SSO not authorized: Authentication failed.

Similar Messages

• Java System error: SSO not authorized: authorization Failed

  Hi,
  I am getting the following error while opening a  BEx report designer or WAD and iam unable to design any report or create a dashboard
  "Java System Error: Call to FM BICS_CONS_GET_VIEW_DEF_J_PROXY to ProdId ASEP_PORTAL_E01 on host ASEP wiht SSO not authorized . Authentication Failed"
  System Details:
  BI and EP are installed in Same server
  BI Config:
  softwarwe component   : SAP_BW
  Release :  700
  Patch Level: 0021
  Support Pack : SAPKW70021 (SAP NetWeaver BI 7.0)
  EP config:
  SAP NetWeaver BI 7.0 SP Level 15
  Please suggest .

  It seems that something wrong in integration between JAVA Stack (from where you accessing BW report) a BW back end system. Try to run Support Desk Tool:
  http://<your_server>:<port>/irj/servlet/prt/portal/prteventname/HtmlbEvent/prtroot/com.sap.ip.bi.supportdesk.default
  to see what is wrong in this area.

• SSO not authorized:no login module success

  Hi Friends,
  I am Geeting this error while opening the Report Designer any one help me???????
  "java system error call FM_BICS_CONS_GET_VIEW_DEF_J_PROXY to progid XXXXX on host
  APD with SSO not authorized:no login module success "
  Regards
  Vipul Kapadia

  solved by basis team

• MIC not verified # authentication-failed

  Hi,
  We are getting this error while trying to send messages from XI through AS2:
  MIC not verified # authentication-failed
  Can anybody please let us know the reason for this error.
  Thanks in advance.
  Best Regards,
  Shweta

  Hi Shabarish & Prateek,
  Thanks a lot for the information.
  I've also checked this information in Seeburger document and I agree this can be an issue with the Certificate.
  But these scenarios were working fine for a long time,the Certificates are valid till 2016.
  And the most important thing is,we get this error in 1 message out of 100-200,other messages are sent successfully.
  So,if this is an issue with certificate,how is it possible that it affects only 1-2 messages not all.
  I had never seen this error before and suddenly we have started getting such errors for a number of scenarios for last 15 days.
  I believe ,there can be a problem with Certificate for 1 customer but if it is more than one ,it is hard to believe that all of them have problems with Certificates and at the same time.
  I tried to search for notes related to this problem.
  Is it something related to MIME content,as mentioned in note 1287778?
  Kindly let me know.
  Thanks.
  Regards,
  Shweta

• I'm trying to buy the $99/yr iOS Developer Program in Canada, and trying to pay with a $100 Mastercard Gift Card, why is my payment not authorized and failing?

  Title says all..
  Program is $99 Canadian, and my card was just loaded with $100.
  Please let me know.

  The problem is you can't use a gift credit card.
  It has to be a card registered to you at your home address.

• Call FM RSRD_X_MAP_TO_PRTL_USERS_PROXY , SSO Authentication fail

  Dear all:
  We have finished EP &BW configuration and also check setting with Diagnosis tool. The lights are all green. But when we tried to publish query to EP, after chosing PCD folder the query would go , an JAVA error message shown up :
  Java system error: call FM RSRD_X_MAP_TO_PRTL_USERS_PROXY to ProgId <J2EE Program> on host <EP host name> with SSO not authorized: Authentication fail.
  We tried a lot of means, even issued OSS message... Still no good found
  HELP !!!
  BRs
  SZU

  Please check if the integration and sso configuration did correctly
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b0a5216a-349c-2a10-9baf-9d4797349f6a
  Hope it Helps
  Chetan
  @CP..

• User domain\SPFservice is not authorized to perform request using authentication type Negotiate

  Hi,
  I have installed WAP/SPF in the same domain via express installation.  The SPF domain service account is sysadmin on the SPF database.  The SPF domain service account is running as identity in IIS application pool.  I have registered SPF in
  WAP via SPFcomputeraccount\LocalSPFaccount.  The LocalSPFaccount is member of the 4 local groups created by the SPF setup.  The domain SPF service account is member of the VMM administrators.
  When a new tenant want to subscribe to a hosting plan I get an error "One or more errors occurred while contacting the underlying resource providers. The operation may be partially completed. Details: Failed to create subscription".
  When I look in the eventviewer of the SPF server in ManagementODataService, I can see "User domain\SPFservice is not authorized to perform request using authentication type Negotiate".
  SPF/VMM are both on the latest update rollup.  The VMM console is also updated on the SPF server. 
  I can successfully reproduce the troubleshooting steps from http://blogs.technet.com/b/privatecloud/archive/2013/11/08/troubleshooting-windows-azure-pack-spf-amp-vmm.aspx.

  Hi,
  During the install it is also asking you to specify groups during the installation (4 x) Is the user you specified als spf runas account also member of those group in the AD?
  So you have 4 groups created on the local box by the installation. But also 4 specified during the installation. Check if the account is member of those group(s) as well, reboot the spf and you should be up and running.
  Best regards, Mark Scholman. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Authentication Failed error message on browser while login to author instance

  Hi,
  I ran backup on author and publish instance after datastore garbage collector.
  It went fine on publish instance and created backup file succesfully.
  But at some point of time backup failed on author instance and we tried to login on author instance we got cq5 console on browser.
  After that we checked replication agent on author and wheni clicked to publish we got error page saying Class not found exception.
  after some time we just bounced the author instance we got startup completed message ver quickly and not started all the bundles(started only 121 bundles).
  Tried to login author instance on browser it was showing Authentication Failed message.
  Please helpout in resolving this issue.
  Thanks in Advance.
  Mahesh

  I did not really understand what the problem with the domain/hostname or so is you mentioned but lets set it aside and assume that it doesnt cause any further problems for now.
  About your questions:
  1) With which user do you try to login?
  "amadmin" is default name for the administrative user.
  Did you rename him or do you try to log in with another user?
  "amadmin" is probably the only user which "works" just after installing.
  When you go to portal/dt, are you logged in or are you on the anonymous desktop? If you did not make any changes you shold get either a login channel or a Userinfo channel.
  This way you should be able to see if you are logged in.
  Also important for you:
  Logfiles for access manager and portal are by default placed in the folder /var/opt/SUNWam/. There is a debug and logs folder.
  These loggings are most of the time more helpfull than the directory server logs.
  To get a finer logging edit the file /etc/opt/SUNWam/AMConfig.properties
  There is a line "...=error". Replace error with message and restart the webserver/appserver-domain.
  hth Chris

• ID3242: The security token could not be authenticated or authorized?

  Hi,
  we are getting an error when SSIS Package is writing the data into CRM 2013 Application using CRM 2013 SDK.
  Please find the error log as below.
  [Update Contact into CRM [792]] Error: System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException:
  ID3242: The security token could not be authenticated or authorized.
     --- End of inner exception stack trace ---
  Server stack trace: 
     at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
     at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
  Exception rethrown at [0]: 
     at Microsoft.SqlServer.Dts.Pipeline.ScriptComponentHost.HandleUserException(Exception e)
     at Microsoft.SqlServer.Dts.Pipeline.ScriptComponentHost.ProcessInput(Int32 inputID, PipelineBuffer buffer)
     at Microsoft.SqlServer.Dts.Pipeline.ManagedComponentHost.HostProcessInput(IDTSManagedComponentWrapper100 wrapper, Int32 inputID, IDTSBuffer100 pDTSBuffer, IntPtr bufferWirePacket)
  Can you please suggest us how to proceed on this isssue.
  Thanks &amp;amp; Regards, Anil

  Hi JBlaesk,
  Thanks for your reply and Sorry as i didn't mention that, The Package was running till 1 hour and after 1hour it was getting failed and giving the error "Security token couldn't be authenticated or authorized".
  and this package was scheduled in Sqlserver Agent and user is System.
  i have seen there is no logs in CRM 2013 application and ADFS server for this issue.
  Thanks &amp;amp; Regards, Anil

• Every movie purchase through iTunes fails to transfer to my iPhone or iPad and the message I get is this: some of the items in the itunes library, including were not copied to the ipad because you are not authorized for them on this computer... help?

  For a couple months now, every movie purchase through iTunes fails to transfer to my iPhone or iPad giving me the error: "some of the items in the iTunes library, including were not copied to the iPad because you are not authorized for them on this computer". I have read many forums about deleting, reinstalling, de-authorizing and authorizing my iMac through the iTunes store. Many suggestions don't work except to rename the movie to *.MP4 in Finder under the iTunes movie directory. I imagine this is a setting or a bug somewhere... any suggestions on how to bypass having to rename the files in Finder? My research into Google suggests this problem dates back to 2007 or so but it is now more prevalent than ever.
  Thanks.

  Try:
  iTunes repeatedly prompts to authorize computer to play iTunes Store purchases

• OBIA 7.9.5 EBS Integration Not Logged On nQSError 43001 Authentication Fail

  Hi,
  I'm attempting to get Oracle Business Intelligence Applications 7.9.5 / OBIEE 10.1.3.3.2 integrated into the eBusiness Suite 11.5.10.2 per Metalink Note 552735.1. At the moment not an action link, just menu option to SA Administrator.
  I've run into and worked around a number of problems with the Initialization block variables setup in OracleBIAnalyticsApps.rpd and now no longer get errors in the NQServer.log after disabling Initialization Blocks for Siebel/Peoplesoft and disabling 2 EBS specific Init blocks that were erroring; 'Inventory Organizations' and 'Ledgers' I'll fix those later.
  However, now I get an error in the sawlog0.log file as follows:
  File: project/webodbcaccess/odbcconnectionimpl.cpp Line: 371
  Properties: ConnId-6,6;ThreadID-1145072560
  Location:
  saw.odbc.connection.open
  saw.connectionPool.getConnection
  saw.threadPool
  saw.threads
  Odbc driver returned an error (SQLDriverConnectW).
  State: 08004. Code: 10018. NQODBC [SQL_STATE: 08004|http://forums.oracle.com/forums/] [nQSError: 10018|http://forums.oracle.com/forums/] Access for the requested connection is refused.
  [nQSError: 43001|http://forums.oracle.com/forums/] Authentication failed for in repository Star: invalid user/password. (08004)
  Type: Error
  Severity: 42
  Time: Wed Dec 3 07:13:16 2008
  File: project/webconnect/connection.cpp Line: 276
  Properties: ThreadID-1145072560
  Location:
  saw.connectionPool.getConnection
  saw.threadPool
  saw.threads
  Authentication Failure.
  Odbc driver returned an error (SQLDriverConnectW).
  Can anyone point me in the right direction here?
  Thanks,
  Gareth

  The strange thing is both Gareth and I have configured OBIA/OBIEE on a Linux server and local authentication works fine. Once we enable external EBS authentication, we get the error listed above.
  Does anyone who has done the OBIA EBS integration with OBIEE running on Linux have an example of the odbc.ini file. It appears that even though we have reconfigured OracleBIAnalyticsApps.rpd to use OCI everywhere, that there is still some hard coded ODBC references for external authentication.
  We are configuring instanceconfig.xml as directed:
  Integrating Oracle Business Intelligence Applications with Oracle E-Business Suite
  https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=552735.1
  Configuring InstanceConfig.xml for External Authentication
  1. Modify the instanceconfig.xml file for the Oracle BI Presentation Services as shown below:
  <?xml version="1.0"?>
  <WebConfig>
  <ServerInstance>
  <CatalogPath>c:\temp\default</CatalogPath>
  <DSN>AnalyticsWeb</DSN>
  <Auth>
  <ExternalLogon enabled="true">
  <ParamList>
  <Param name="NQ_SESSION.ICX_SESSION_COOKIE"
  source="cookie"
  nameInSource="EBSAppsDatabaseSID"/>
  <Param name="NQ_SESSION.ACF"
  source="url"
  nameInSource="ACF"/>
  </ParamList>
  </ExternalLogon>
  </Auth>
  <!-- Other settings here. -->
  </ServerInstance>
  </WebConfig>
  2. The nameInSource for the cookie should be the same as the Oracle E-Business Suite application database SID name. To verify the name of the cookie, using Firefox, check the name of the cookie created under the us.oracle.com domain (or the domain where your Oracle E-Business Suite Application server is running). Please note that the cookie name is case sensitive.

• TS4002 Can you tell me if the smtp settings have changed recently?  I use me/ICloud mail with Outlook and can not receive emails but outgoing emails are no longer working.  Error message is: Authentication failed because Outlook doesn't support any of the

  I am able to receive messages on my IMac using Outlook but am unable to send.  I've had no trouble in the past but began receiving the following messages today.
  5.7.8 Bad username or password (Authentication failed).
  Authentication failed because Outlook doesn't support any of the available authentication methods.
  I am able to send messages using this account on my IPhone and IPad so the IMac is the only place I am having issues.  Any advice?

  Here are the correct settings. They have never changed since iCloud debuted a year ago.
  Server information
  IMAP (Incoming Mail Server) information:
  Server name: imap.mail.me.com
  SSL Required: Yes
  Port: 993
  Username: [email protected] (use your @me.com address from your iCloud account)
  Password: Your iCloud password
  SMTP (outgoing mail server) information:
  Server name: smtp.mail.me.com
  SSL Required: Yes
  Port: 587
  SMTP Authentication Required: Yes
  Username: [email protected] (use your @me.com address from your iCloud account)
  Password: Your iCloud password
  Note: If you receive errors using SSL, try using TLS instead. SSL is required for both IMAP and SMTP connection with iCloud. POP is not supported by iCloud. 

• Design Studio BW SSO User not authorized

  Hi all,
  I have problem with BW SSO integration on Design Studio. We developed dashboards on top of BW. We have users and they are only authorized to see the data for their own companies and plants. To achieve that, we created OLAP connections with SSO enabled and we have BO/BW integration. The queries work fine in Analysis OLAP.
  However, we are having problems with Design Studio. Here is the problem.
  1. Create a dashboard lets say with a combo box and a chart.
  2. Populate the combo box with the script below:
  DROPDOWN_1.setItems(DS_1.getMemberList("0COMP_CODE", MemberPresentation.INTERNAL_KEY, MemberDisplay.TEXT, 20, "ALL"));
  3. In combo box, wirte the code below to filter values on chart:
  DS_1.setFilter("0PLANT__0COMP_CODE", DROPDOWN_1.getSelectedValue());
  4. Save it on the platform.
  5. Open the dashboard on the platform with SAP user
  6. By default, in combo box, "ALL" value will be selected. If the user has only authorized to see only 1 or 2 companies, then the chart give "User is not authorized" error message.
  7. Select a company from combo box, the chart shows values of the selected company.
  8. If the user wants to see the total of the companies authorized to see, then the chart doesn't show but the error message.
  Another issue is that each company has plants. If the user wants to seel the data for all plants then he receives the "not authorized" error.
  The user should be able the select "ALL" and be able to see the total of companies or plants authorized to see.
  If "ALL" is selected for a company:
  If a single company selected and ALL plants are selected:
  If a single company and a single plant is selected:
  BTW, the authorization works fine in BW and with Analysis OLAP tools. The user can see the total of the companies authorized to see.
  Thanks for your help in advance.

  Hi Zahid - this application has more than one query, correct?
  can you try if the authorization issue is occuring also when you have one query only per applications?
  Reason I ask is, when using design studio, all queries are executed with merged variables and then I belive the authorisation context is different. I assume you have some special customer exit in the system for the authorisation check - and in case of design studio this can get into a point where the constellation is not authorized.
  In such cases you would need to run authorisation trace (I would need to search the transaction).
  Regards, Karol

• Exception Pull packages failed - user is not authorized to access ICE path

  Hi experts,
  I'm facing with the follow exception when I index content from the server repostory:
  #1.5 #CA29D00050030076000000000010306C00049216F4C97794#1286527200622#com.sapportals.wcm.service.ice.wcm.subscriber.ICESubscriber#sap.com/irj#com.sapportals.wcm.service.ice.wcm.subscriber.ICESubscriber#global_user#0##n/a##a35fe704d2b711df90a000002edfd0ee#Thread[ThreadPool.Worker4,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Error##Plain###Pull packages failed - java.io.IOException: User 'xyz' is not authorized to access http://myserver:57800/irj/servlet/prt/portal/prtroot/com.sap.km.cm.ice
       at com.sapportals.wcm.service.ice.wcm.ICEHttpConnection.checkStatus(ICEHttpConnection.java:290)
       at com.sapportals.wcm.service.ice.wcm.ICEHttpConnection.getOutput(ICEHttpConnection.java:165)
       at com.sapportals.wcm.service.ice.wcm.subscriber.ICESubscriber.pullPackage(ICESubscriber.java:149)
       at com.sapportals.wcm.service.ice.wcm.subscriber.ICESubscriber.run(ICESubscriber.java:101)
       at com.sapportals.wcm.service.scheduler.SchedulerEntry.run(SchedulerEntry.java:174)
       at com.sapportals.wcm.service.scheduler.crt.PoolWorker.run(PoolWorker.java:108)
       at java.lang.Thread.run(Thread.java:770)
  Can you help me handling with this exception please?
  With best regards
  João Macedo

  Any help?
  Thank you
  Best regards
  João Macedo

• Not Authorized HTTP Error 401. The requested resource requires user authentication.

  Hi All,
  I have MDS web application on one server and MDS DB on another, both in same domain .
  MDS web application is created as new website on same IIS with SharePoint and have their own port assign
  In IIS Windows Authentication is added and enabled.
  Users do have function permission and module enabled.
  MDS is accessible only on server where web application is.
  When it is accessed from any computer within domain error is
  Not Authorized
  HTTP Error 401. The requested resource requires user authentication.
  Can anyone offer any suggestions?
  Thanks
  Zorko

  Hi Zorko,
  The issue may happen in case:
  1. The Master Data Service(MDS) web application is running under a domain user account
  2. You didn't register a Service Principal Name(SPN) for the account
  3. You are using fully qualified domain name(FQDN) or host name to access the MDS
  4. You are able to access the MDS by IP address(http://<ip address>)
  If I am right, it is because of the browser choose to use Kerberos authentication to connect to the MDS.
  So then, to fix the issue, please:
  Register SPN for the application pool account. Enable the delegation.
  Or, please force the web site to use NTLM authentication only.
  For more information, please see:
  How to use SPNs when you configure Web applications that are hosted on Internet Information Services:
  http://support.microsoft.com/kb/929650
  Forcing NTLM Authentication (IIS 6.0):
  http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx?mfr=true
  Thanks,
  Jinchun Chen
  Jinchun Chen(JC)
  TechNet Community Support