This discussion is archived
3 Replies Latest reply: Oct 25, 2012 8:54 AM by Mohammed Rayan-Oracle RSS

what dose this error means ? SSO Faild to authenticate

SAMJO078 Newbie
Currently Being Moderated
this is written on UCM.log ,i am trying to login using Microsoft kerberos

for queue: <1335097958894> <BEA-000000> <NegotiateIdentityAsserterServiceImpl.process() called>
<1335097958894> <BEA-000000> <Auth type found for webapp didn't match known types: CLIENT_CERT,FORM>
<1335097958910> <BEA-000000> <All request headers:>
<1335097958910> <BEA-000000> < Header: Accept : image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*>
<1335097958910> <BEA-000000> < Header: Referer : http://192.168.30.31:16200/cs/>
<1335097958910> <BEA-000000> < Header: Accept-Language : en-us>
<1335097958910> <BEA-000000> < Header: UA-CPU : x86>
<1335097958910> <BEA-000000> < Header: Accept-Encoding : gzip, deflate>
<1335097958910> <BEA-000000> < Header: User-Agent : Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322)>
<1335097958910> <BEA-000000> < Header: Host : 192.168.30.31:16200>
<1335097958910> <BEA-000000> < Header: Connection : Keep-Alive>
<1335097958910> <BEA-000000> < Header: Cookie : IdcLocale=English-US; IntradocAuth=Internet; JSESSIONID=jhfjPT6GfnpYQvL1TXkTyn094cvJ71HghYG8yG7h9zsn2CqZLg0J!-1885260414>
<1335097958910> <BEA-000000> <Negotiate filter: new session, no negotiation has started>
<1335097958910> <BEA-000000> <com.bea.common.security.internal.service.ChallengeIdentityAssertionServiceImpl.getChallengeToken (tokenType=WWW-Authenticate.Negotiate)>
<1335097958910> <BEA-000000> <com.bea.common.security.internal.service.ChallengeIdentityAssertionTokenServiceImpl.getChallengeToken (tokenType=WWW-Authenticate.Negotiate)>
<1335097958910> <BEA-000000> <com.bea.common.security.internal.legacy.service.ChallengeIdentityAssertionProviderImpl$ChallengeIdentityAsserterV2Adapter.getChallengeToken (tokenType=WWW-Authenticate.Negotiate)>
<1335097958910> <BEA-000000> <Unauthorized, sending WWW-Authenticate: Negotiate>
5097958910> <BEA-000000> <NegotiateIdentityAsserterServiceImpl.process() called>
5097958910> <BEA-000000> <Auth type found for webapp didn't match known types: CLIENT_CERT,FORM>
5097958910> <BEA-000000> <All request headers:>
5097958910> <BEA-000000> < Header: Accept : image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*>
5097958910> <BEA-000000> < Header: Referer : http://192.168.30.31:16200/cs/>
5097958910> <BEA-000000> < Header: Accept-Language : en-us>
5097958910> <BEA-000000> < Header: UA-CPU : x86>
5097958910> <BEA-000000> < Header: Accept-Encoding : gzip, deflate>
5097958910> <BEA-000000> < Header: User-Agent : Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322)>
5097958910> <BEA-000000> < Header: Host : 192.168.30.31:16200>
5097958910> <BEA-000000> < Header: Connection : Keep-Alive>
5097958910> <BEA-000000> < Header: Authorization : Negotiate TlRMTVNTUAABAAAAB7IIog0ADQAuAAAABgAGACgAAAAFAs4OAAAAD1VDTTExR0VURUNILVNZU1RFTVM=>
5097958910> <BEA-000000> < Header: Cookie : IdcLocale=English-US; IntradocAuth=Internet; JSESSIONID=jhfjPT6GfnpYQvL1TXkTyn094cvJ71HghYG8yG7h9zsn2CqZLg0J!-1885260414>
5097958910> <BEA-000000> < processing header: Negotiate TlRMTVNTUAABAAAAB7IIog0ADQAuAAAABgAGACgAAAAFAs4OAAAAD1VDTTExR0VURUNILVNZU1RFTVM=>
5097958910> <BEA-000000> <SPNEGONegotiateToken.discriminate: not Application Constructed Object, not SPNEGO NegTokenInit token>
5097958910> <BEA-000000> <Token not supported by Negotiate Filter, ignoring: NTLM>
5097958910> <BEA-000000> <Negotiate filter: existing session, negotiation was started>
5097958910> <BEA-000000> <Request doesn't have Negotiate response, Negotiate filter ignoring>
5097958910> <BEA-000000> <Passing to next filter in the chain>
  • 1. Re: what dose this error means ? SSO Faild to authenticate
    784258 Newbie
    Currently Being Moderated
    ....5097958910> <BEA-000000> <Auth type found for webapp didn't match known types: CLIENT_CERT,FORM> ...

    check web.xml for

    <login-config>
    <auth-method>CLIENT-CERT</auth-method>
    </login-config>
  • 2. Re: what dose this error means ? SSO Faild to authenticate
    803725 Newbie
    Currently Being Moderated
    "If you look at the error Auth type found for webapp didn't match known types: CLIENT_CERT,FORM> "

    there is an CLIENT_underscore_CERT which seems to be coming due to some typo in the application web.xml descriptor which might have by mistake written as wrong character if you would have copied and pasted the same from somewhere. Try re-writing the tag in web.xml manually and check.
  • 3. Re: what dose this error means ? SSO Faild to authenticate
    Mohammed Rayan-Oracle Journeyer
    Currently Being Moderated
    Though the post looks very old dated back to "Apr 22, 2012 5:54 AM" :)

    The actual issue here is that the SSO failed due to the NTLM token received by the WLS,which was expecting a Kerberos token.


    5097958910> <BEA-000000> < processing header: Negotiate TlRMTVNTUAABAAAAB7IIog0ADQAuAAAABgAGACgAAAAFAs4OAAAAD1VDTTExR0VURUNILVNZU1RFTVM=>
    5097958910> <BEA-000000> <SPNEGONegotiateToken.discriminate: not Application Constructed Object, not SPNEGO NegTokenInit token>
    5097958910> <BEA-000000> <Token not supported by Negotiate Filter, ignoring: NTLM>



    Two known issues on this:


    1 SPN issues like wrong SPN entry/duplicate SPN's
    or
    2. your browser is not set up correctly.


    For more understanding on this,you can refer the below link


    http://www.oracle.com/technetwork/articles/idm/weblogic-sso-kerberos-1619890.html

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points