cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Exception while calling ADS Inappropriate WSIL Invalid Response Code: (401)

Former Member

on ‎11-26-2010 6:53 AM

0 Kudos

Hi Experts,

Our ADS configuration was done on XCE a long time back and even reader credentials were installed and everything is working fine.

Couple of days back, we enabled SSL configuration on the system. Even got the certificates signed by CA and HTTPS is also working without any problems.

Then, problems are happening when we configured WebService SSL connection for ADS following the steps from

http://help.sap.com/saphelp_nwce72/helpdata/en/90/71d273fa724cc9bb644ab00405e6f8/content.htm and also the SAP How to guide from: http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d02262d8-7814-2c10-5c97-d855d38e9....

Among other steps, I have created a View in Key Storage called "ADSCerts" and created an entry "ADSUser" as per the document, generated CSR request, imported CSR response and also the CA's root certificate.

I exported the ADSUser-cert certificate from here and imported into Identity Management for the User ADSUser under its Certificates tab.

Also updated SecureConfigPort_Document (in Destination Template Management under SOA Administration) security settings to X.509 Client Certificate and in Details, I have chosen the View ADSCerts and entry ADSUser.

Even after all the steps as per the document and the help.sap.com link provided above, when I try to test this through a test URL

(https://host:https-port/webdynpro/resources/company.com/test~wd/TestAdobeApp) that our developers have given me for this, I get a (401)

Unauthorized error:

500 Internal Server Error is returned for HTTP request

[https://host:https-port/webdynpro/resources/company.com/test~wd/TestAdobeApp]

com.sap.tc.adobe.pdfobject.base.core.PDFObjectRuntimeException:

Exception while calling ADS; Inappropriate WSIL; configure the

destination path

correctly./ncom.sap.esi.esp.service.server.query.discovery.ExtendedServiceException:

com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (401) Unauthorized. The requested

URL was:"Connect to https://host:https-port/inspection.wsil/";

I have checked the security log file and it shows:

LOGIN.FAILED

User: N/A

IP Address: 192.165.90.102

Authentication Stack: sap.com/tcesiesp~wsil*inspection.wsil

Also, ran Security Troubleshooting Wizard from NWA and reproduced the problem while collecting these traces. There were some entries like:

Login failed!

[EXCEPTION]

java.security.PrivilegedActionException:

com.sap.engine.services.security.exceptions.BaseLoginException: Cannot

authenticate the user.

.

.

Caused by: com.sap.security.core.server.jaas.DetailedLoginException:

Received no SAP Authentication Assertion Ticket.

Received no SAPLogonTicket. Authentication stack:

[sap.com/tcesiesp~wsil*inspection.wsil].

Any idea how I can solve this? Anybody got this error?

Thanks,

Shitij

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎12-22-2010 10:54 AM
0 Kudos

Opened an OSS message with SAP and they told me that the certificates being generated from NWA are in a different format from what is accepted in user store.

So, generated new certificates from OS level using sapgenpse and now it worked.

Show replies
Show replies
Ask a Question