Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 15 Oracle Analytics Lounge
- 208 Oracle Analytics News
- 41 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 76 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
LDAP issue

I have a RPD where LDAP is configured, when i deploy the RPD, all the services are UP, i am able to open EM & Console, but i am not able open the analytics page.
I tried deploying Sampleapplite rpd, but still i am facing same issue.
Below are the log details of bi_server, not able to figure out what's wrong. itried googling the error, but didnt find any solution.
Can anyone please help me in resolving the same.
BIserver_1 logs:
Caused by: oracle.wsm.security.SecurityException: WSM-00008 : Web service authentication failed.
at oracle.wsm.security.jps.JpsManager.authenticate(JpsManager.java:242)
at oracle.wsm.security.jps.JpsManager.basicAuthenticate(JpsManager.java:319)
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.receiveRequest(WssUsernameTokenScenarioExecutor.java:159)
... 51 more
Caused by: javax.security.auth.login.LoginException: [Security:090304]Authentication Failed: User BISystemUser javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User BISystemUser denied
at oracle.security.jps.internal.jaas.module.authentication.JpsUserAuthenticationLoginModule.login(JpsUserAuthenticationLoginModule.java:71)
at sun.reflect.GeneratedMethodAccessor414.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
at oracle.wsm.security.jps.JpsManager.authenticate(JpsManager.java:234)
... 53 more
Caused by: oracle.security.jps.internal.jaas.module.AuthenticationException: [Security:090304]Authentication Failed: User BISystemUser javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User BISystemUser denied
at oracle.security.jps.wls.jaas.module.authentication.WlsUserAuthenticator.authenticate(WlsUserAuthenticator.java:64)
at oracle.security.jps.internal.jaas.module.authentication.JpsUserAuthenticationLoginModule.login(JpsUserAuthenticationLoginModule.java:62)
... 64 more
Caused by: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User BISystemUser javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User BISystemUser denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.GeneratedMethodAccessor409.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.GeneratedMethodAccessor407.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy34.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.GeneratedMethodAccessor411.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy52.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:338)
at weblogic.security.services.Authentication.doLogin(Authentication.java:133)
at weblogic.security.services.Authentication.login(Authentication.java:74)
at weblogic.security.services.Authentication.login(Authentication.java:51)
at oracle.security.jps.wls.jaas.module.authentication.WlsUserAuthenticator.authenticate(WlsUserAuthenticator.java:59)
... 65 more
]]
[2016-03-14T10:31:16.125+05:30] [bi_server1] [ERROR] [OWS-04115] [oracle.webservices.service] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000LDnTkmN7q215zvWByW1Mt^AR000006,0:106] [APP: OracleRTD#11.1.1] An error occurred for port: {http://www.sigmadynamics.com/schema/services/RpcService}RpcPort: oracle.fabric.common.PolicyEnforcementException: FailedAuthentication : The security token cannot be authenticated..
[2016-03-14T10:31:16.128+05:30] [bi_server1] [ERROR] [WSM-00279] [oracle.wsm.resources.security] [tid: RTD_Worker_1] [userId: <anonymous>] [ecid: 0000LDnTkmN7q215zvWByW1Mt^AR000006,0] [APP: OracleRTD#11.1.1] [WSM_POLICY_NAME: oracle/wss_username_token_client_policy] The following Fault Message is received at the client side from the service:- [[
FailedAuthentication : The security token cannot be authenticated..
The client side policy is:-
oracle/wss_username_token_client_policy.
The service endpoint url is:-
http://10.10.10.10:9704/ws/rpc.
Keystore properties:-
{}.
Properties found in the message context (Partial list):-
{javax.xml.ws.security.auth.username=BISystemUser, javax.xml.rpc.security.auth.username=BISystemUser}.
PolicyReference OverrideProperty:
[]
Policy configuration properties (some of these may be overridden by the properties passed in the PolicyReference or message context, for details about the order of precedence of properties consult documentation):-
{csf-key=basic.credentials, role=ultimateReceiver}.
Other related information:-
{oracle.integration.platform.common.subject=Subject: NULL
}.
]]
[2016-03-14T10:31:16.130+05:30] [bi_server1] [ERROR] [] [oracle.webservices.jaxws] [tid: RTD_Worker_1] [userId: <anonymous>] [ecid: 0000LDnTkmN7q215zvWByW1Mt^AR000006,0] [APP: OracleRTD#11.1.1] Error while invoking endpoint "http://10.10.10.10:9704/ws/rpc" from client; Client side policies: [oracle/wss_username_token_client_policy]
Answers
-
vai wrote: [Security:090302]Authentication Failed: User BISystemUser denied
^... that's the core bit you should be worried about. And if you just google this you'll quickly see that you'll have to go back a bit in order to solve this. From the documentation:
You must ensure that the OracleSystemUser is a member of the OracleSystemGroup group in your identity store and that the group has the WebLogic global role OracleSystemRole assigned to it. For more information, see Steps 3-6 in Section 3.4.7.1, "Configuring Oracle Internet Directory LDAP Authentication as the Only Authenticator" (these steps still apply for other LDAP servers): Alternately, if the problem is that the OracleSystemUser account cannot not be authenticated or does not exist (for example, because you migrated to an LDAP identity store and removed DefaultAuthenticator without creating a new OracleSystemUser account in your new identity store), you see a log entry like this:
Caused by: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User OracleSystemUser javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User OracleSystemUser denied
at
weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
This error message can be caused by several different issues: You have removed the DefaultAuthenticator and not created an account named OracleSystemUser in the new identity store you are using instead. You have misconfigured the authenticator for your new identity store such that the OracleSystemUser account cannot be found. The OracleSystemUser account has been locked or disabled in some way on your LDAP server.So basically: How was the system set up in terms of security - and I mean proper security, not any 10g-legacy RPD-based LDAP integration.
Where did the RPD come from? etc.
0