cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP IdM 8.0 - Login failed: Check error log (HTTP 401)

Go to solution
santosh_karadkar2
Explorer

on ‎02-12-2016 12:34 PM

0 Kudos

Hi All ,

I am in process of installation of SAP IdM 8.

Required activities such as Database,IdM Core , SSL , IdM Developer Studio successfully completed.

During authenticating I noticed error [Login failed: Check error log (HTTP 401)] on Eclipse Developer Studio while authenticating on server.

On further investigation following logs were recorded on Portal end , I wonder if anyone has experienced such issue in past ? Do we need to configure JAVA Authentication Stack ?

#BC-JAS-SEC#security#C0000A800B88002A0000000000006BD8#25297650000000004#sap.com/idmdevstudio#com.sap.engine.services.security.authentication.logincontext.table#Guest#0##2F199A22D17E11E5CF5E005056802EFC#2f199a22d17e11e5cf5e005056802efc#2f199a22d17e11e5cf5e005056802efc#0#Thread[HTTP Worker [@867177490],5,Dedicated_Application_Thread]#Plain##

LOGIN.FAILED

User: MXMC_ADMIN

IP Address: 10.128.11.245

Authentication Stack: sap.com/idmdevstudio*idmdevstudio

Authentication Stack Properties:

        template = basic

        policy_domain = /idmdevstudio

        auth_method = basic

        realm_name = Upload Protected Area

Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details

1. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   SUFFICIENT  ok          exception             true       Authentication did not succeed.

No logon policy was applied#

Regards,

Santosh

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

todor_boyadzhiev
Participant
‎02-14-2016 7:42 PM
0 Kudos

Hi Santosh,

Which authentication does not work - dev studio or database?

If it is dev studio -

I see the error is for MXMC_ADMIN user - this is the user used for connection to the databse.You should use the Administrator user instead as described in the documentation.

The Administrator user should exist in the NW User Administration and he should have all the needed roles for IDM - also described in the documentation.

If it is the databse - try to login with the MXMC_ADMIN - have in mind that the prefix is case sensitive. Also check your password - if it enetered correctly in the IDM Data source.

Don't forget - you need 2 data sources for idm 8.0. One for the studio and one for the database.

Regards

Todor

Show replies
Show replies
santosh_karadkar2
Explorer
‎02-14-2016 8:35 PM
0 Kudos

Hi Todor,

Thanks for response .

I agree MXMC users are used for Database connection ,  already tried with Administrator account which is exist in NW UME.

Error i am experiencing is visible but not sure if Authentication stack needs to update manually as per given error

Error at IdMDevStudio:

- com.sap.idm.ic.rest.odata4sap.entitymodel.exceptions.HttpException: 401 Unauthorized


Regards,

Santosh

todor_boyadzhiev
Participant
‎02-15-2016 8:18 AM
0 Kudos

Hi Again,

when you were doing the database install did you mention Administrator as the admin user for the installation?

Also - the adminsitrator user should have the folllowing roles in the UME:

- IDM User

- IDM Authenticated

- idm.developer

- SPML Role

After checking for that you can try restarting the idm.rest service from NW.

Regards

Todor

santosh_karadkar2
Explorer
‎02-18-2016 9:07 PM
0 Kudos

Hi Todor,


Thanks , to avoid confusion I created dedicated ID instead of MXMC user.

User is available in NW UME with all suggested roles & actions.


Admin users was created during Installation , please find entries of Tables:


SQL> select * from MXMC_OPER.MC_USERS;

  MCUSERID

----------

MCUSERNAME

-------------------------------------------------------------

MCCREATED MCCREATEDBY MCMODIFIE MCLASTLOG MCUSERTYPE

--------- ----------- --------- --------- ----------

         2

ADMINISTRATOR

19-JAN-16          -1 19-JAN-16                    2

         3

AAABBB

18-FEB-16          -1 18-FEB-16                    2

  MCUSERID

----------

MCUSERNAME

-------------------------------------------------------------

MCCREATED MCCREATEDBY MCMODIFIE MCLASTLOG MCUSERTYPE

--------- ----------- --------- --------- ----------

         1

ADMIN

19-JAN-16          -1 19-JAN-16                    2

2 data sources for idm 8.0. One for the studio and one for the database => Yes they are created and updated in NW & Developer studio.


I am not able to add an Identity Store due to failure of logon in Developer Studio.


Regards,

Santosh

todor_boyadzhiev
Participant
‎02-19-2016 8:02 PM
0 Kudos

Hi Santosh,

Please go to NW > Logs > Dev Traces and reproduce the issue.

and attach the error that is shown there please.

Regards

Todor

santosh_karadkar2
Explorer
‎02-19-2016 8:20 PM
0 Kudos

Hi Todor,

I noticed following error but I am sure about the credential , they are correct

UME is currently not in NZDM Recording Mode

20:15:16:693 Debug Guest HTTP Worker [@2143616545],5,... ...ecurity.authentication.logincontext Invalid password for user ukx6174 .

20:15:16:694 Debug Guest HTTP Worker [@2143616545],5,... ...oginmodule.BasicPasswordLoginModule Login failed!

[EXCEPTION]

com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.

May be something is wrong with Authentication module for IdM.

I am able to login successfully in NW using same credentials

Regards,

Santosh

todor_boyadzhiev
Participant
‎02-19-2016 9:40 PM
0 Kudos

This error is not relevant to idm because it is comming from the engine.

It should be something with com.sap.idm....

Other errors?

What are your data source names?

Regards

Todor

Answers (0)

Ask a Question