cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ADS with SOAP error

Go to solution
former_member280828
Participant

on ‎11-19-2013 7:25 AM

0 Kudos

Dear All,

We are facing an issue related to ADS after the upgrade of our Portal(NW7.0 to NW7.3) & ECC(ECC6.0 to ECC EHP6). Before the upgrade the ADS & ADS_HTTPS connection was working fine and we were able to download digital signature pdf successfully. After the upgrade we setup ADS with SSL using SOAP certificates but when we were trying to do a connection test using program - FP_CHECK_DESTINATION_SERVICE we are getting below error also when we try to download the digital signature pdf from tcode PC00_M40_F16 it says "0 Bytes Transferred".

When we are trying to test this report it is using the "Guest" user id don't know why. The same error we got in QAS system but there the Guest user id was locked so we just unlocked the user id and the connection and downloading of PDF files done well. But in DEV system the "Guest" user is already unlocked.

Error from report - FP_CHECK_DESTINATION_SERVICE -

SYSTEM ERROR: SOAP Framework error: SOAP Runtime Exception: CSoapExceptionFault : SOAP fault found in SOAP document  /Authentication failed. For details see log entry logID=C000AC117C94015100000000000047AC in security log./<yq1:com.sap.engine.interfaces.webservices.runtime.ProtocolExceptionExt xmlns:yq1="http://sap-j2ee-engine/error">Authentication failed. For details see log entry logID=C000AC117C94015100000000000047AC in security  log.</yq1:com.sap.engine.interfaces.webservices.runtime.ProtocolExceptionExt>(100.102).

Exception of class CX_FP_RUNTIME_INTERNAL

Error from default trace file -

#2.#2013 11 19 12:42:45:583#+0530#Error#com.sap.engine.services.webservices.espbase.server.runtime.RuntimeProcessingEnvironment#

#BC-ESI-WS-JAV-RT#webservices_lib#C000AC117C94015A00000001000047AC#7326650000000005#com.adobe/AdobeDocumentServices#com.sap.engine.services.webservices.espbase.server.runtime.RuntimeProcessingEnvironment#Guest#0##EEDFD98F50E911E3A4DB0000006FCBBA#eedfd98f50e911e3a4db0000006fcbba#eedfd98f50e911e3a4db0000006fcbba#0#Thread[HTTP Worker [@1926359154],5,Dedicated_Application_Thread]#Plain##

process()

[EXCEPTION]

com.sap.engine.interfaces.webservices.runtime.ProtocolExceptionExt: Authentication failed. For details see log entry logID=C000AC117C94015A00000000000047AC in security log.

Caused by: com.sap.engine.services.wssec.policy.exception.VerifyException: [com.sap.ASJ.wssec.020441] Authentication failed. For details see log entry logID=C000AC117C94015A00000000000047AC in security log.

        at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.authenticate(ProviderSecurityProtocol.java:292)

        at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.authenticateAndGetPolicy(ProviderSecurityProtocol.java:802)

        at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.handleRequest(ProviderSecurityProtocol.java:482)

        ... 48 more

Error from security log file-

#2.#2013 11 19 12:42:45:583#+0530#Warning#/System/Security/WS#

com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-RT#tc~sec~wssec~service#C000AC117C94015A00000000000047AC#7326650000000005#com.adobe/AdobeDocumentServices#com.sap.engine.services.wssec.authentication#Guest#0##EEDFD98F50E911E3A4DB0000006FCBBA#eedfd98f50e911e3a4db0000006fcbba#eedfd98f50e911e3a4db0000006fcbba#0#Thread[HTTP Worker [@1926359154],5,Dedicated_Application_Thread]#Plain##

Received unsupported callback: com.sap.engine.interfaces.security.auth.X509CertificateChainCallback

Authentication for web service AdobeDocumentServicesSec, configuration Config using security policy _*_*X509*_*ws failed: Login failed.. (See SAP Note 880896 for further info).

Also checked the SAPNote 880896 which is no use because the info is already set there.

Thanks,

Rbk

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member280828
Participant
‎11-28-2013 6:12 AM
0 Kudos

Thanks everyone. Our problem got resolved after changing HTTPS to HTTP as below -

1) Go to NWA->SOA->Application & Scenario Communication->Single Service Administration->Service Definition -> Search *adobe* -> Here select all 3 Adobe entries like below -

AdobeDocumentServicesSecVi

AdobeDocumentServicesTestVi

AdobeDocumentServicesVi

Select each of above entry and go to -> Configuration tab -> Select ConfigPort -> Security Tab -> under transport protocol make sure "HTTP" is selected if not then you will get errors during downloading of FORM16 & FP_CHECK_DESTINATION_SERVICE -> ADS_HTTPS

Thanks,

Rbk

Show replies
Show replies

Answers (4)

Answers (4)

Former Member
‎11-19-2013 9:43 AM
0 Kudos

OSS 1177315 - ADS RFC destination test return 403 404 code

Show replies
Show replies
Former Member
‎11-19-2013 9:40 AM
0 Kudos

Hi,

Check the below note.

Note 886572 - Adobe document services: Central Patch Note for NW 7.0

Try giving the wrong passwords for the ADS_AGENT user and test whether you are getting the authentication error.

As well try to provide more acess for the ADS-AGENT user for sometime.

ADS will work even 404 error found. So please try to execute the ADS reports and check once again.

BR,

prabhakar

Show replies
Show replies
Former Member
‎11-19-2013 7:37 AM
0 Kudos

Hi,

I wanted to see check one thing that if you have https activated what is details maintained in the RFC.

as it says here

http://sap-j2ee-engine/error

Thanks

Rishi Abrol

Show replies
Show replies
former_member280828
Participant
‎11-19-2013 8:48 AM
0 Kudos

Hi Rishi,

Yes we have ADS_HTPPS correct port of https i.e 50001 and path prefix as - /AdobeDocumentServicesSec/Config?style=rpc with basic authentication selected in logon tab as user - ADSuser and SSL certificate as SOAP client certificate.

Thanks,

Rbk

sunny_pahuja2
Active Contributor
‎11-19-2013 7:35 AM
0 Kudos

Hello,

Could you please refer to SAP note 1443819?

Thanks,

Sunny

Show replies
Show replies
former_member280828
Participant
‎11-19-2013 7:49 AM
0 Kudos

Hi Sunny,

Thanks for your reply we already did the step and we can see the Adobe version but when we try to do the test from report - FP_CHECK_DESTINATION_SERVICE or try to download form from PC00_M40_F16 we get this SOAP error do you know from where it's picking up the "Guest" user or can we change this ?

Thanks,

Rbk

Former Member
‎11-19-2013 8:05 AM
0 Kudos

Hi,

As you would have done this config before for SSL.

5.) Now all users needing to do calls to ADS should have access to key storage. We recommend to define a role for them that has to be added to the keystore view created before.

Visual Administrator -> Security Provider Service -> under runtime -> policy configuration tab, you will see that keystore-view.<view-name>. Click on Security Roles tab, click on "view-creator". Then add the user respectively the group.

Replace <view-name> with the View name where you have stored your certificate inside the KeyStorage Service.

After that step, especially when you have chosen to add user guest, the cluster needs to be restarted.

This is the step where we assign the guest user.

838111 - How to configure SSL for Adobe Document Services

You can have a check about the setting in the below blog in NWA.

http://scn.sap.com/docs/DOC-47342

Thanks

Rishi abrol

former_member280828
Participant
‎11-19-2013 8:46 AM
0 Kudos

Thanks Rishi,

Now we have added DefaultSecurityRole as per the blog and restart ICM on both system but still no luck.

Also checked the Guest user properties in portal everything looks fine except this tick mark which we don't have in our QAS system - "

I have also unchecked the check mark of "Enfore Password Security Policy at Logon" from ume configuration for guest user but still I can see "Password Change Required" as clicked for guest user.

Thanks,

Rbk

Ask a Question