Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SPNEGO Login module Stack issue: Could not validate SPNEGO token

Former Member

‎01-30-2012 5:45 PM

0 Kudos

Hello to all,

We are deploying a SAP Netweavear 7.3 Enterprise Portal with SPNego login module activated.

We are performing some tests (performances and concurrent accesses).

During the tests we have found several times the folloiwing Issue linked to the spnego.

Could not validate SPNEGO token.

[EXCEPTION]

java.lang.NumberFormatException: multiple points

at sun.misc.FloatingDecimal.readJavaFormatString(FloatingDecimal.java:1082)

at java.lang.Double.parseDouble(Double.java:510)

at java.text.DigitList.getDouble(DigitList.java:151)

at java.text.DecimalFormat.parse(DecimalFormat.java:1303)

at java.text.SimpleDateFormat.subParse(SimpleDateFormat.java:1934)

at java.text.SimpleDateFormat.parse(SimpleDateFormat.java:1312)

at java.text.DateFormat.parse(DateFormat.java:335)

at com.sap.security.core.server.jaas.spnego.util.Utils.generalizedTimeStringToData(Utils.java:167)

at com.sap.security.core.server.jaas.spnego.krb5.KrbTicketEncryptedData.parseDecryptedData(KrbTicketEncryptedData.java:67)

at com.sap.security.core.server.jaas.spnego.krb5.KrbEncryptedData.decrypt(KrbEncryptedData.java:94)

at com.sap.security.core.server.jaas.spnego.krb5.KrbApReq.decrypt(KrbApReq.java:68)

at com.sap.security.core.server.jaas.SPNegoLoginModule.parseAndValidateSPNEGOToken(SPNegoLoginModule.java:315)

at com.sap.security.core.server.jaas.SPNegoLoginModule.processAuthorizationHeader(SPNegoLoginModule.java:474)

at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:160)

at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:254)

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:65)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:254)

at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:352)

at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.loginWithRequestCredentials(AuthenticationService.java:337)

at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:321)

at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:60)

at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:163)

at com.sap.portal.prt.dispatcher.DispatcherServlet.service(DispatcherServlet.java:132)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)

at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:152)

at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doCached(RequestDispatcherImpl.java:655)

at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:488)

at com.sap.portal.navigation.Gateway.service(Gateway.java:147)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)

at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:202)

at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:103)

at com.sap.portal.http.EnrichNavRequestFilter.doFilter(EnrichNavRequestFilter.java:49)

at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:79)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:432)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:210)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:441)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:430)

at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:38)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:81)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:276)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:81)

at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)

at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)

at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)

at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.SessionSizeFilter.process(SessionSizeFilter.java:26)

at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:57)

at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:43)

at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)

at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)

at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:475)

at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:269)

at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56)

at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)

at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)

at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328)

The user rlinked to this user is Guest.

could you please advice us how to solve this reccuring issue?

Kind regards

Julien LEFEVRE

3 REPLIES 3

cathal_ohare
Employee
Employee

‎01-30-2012 7:23 PM

0 Kudos

Hi,

The error seems related to decrypting the kerberos token, Are you using the new spnego module (i'm not sure it 7.3 uses it yet). Was the keytab file created with a 1.6 jdk?

Kind regards,

Cathal

Former Member
In response to cathal_ohare

‎01-30-2012 7:34 PM

0 Kudos

Hello Cathal,

Thank you for your answer.

In fact the new spnego wizard of the SAP Enterprise Portal 7.3 is used to get the the two keys files. The SAP Jvm is used in fact with the 1.6.1.

And in fact , it functions perfectly sometimes. but during the test of massive access ( More than 30 conurent users), I have this error that comes frequently.

Best regards

Julien LEFEVRE

former_member18193
Explorer
In response to cathal_ohare

‎01-31-2012 6:17 PM

0 Kudos

Hi Julien,

Are your endusers able to logon even with this error?

I would suggest you to run the webdiagtool report while reproducing this issue.

The webdiagtool can be found in the SAP note: [1045019|https://service.sap.com/sap/support/notes/1045019].

Checking the webdiagtool report, you will probably find more details about this error.

Kind regards,

Lisandro Magnus