on 04-25-2013 8:23 AM
Hi Experts ,
While trying to import transport request into the Qulaity system am getting the below error::
ror when executing Web service CTSDEPLOY, exception is cx_ai_system_fault
SoapFaultCode:5 Authentication failed. For details see log entry logID=C0000A8F016805100000000100002A48 in security log
I have seen the SAP Note 1139406 - CTS+: cx_ai_system_fault when importing requests,but nothing worked in that.
I reset the password of J2EE_ADMIN in all the systems and updated in transport tool tab
Further checked SAP Note 880896 - Web Service authentication failure and this note says to send the log files to SAP Support
Below are the error logs in security .log file and let me know why this Soap error is coming when trying to import tranports
#2.#2013 04 25 07:48:01:705#+0100#Info#/System/Security/Authentication#
#BC-JAS-
SEC#security#C0000A8F01680A3D0000000000002A48#7626150000000004#sap.com/com.sap.lcr#com.sap.engine.services.security.authentication.logincontext.table#J2EE_A
DMIN1#1799##38539EA9AC1A11E2CE93000000387C5A#38539ea9ac1a11e2ce93000000387c5a#6CE21E5CAD7511E2CA2A000000387C5A#1#Thread[HTTP Worker
[@2006994489],5,Dedicated_Application_Thread]#Plain##
LOGIN.OK
User: J2EE_ADMIN1
IP Address: 10.1xxxxx
Authentication Stack: sap.com/com.sap.lcr*sld
Authentication Stack Properties:
template = ticket
policy_domain = /sld
password_change_error_page = /ChangePasswordSLD
auth_method = basic
password_change_login_page = /ChangePasswordSLD
realm_name = SLD
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false false
2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule REQUISITE ok true true
3. com.sap.security.core.server.jaas.CreateTicketLoginModule OPTIONAL ok true true
Central Checks true
Logon policies are disabled#
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
#2.#2013 04 25 07:39:33:015#+0100#Info#/System/Security/Authentication#
#BC-JAS-
SEC#security#C0000A8F01680A380000000000002A48#7626150000000005#sap.com/tc~cts~appl#com.sap.engine.services.security.authentication.logincontext.table#J2EE_G
UEST#0##00237D2404381ED0B7F5CB85B430457D#5178B0ABB84E37EBE10000000A8F0168#0A8F016837EB5178CFA4000300000000#1#Thread[HTTP Worker
[@871831647],5,Dedicated_Application_Thread]#Plain##
LOGIN.FAILED
User: N/A
Authentication Stack: BASIC*SSO2*_*_*ws
Authentication Stack Properties:
auth_method = BASIC
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule SUFFICIENT ok exception true Received no SAP Authentication Assertion Ticket.
2. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false true
3. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule SUFFICIENT ok exception true Authentication did not succeed.
No logon policy was applied#
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
#2.#2013 04 25 07:39:33:016#+0100#Warning#/System/Security/WS#
com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-
RT#tc~sec~wssec~service#C0000A8F01680A380000000100002A48#7626150000000005#sap.com/tc~cts~appl#com.sap.engine.services.wssec.authentication#J2EE_GUEST#0
##00237D2404381ED0B7F5CB85B430457D#5178B0ABB84E37EBE10000000A8F0168#0A8F016837EB5178CFA4000300000000#1#Thread[HTTP Worker
[@871831647],5,Dedicated_Application_Thread]#Plain##
Read data of type username and value J2EE_ADMIN from HTTP header and set on module javax.security.auth.callback.NameCallback
Read data of type password and value xxx from HTTP header and set on module javax.security.auth.callback.PasswordCallback
Authentication for web service DeployProxy, configuration default using security policy BASIC*SSO2*_*_*ws failed: Cannot authenticate the user.. (See SAP Note 880896 for
further info).
#
#2.#2013 04 25 07:39:33:126#+0100#Info#/System/Security/Authentication#
#BC-JAS-
SEC#security#C0000A8F01680A390000000000002A48#7626150000000005#sap.com/tc~cts~appl#com.sap.engine.services.security.authentication.logincontext.table#J2EE_G
UEST#0##00237D2404381ED0B7F5CB85B430457D#5178B0ABB84E37EBE10000000A8F0168#0A8F016837EB5178CFA4000300000000#2#Thread[HTTP Worker
[@2006994489],5,Dedicated_Application_Thread]#Plain##
LOGIN.FAILED
User: N/A
Authentication Stack: BASIC*SSO2*_*_*ws
Authentication Stack Properties:
auth_method = BASIC
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule SUFFICIENT ok exception true Received no SAP Authentication Assertion Ticket.
2. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false true
3. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule SUFFICIENT ok exception true Authentication did not succeed.
No logon policy was applied#
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
Regards
Ram
Hello Ram,
Please check the error below.Seems to be an issue with the communication used.
Authentication for web service DeployProxy, configuration default using security policy BASIC*SSO2*_*_*ws failed: Cannot authenticate the user.. (See SAP Note 880896 for further info).
Thanks,
Ranjith
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ranjith,
Checked that SAP note 880896 too
It is giving direction to check the severity of logs in /System/Security/WS/Authentication to info.
But there is no folder or directory of WS and Authentication under default trace locations
Let me know if i have missed out something in CTS + configuration
I have followed the below link for CTS + configuration step by step
http://scn.sap.com/docs/DOC-30177
I have taken the PI quality system as Transport domain controller too
Let me know your inputs on this!!!
Regards
Ram
Hello Ram,
Check below link. seems same issue is resolved
http://scn.sap.com/thread/2084754
Thanks,
Ranjith
Hey Ranjith,
Thankd for your valuable input !!!
I have seen that link given by you.It looks like am also in the same issue.
While checking in the ABAP stack with transaction SRT_UTIL->error_log , am not getting any error logs an while using the SOAMANAGER transaction to review the traces , i could see that particular service is not activated
http://bblXXXXXXXXXXXXXX:50000/sap/bc/webdynpro/sap/appl_soap_management?sap-language=EN
Let me know how to activate this service in ICF ,i could see the sub-elements under /sap/bc/webdynpro ????.
Further am using basic authentication method for logging into the JAVA stack with admin user and passwords.I coould see the trs in release and modifiable states
Moreover , shall i try importing the transport at OS level ?? to avoid this SOAP error and Web service CTSDEPLOY, exception is cx_ai_system_fault !!!!!
Regards
Ram
Hello Ram,
Activate services under /sap/bc/webdynpro//sap/appl_soap_management
check if the transport works after activating the services and also maintain the host files with the details of java and abap systems respectively. finally try out os transport
Thanks,
Ranjith
Hello Ram,
Did you try the below option as given in link in my earlier message.
For reasons the user used for the HTTP Destination was only created on client 000 and not client 001.
The transports delivery route points to client 001 so creating the user in client 001 with the correct permissions did solve the error.
Thanks,
Ranjith
Dude!!!!
I have successfully moved the tr now.
I used the user NWDI_CTSADM user and then removed the lock of J2EE_ADMIN user in all the PI systems
I did little R& D by trying to import the tr using my id , ddic, sap* and it worked only with NWDI_CTSADM
The reason why it works is that only the user NWDI_CTSADM is used for deployment purpose as per the below link with point number 8
http://scn.sap.com/docs/DOC-30177
From the log what i understood is if you try with any user it fails due to authorization issue during deployment phase or roles or permissions ...so gave this user NWDI_CTSADM and tr was successfully imported !!!
Good learning to you and me!!!
Regards
Bharatram Ramakrishnan
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.