on 08-09-2011 7:34 PM
Hello Experts,
I am experiencing login authentication issues that I was not experiencing previously.
Old Version:
GRC-SAC-SAE 5.3_12.1
New Version
GRC-SAC-SAE 5.3_16.2
I am having wierd login issues. When I login to the UME and switch to CUP and choose user login I am not prompted to login (saved session I assume). If I hit logoff and choose "SAP Request" link and try and login I get " Invalid user credentials".
My authentication settings are saved as SAP UME. We are populating the UME with LDAP records. When I login to the UME (which I am able to login to) with my LDAP user id and password I have no problems. Not sure why I am now having troubles with CUP.
Here is a log:
2011-08-09 14:10:26,276 [SAPEngine_Application_Thread[impl:3]_22] ERROR Failed to log in <userid>
com.virsa.ae.service.umi.AuthenticationFailureException: No LoginModules configured for header
at com.virsa.ae.service.umi.ume.UMEAuthenticator.authenticate(UMEAuthenticator.java:122)
at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:1200)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:93)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: javax.security.auth.login.LoginException: No LoginModules configured for header
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.logon(SAPJ2EEAuthenticator.java:1028)
at com.virsa.ae.service.umi.ume.UMEAuthenticator.authenticate(UMEAuthenticator.java:104)
... 19 more
Thank you in advance for any help you may be able to provide. This is in my development system. I am trying to validate changes. So far it's been rough.
SAP has released a patch for SAP JVM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I was informed by my Basis team that SAP has issued a release of SAP JVM that fixes this issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello
The Problem with the "invalid user credentials" is resolved with the SAP JVM 4.1.017 patch, you can find the patch in the SAP Service Marketplace.
Note 1677139
Disabled the flag "UseNewHashFunction" per default. Some SAP and 3rd party coding relies on the iteration order of hash maps. Therefore, it is not possible to use a different hash function than other JVMs (Oracle, IBM, HP) causing a change in the iteration order for already delivered software. This change list reverts the hash function of the hash map class to the old default.
Regards
Bruno
Edited by: Bruno Krauer on Feb 3, 2012 3:26 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi ,
We too have similar problem. I have updated SAP JVM4 on my Netweaver 2004 system which contain GRC 5.3 component.
The system versions are
OS version : AIX 5.3 patch level 5300-12-05-1140
oracle version : ORACLE Release 11.2.0.2.0
Existing VM : IBM J9 VM version 2.3
Now Switched to SAP JVM4 . Because of this user were not able to access the portal . It is prompting for the username and password .
the following errorlog can you find in the systemprotocoll of the AccessEnforcer:
2012-01-09 12:57:39,682 [SAPEngine_Application_Thread[impl:3]_2] ERROR Failed to log in 208845
com.virsa.ae.service.umi.AuthenticationFailureException: No LoginModules configured for header
at com.virsa.ae.service.umi.ume.UMEAuthenticator.authenticate(UMEAuthenticator.java:113)
at com.virsa.ae.actions.LoginAction.approverLoginHandler(LoginAction.java:663)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:73)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:280)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:449)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:160)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
we were able to login to virsa enforcer link . but when we try to acces login we are getting UME authentication error. And this error is coming only after upgrading to SAP JVM4 ..
can anybody help us in this issue please.
Thanks
krishna desam
IBM Basis .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
After we upgraded our GRC 5.3 to SP16.2 with SAP JVM 4.1 We had the same problem .We created a customer message for SAP to fix this issue. However when I configured our GRC system back to IBM J9 VM 1.4.2 (previous version), the problem disappeared. You shall try this. Refer SAP Note 1522198 - How to manually configure an AS Java to use SAP JVM 4.1 and undo suitably and goto the previous version of Java 1.4.2 it will work. However we need to put back SAP JVM 4.1 after we get a suitably reply for our customer message.
Thanks
Subra
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Subra,
we opened a SAP Call last week. We don't really want to switch back the JAVA VM. Hopefully they'll find a solution soon. For now, we still have a running prod.system with the "old" Java VM.
If you switch your authentication to one of the connected sap-systems you'll be able to login! Switching back to UME authentication will result in the same error as before.
Best Regards,
Christian1
Hello
We have the same problem, any news from SAP?
VIRACLP 530.700 SP16 (1000.530.700.16.1.20110912202715)
VIRAE 530.700 SP16 (1000.530.700.16.6.20111004165451)
VIRCC 530.700 SP16 (1000.530.700.16.4.20111103171057)
VIREPRTA 530.700 SP16 (1000.530.700.16.0.20110513221931)
VIRFF 530.700 SP16 (1000.530.700.16.0.20110513221933)
VIRRE 530.700 SP16 (1000.530.700.16.0.20110607222043)
Regards,
Bruno
At this time we still have not received a solution from SAP. They have been investigating this issue via a customer message.
We proceeded with our upgrade but let GRC at it's current level (12.2) until we have a fix. Currently our GRC and ABAP are out of sync but GRC is still running as expected.
Hi,
Did you check the CC Debugger. Are you able to view the users perfectly in CC Debugger?
If yes, go to CUP and ensure that the UME settings are correctly configured. You may try removing and adding them back.
I suspect that the issue is with the communication user that you are using with the JCo connector.
Best Regards,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Yes. It is a part of RAR. You can access it using the below URL:
http://<server>:<port>/webdynpro/dispatcher/sap.com/grc~ccappcomp/CCDebugger
Replace the Server and port information in the above URL with yours.
Even though it is not related to CUP, it allows you to quickly check if your GRC system is able to communicate with the backend system or not.
Once you are Debugger, select Users from the drop down, and hit Search query button.
Regards,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.