on 02-12-2016 12:34 PM
Hi All ,
I am in process of installation of SAP IdM 8.
Required activities such as Database,IdM Core , SSL , IdM Developer Studio successfully completed.
During authenticating I noticed error [Login failed: Check error log (HTTP 401)] on Eclipse Developer Studio while authenticating on server.
On further investigation following logs were recorded on Portal end , I wonder if anyone has experienced such issue in past ? Do we need to configure JAVA Authentication Stack ?
#BC-JAS-SEC#security#C0000A800B88002A0000000000006BD8#25297650000000004#sap.com/idmdevstudio#com.sap.engine.services.security.authentication.logincontext.table#Guest#0##2F199A22D17E11E5CF5E005056802EFC#2f199a22d17e11e5cf5e005056802efc#2f199a22d17e11e5cf5e005056802efc#0#Thread[HTTP Worker [@867177490],5,Dedicated_Application_Thread]#Plain##
LOGIN.FAILED
User: MXMC_ADMIN
IP Address: 10.128.11.245
Authentication Stack: sap.com/idmdevstudio*idmdevstudio
Authentication Stack Properties:
template = basic
policy_domain = /idmdevstudio
auth_method = basic
realm_name = Upload Protected Area
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule SUFFICIENT ok exception true Authentication did not succeed.
No logon policy was applied#
Regards,
Santosh
Hi Santosh,
Which authentication does not work - dev studio or database?
If it is dev studio -
I see the error is for MXMC_ADMIN user - this is the user used for connection to the databse.You should use the Administrator user instead as described in the documentation.
The Administrator user should exist in the NW User Administration and he should have all the needed roles for IDM - also described in the documentation.
If it is the databse - try to login with the MXMC_ADMIN - have in mind that the prefix is case sensitive. Also check your password - if it enetered correctly in the IDM Data source.
Don't forget - you need 2 data sources for idm 8.0. One for the studio and one for the database.
Regards
Todor
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Todor,
Thanks for response .
I agree MXMC users are used for Database connection , already tried with Administrator account which is exist in NW UME.
Error i am experiencing is visible but not sure if Authentication stack needs to update manually as per given error
Error at IdMDevStudio:
- com.sap.idm.ic.rest.odata4sap.entitymodel.exceptions.HttpException: 401 Unauthorized
Regards,
Santosh
Hi Again,
when you were doing the database install did you mention Administrator as the admin user for the installation?
Also - the adminsitrator user should have the folllowing roles in the UME:
- IDM User
- IDM Authenticated
- idm.developer
- SPML Role
After checking for that you can try restarting the idm.rest service from NW.
Regards
Todor
Hi Todor,
Thanks , to avoid confusion I created dedicated ID instead of MXMC user.
User is available in NW UME with all suggested roles & actions.
Admin users was created during Installation , please find entries of Tables:
SQL> select * from MXMC_OPER.MC_USERS;
MCUSERID
----------
MCUSERNAME
-------------------------------------------------------------
MCCREATED MCCREATEDBY MCMODIFIE MCLASTLOG MCUSERTYPE
--------- ----------- --------- --------- ----------
2
ADMINISTRATOR
19-JAN-16 -1 19-JAN-16 2
3
AAABBB
18-FEB-16 -1 18-FEB-16 2
MCUSERID
----------
MCUSERNAME
-------------------------------------------------------------
MCCREATED MCCREATEDBY MCMODIFIE MCLASTLOG MCUSERTYPE
--------- ----------- --------- --------- ----------
1
ADMIN
19-JAN-16 -1 19-JAN-16 2
2 data sources for idm 8.0. One for the studio and one for the database => Yes they are created and updated in NW & Developer studio.
I am not able to add an Identity Store due to failure of logon in Developer Studio.
Regards,
Santosh
Hi Todor,
I noticed following error but I am sure about the credential , they are correct
UME is currently not in NZDM Recording Mode
20:15:16:693 Debug Guest HTTP Worker [@2143616545],5,... ...ecurity.authentication.logincontext Invalid password for user ukx6174 .
20:15:16:694 Debug Guest HTTP Worker [@2143616545],5,... ...oginmodule.BasicPasswordLoginModule Login failed!
[EXCEPTION]
com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
May be something is wrong with Authentication module for IdM.
I am able to login successfully in NW using same credentials
Regards,
Santosh
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.