentication 8306 Critical An exception occurred when trying to issue security token: The server was unable to process the request due to an internal
error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to
the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs.. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Application Authentication Pipeline). Execution Time=52.3525336320678 f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Application Authentication ajezs High SPApplicationAuthenticationModule: Error authenticating request, Error details { Header: {0}, Body: {1} }. Available
parameters: 3001000;reason="There has been an error authenticating the request.";category="invalid_client" {"error_description":"The server was unable to process the request due to an internal error. For more information
about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as
per the Microsoft .NET Framework SDK documentation and inspect the server trace logs."} . f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 8nca Medium Application error when access /sites/testrpa2/_vti_bin/client.svc, Error=The server was unable to process the request due to an internal
error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to
the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs. at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken
rst, RequestSecurityTokenResponse& rstr) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context,
Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationAuthentication(Uri context,
SecurityToken onBehalfOf) at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.<>c__DisplayClass4.<GetLocallyIssuedToken>b__3() at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated
secureCode) at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.ConstructIClaimsPrincipalAndSetThreadIdentity(HttpApplication httpApplication, HttpContext httpContext, SPFederationAuthenticationModule fam)
at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.AuthenticateRequest(Object sender, EventArgs e) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly)). Execution Time=62.2890618779761 f5bd8793-a53c-2127-8485-418c67f110f6
Regards
Sakti -
HTTP/SPNEGO for "SSO" on MS Windows
HTTP/SPNEGO for "SSO" on MS Windows
Hi all of you !
The scene is simple : I got a software (All in plain java ) and some simple web access to this system. ( it's not a real web server wich will be in need for Apache or some big container it's just a few access to some informations of the software )
The client company is all MS Windows, and it's used to some SSO approach,
they got a AD server on Win2003, all laptops are under winXP Pro and got IE at least version 6
Now The question is this ;
I got
-a guy (properly authentified) who is
- using IE (properly setted)
- on a computer (properly attached to AD)
to access a ressource URL of my app
It's quite simple to send him a http 401 or 407 so IE go back to the AD server and get its token
BUT how can I manage in java to extract the account used by the client
from the SPENEGO token ? this is all I need
I cant find any help on this, So please if someone can help me in this...
I'm lost ... Thanks in adavnce for a simple hint or a url linking me on the good pathI forget :
Ok for the configuration, thanks to some of your posts (thanks all)
I know all the importants steps to be followed
For exemple I quote danielshrem last post on the thread http://forum.java.sun.com/thread.jspa?forumID=545&threadID=760214
<quote>
Hey Seema,
Indeed my server's principal was not the correct one, now everything is cool with rc4 encryption.
for all u dudes out there in need of Java HTTP kerberos auth here's a few simple configuration procedures:
1. on the Domain Controller add an HTTP SPN to the account running the web service (use setspn.exe). the SPN has to be in format HTTP/host@Realm or HTTP/host (this SPN worked for me). if u dont know exactly which SPN u need u can sniff an HTTP session on ethereal look for Kerberos AP Req-->ticket-->Server Name. from what i gather this is the principal the clients use.
2. on the DC add a mapping to the newly created SPN (use ktpass.exe)
3. on the host running the service create a keytab file containing the newly created HTTP principal (use java's ktab.exe)
4. make sure the SPN is set up OK by running kinit and pass the newly created keytab file and the newly created SPN.
once u recieve an ok result you are good to go (login and authenticate users)
hope this helps
Daniel.
</quote>
My problem (I know it must sounds stupid) : how do I extract the login account from this ? -
Ctxload error DRG-11530: token exceeds maximum length
I downloaded the 11g examples (formerly the companion cd) with the supplied knowledge base (thesauri), unzipped it, installed it, and confirmed that the droldUS.dat file is there. Then I tried to use ctxload to create a default thesaurus, using that file, as per the online documentation. It creates the default thesaurus, but does not load the data, due to the error "DRG-11530: token exceeds maximum length". Apparently one of the terms is too long. But what can I use to edit the file? I tried notepad, but it was too big. I tried wordpad, but it was unreadable. I was able to create a default thesaurus using the much smaller sample thesaurus dr0thsus.txt, so I confirmed that there is nothing wrong with the syntax or privileges. Please see the copy of the run below. Is there a way to edit the droldUS.dat file or a workaround or am I not loading it correctly? Does the .dat file need to be loaded differently than the .txt file?
CTXSYS@orcl_11g> select banner from v$version
2 /
BANNER
Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production
PL/SQL Release 11.1.0.6.0 - Production
CORE 11.1.0.6.0 Production
TNS for 32-bit Windows: Version 11.1.0.6.0 - Production
NLSRTL Version 11.1.0.6.0 - Production
CTXSYS@orcl_11g> select count(*) from ctx_thesauri where ths_name = 'DEFAULT'
2 /
COUNT(*)
0
CTXSYS@orcl_11g> select count(*) from ctx_thes_phrases where thp_thesaurus = 'DE
FAULT'
2 /
COUNT(*)
0
CTXSYS@orcl_11g> host ctxload -thes -user ctxsys/ctxsys@orcl -name default -file
C:\app\Barbara\product\11.1.0\db_1\ctx\data\enlx\droldUS.dat
Connecting...
Creating thesaurus default...
Thesaurus default created...
Processing...
DRG-11530: token exceeds maximum length
Disconnected
CTXSYS@orcl_11g> connect ctxsys/ctxsys@orcl
Connected.
CTXSYS@orcl_11g>
CTXSYS@orcl_11g> select count(*) from ctx_thesauri where ths_name = 'DEFAULT'
2 /
COUNT(*)
1
CTXSYS@orcl_11g> select count(*) from ctx_thes_phrases where thp_thesaurus = 'DE
FAULT'
2 /
COUNT(*)
0
CTXSYS@orcl_11g> exec ctx_thes.drop_thesaurus ('default')
PL/SQL procedure successfully completed.
CTXSYS@orcl_11g> host ctxload -thes -user ctxsys/ctxsys@orcl -name default -file
C:\app\Barbara\product\11.1.0\db_1\ctx\sample\thes\dr0thsus.txt
Connecting...
Creating thesaurus default...
Thesaurus default created...
Processing...
1000 lines processed
2000 lines processed
3000 lines processed
4000 lines processed
5000 lines processed
6000 lines processed
7000 lines processed
8000 lines processed
9000 lines processed
10000 lines processed
11000 lines processed
12000 lines processed
13000 lines processed
14000 lines processed
15000 lines processed
16000 lines processed
17000 lines processed
18000 lines processed
19000 lines processed
20000 lines processed
21000 lines processed
21760 lines processed successfully
Beginning insert...21760 lines inserted successfully
Disconnected
CTXSYS@orcl_11g> select count(*) from ctx_thesauri where ths_name = 'DEFAULT'
2 /
COUNT(*)
1
CTXSYS@orcl_11g> select count(*) from ctx_thes_phrases where thp_thesaurus = 'DE
FAULT'
2 /
COUNT(*)
9582
CTXSYS@orcl_11g>Hi Roger,
Thanks for the response. You are correct. I was confusing the terms thesaurus and knowledge base, which sometimes seem to be used interchangeably or synonymously, but are actually two different things. I read over the various sections of the documentation regarding the supplied knowledge base and supplied thesaurus more carefully and believe I understand now. Apparently, the dr0thsus.txt file that I did ultimately load using ctxload to create a default thesaurus is the supplied thesaurus that is intended to be used to create the default English thesaurus, which supports ctx_thes syn and such. The other droldUS.dat file that I mistakenly tried to load using ctxload is the supplied compiled knowledge base that supports ctx_doc themes and gist and such. In the past I have used ctx_thes.create_thesaurus to create a thesaurus, but using ctxload can also load a thesaurus from a text file with the data in a specified format. Once a thesaurus is loaded using ctxload, it can then be compiled using ctxkbtc to add it to the existing compiled knowledge base. So, the knowledge base is sort of a compilation of thesauri, which is what led to my confusion in terminology. I think I have it all straight in my mind now and hopefully this will help anybody else who searches for the same problem and finds this.
Thanks,
Barbara -
Errors for PACKAGE BODY WWV_FLOW_CUSTOM_AUTH_SSO
Hi All,
Running the below package so I can configure SSO...running into the below error.
Any help is appreciated
SQL> @custom_auth_sso_902.plb;
...wwv_flow_custom_auth_sso
Warning: Package Body created with compilation errors.
Errors for PACKAGE BODY WWV_FLOW_CUSTOM_AUTH_SSO:
LINE/COL ERROR
0/0 PL/SQL: Compilation unit analysis terminated
1/14 PLS-00304: cannot compile body of 'WWV_FLOW_CUSTOM_AUTH_SSO'
without its specificationYou need to ask Apex related questions in the Apex forum.
Include the 4 digit Oracle and Apex versions you are using when you post your problem.
I assume that you have read how to implement SSO for Apex applications to be partner applications for Oracle App Server single sign-on authentication? If not, I suggest that you search http://tahiti.oracle.com for the relevant instructions. (cannot recall the exact manual reference - I did this 3 or 4 years ago myself) -
Essbase SSO Token with OBIEE 11g
Has anyone had success is setting up SSO token security in OBIEE 11g for Essbase. I have followed the steps in the documents of 11.1.1.x and still am not getting users to authenticate against the cube I am using. When I log in as one of those users, and view the report I get a invalid user.
Hi J.A.M.
If you got this working, please can you share the steps?
Thanks! -
Identity 6.0 issues passing SSO token from JSP to web service
Hi,
Environment: Solaris 8, SunOne IS 6.0, SP1, Sun One WebServer
We're using a JSP (based on the samples) to pass an SSO token to a java based web-service (everthing is running locally on one server):
The token string resulting from calling mgr.createSSOToken is different from the value examined in the browser/JSP initial cookie and is practically useless when passed to the web-services for use as an SSO token (doesn't work and IS doesn't recognize it as a valid session/token).
Here's the code:
>>>>>>>
SSOTokenManager mgr = SSOTokenManager.getInstance();
SSOToken token;
if (request.getParameter("token") == null)
token = mgr.createSSOToken(request);
else
token = mgr.createSSOToken(request.getParameter("token"));
mgr.validateToken(token);
>>>>>>>>
What are we doing wrong?not resolved closed
Maybe you are looking for
-
How to best take sections from one document to merge with another Indesign document
I am looking for most efficient way to take a section from one document to merge with a section from another document? We have a book that needs updating, taking a section from one document to merge into another. We have typically copied and paste
-
How to get the actual height of JEditorPane?
I have a basic question on the JEditorPane. Do I have to show the JEditorPane on a temporary Frame in order to get the actual height? My work around is to show the JEditorPane on a frame, get the JEditorPane height, then dispose the frame. It would b
-
Address translation for intranet access
Hi, We are using iviews created using in SAP Web Dynpto iView template in SAP Enterprise Portal 7.0. Resently, we have migarated server from 32 bit machine to 64 bit machine. After migration We are facing some problem with web dynpro applications. We
-
I need help with finding right stylus pen for lenovo yoga 2 pro!
I did read other person's post, but I did not find my answer. I am currently using my fingers to write my notes and it drives me nuts! I do have a stylus pen that have huge round fabric tip. It does not write well. I want a stylus pen with pointy end
-
Where can I find the tab to decrease the burning speed to 2x. I can't use 8x or higher. Thanks