Hi,
We have Siteminder SSO configured for one of the custoimsed JAVA Application being deployed on the SAP NW portal 7.4.
As a part of the siteminder configuration we have configured the below
- Installed/configured Siteminder webagent, session linker, SAP WEBAS Agent
- Configred IIS 7.5 to act as front-end webserver to SAP
- Configured the policy server to protect the JAVA application URL
- Configured the Authentication templated as per the CA document below
CA SSO Agent for SAP Integrated Documents - r12.51
While tring to test the application getting the 401 unauthorized error. Please find the captured the security logs
09:35:00:702 | Debug | | HTTP Worker [@1717154925],5,... | ...ication.vuser.VirtualUserDataSource | searchPrincipalDatabags *************************************************************************** * com.sap.security.core.persistence.imp.SearchCriteria * looking for: "UACC" on all repositories. * Using AND mode without size limit. * * com.sap.security.core.usermanagement|->PRINCIPAL_TYPE_ATTRIBUTE EQUALS UACC (case sensitive) * com.sap.security.core.usermanagement|->j_user EQUALS xxxx (not case sensitive) *************************************************************************** found nothing. |
09:35:00:728 | Debug | | HTTP Worker [@1717154925],5,... | ...ication.vuser.VirtualUserDataSource | Populate principal databag failed as principal was not found. |
09:35:00:729 | Error | | HTTP Worker [@1717154925],5,... | ...nnectionHandler.isValidConnection() | Return code from doManagement() is false |
09:35:00:729 | Error | | HTTP Worker [@1717154925],5,... | ...nnectionHandler.isValidConnection() | Check Policy Server IP Address or FQDN |
09:35:00:730 | Error | | HTTP Worker [@1717154925],5,... | ...as.SiteMinderLoginModule.SSOlogin() | Agent not connected |
09:35:00:730 | Debug | | HTTP Worker [@1717154925],5,... | ...ecurity.authentication.logincontext | Login failed! [EXCEPTION] java.security.PrivilegedActionException: javax.security.auth.login.LoginException: Login Failure - Check SiteMinder Configuration at java.security.AccessController.doPrivileged(Native Method) at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:282) at com.sap.engine.services.servlets_jsp.server.servlet.AuthenticationFilter.doFilter(AuthenticationFilter.java:111) at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:79) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:441) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:210) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:441) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:430) at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:38) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:81) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:278) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:81) at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60) at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.SessionSizeFilter.process(SessionSizeFilter.java:26) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:57) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:43) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:475) at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:269) at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56) at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122) at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101) at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328) Caused by: javax.security.auth.login.LoginException: Login Failure - Check SiteMinder Configuration at com.netegrity.siteminder.sap.webas.jaas.SiteMinderLoginModule.login(DashoA8550) at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:254) at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:66) ... 41 more |
We need your expert advice to reslove this issue.
Kindly advice.
Thanks & Regards,
Sowmya
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.