cancel
Showing results for 
Search instead for 
Did you mean: 

More than 1 DC Hostname SSO BOXI r3.1 SP5

Former Member
0 Kudos

Hello,

I'm still struggling with the Http 404 error message when attempting SSO for InfoView.

I've noticed that there is more than 1 dc hostname in my environment.

In krb5.ini I can fill out both names behind the kdc = xxx.DOMAIN and in both cases there is a ticket stored when I use kinit. So it seems that with either dc name krb5.ini works fine.

However, could the fact that there is more than 1 DC (this is what i call it) be a problem for some other part of the SSO?

In jce_verbose log I get the following message:

Failed to get plugin:key=@server.domain.xxx.com:13

I'm really stuck. Anyone any suggestions?

Best regards.

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member719672
Participant
0 Kudos

Hi Alonso,

This error means the  client was able to communicate with the server but server could not find the Infoview Page.

Do you have the backup of web.xml file? If yes, than after reveting back are you able to launch the Infoview page?

If you able to launch the page than may be due to some wrong settings you getting that error.

I am not sure if having more than 1 dc is issue here.

Hope it will help you.

Regards,

Deepak

Former Member
0 Kudos

Hi,

Yes, if I put back the original WEB.XML file I can do a manual logon to InfoView with AD authentication.

I changed the following in the WEB.XML file:

-set authentication.default to secWinAD

-set siteminder.enabled to false

-set vintela.enabled to true

-remove comments around auth filter

-set idm.realm to my service account domain (in ALL CAPS)

-set idm.princ to the service account

-comment out the legacy logging

-remove comments from the filter mapping

Is there a way to step by step find out in which of these steps it goes wrong?

Former Member
0 Kudos

Hi, I think it has something to do with the domain.

When I add the full domain name to the server name in the url for InfoView (see below), so

http://server.domain.xxx.com:8080/InfoViewApp/logon.jsp

then part of the page is shown. Now only the inside of the screen gives the 404 message, whereas before (when I entered: http://server:8080/InfoViewApp/logon.jsp I  got the 404 message in the whole screen.

Is there something wrong with the DNS?

I also get this message in jce_default log:

<log4j:event logger="com.crystaldecisions.sdk.framework.internal.EnterpriseSession" timestamp="1337678770419" level="ERROR" thread="ContainerBackgroundProcessor[StandardEngine[Catalina]]">

<log4j:message><![CDATA[EnterpriseSession: dispose(): aps=server:6400,cluster=@server.domain.xxx.com,userInfo=(UserInfo: username=xxx,userID=10838,userDesc=,auth=secWinAD),uri=osca:iiop://server:6400;SI_SESSIONID=12055JquZQ6oCI7s2Lp2h]]></log4j:message>

<log4j:throwable><![CDATA[java.lang.Exception: EnterpriseSession:dispose()

          at com.crystaldecisions.sdk.framework.internal.EnterpriseSession.dispose(EnterpriseSession.java:538)

          at com.businessobjects.sdk.ceutils.SessionCleanupListener$SortedRecord.dispose(SessionCleanupListener.java:173)

          at com.businessobjects.sdk.ceutils.SessionCleanupListener.disposeAll(SessionCleanupListener.java:138)

          at com.businessobjects.sdk.ceutils.SessionCleanupListener.sessionDestroyed(SessionCleanupListener.java:100)

          at org.apache.catalina.session.StandardSession.expire(StandardSession.java:719)

          at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:582)

          at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:696)

          at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:681)

          at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1285)

          at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1570)

          at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579)

          at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1579)

          at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1559)

          at java.lang.Thread.run(Thread.java:595)

]]></log4j:throwable>

</log4j:event>

former_member719672
Participant
0 Kudos

Hi Alonso,

Have you made the below changes on CMS server? This step is required for Multi Domain and Multi forest environment:

“UseFQDNForDirectoryServers” = “true”.

Also use below SAP note to do the troubleshooting:

1476374 - ***Best Practices*** including Basic and Advanced AD Troubleshooting Steps for Manual Logon, NTLM, Kerberos and Vintela Single Sign On

1199995 - Error: "The Active Directory Authentication plug in could not authenticate at this time" (FQDN registry key)

Hope it will help you!

Regards,

Deepak