Re: SSO with Tomcat/IIS on 7.0

Moore, Christopher Allen Mon, 15 Dec 2008 11:19:51 -0800

Hey Alex/all,
You said "1) put string "   String ruser = request.getRemoteUser();     " to 
the login_common.jsp file (initialize data section)."
Where in the file exactly should that go?  Forgive my ignorance.  We did add 
the part you suggested in #2.
We do get the domain login screen (and did previously), however the credentials 
that work for the domain don't seem to work for ARS.  Please see below:
Authentication to AD via client = successful
Credentials being passed from IIS into Midtier = successful
Problem:
We still receive authentication failed ( bad password) back when logging into 
the web via the portal although the same password is successful on the client.
Verified that areasso plugin is running and read
I had to cut a lot from the logs to get this email accepted- let me know if you 
need to see more.  Thank you for any help you can provide!


MidTier Log
FINE: SSO: Property values were loaded.
FINE: SSO: Remote User Name (including domain): txdcs\lowellw
Dec 15, 2008 10:23:07 AM com.remedy.arsys.sso.SSOAuthenticator getUserName
FINE: SSO: Using username default case.
Dec 15, 2008 10:23:07 AM com.remedy.arsys.sso.SSOAuthenticator getUserName
FINE: SSO: Authenticating with username: lowellw
Dec 15, 2008 10:23:07 AM com.remedy.arsys.sso.SSOAuthenticator getAuthString
FINE: SSO: Using AuthString: Qk1DIFJlbWVkeSBBUlN5c3RlbQ==
Dec 15, 2008 10:23:07 AM com.remedy.arsys.session.Login establishSession
FINE: Login: creating session
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.preferences.ARUserPreferences 
getPrefFromServer
FINE: No preference server for this user txdcs\lowellw Using default 
preferences.
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.preferences.ARUserPreferences 
getPrefFromServer
FINE: No preference server for this user txdcs\lowellw Using default 
preferences.
Dec 15, 2008 10:23:08 AM com.remedy.arsys.session.Login initSessions
FINE: Login: SessionId=22AD15E7ED0DDD188D02726F8CA9DDDB
Dec 15, 2008 10:23:08 AM com.remedy.arsys.stubs.HomeServlet doRequest
FINE: HomeServlet: URI=/arsys/home
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.preferences.ARUserPreferences 
getPrefFromServer
FINE: No preference server for this user txdcs\lowellw Using default 
preferences.
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.preferences.ARUserPreferences 
getPrefFromServer
FINE: No preference server for this user txdcs\lowellw Using default 
preferences.
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.Form get
FINE: Form: Constructing for missing key Form:adaprmwn03/Home Page
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.Form <init>
FINE: API form time = 188
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.Form get
FINE: Form: Construction for key Form:adaprmwn03/Home Page took 219
Dec 15, 2008 10:23:08 AM com.remedy.arsys.goat.GoatException <init>
FINE: Throw ARException -
MessageType: 2
MessageNum: 623
MessageText: Authentication failed
AppendedText:
MessageType: 2
MessageNum: 623
MessageText: Authentication failed
AppendedText:
Dec 15, 2008 10:23:08 AM com.remedy.arsys.log.Log log
WARNING: Caught GoatException
ARERR [623] Authentication failed

Plugin Log
<PLGN> <TID: 002524> <RPC ID: 0000000035> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:18.2460 */+VL    AREAVerifyLoginCallback       
   -- user lowellw
<PLGN> <TID: 002524> <RPC ID: 0000000035> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:18.2780 */<ARSYS.AREA.LDAP> <FINER> 
Groups=<NULL>
<PLGN> <TID: 002524> <RPC ID: 0000000035> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:18.2780 */-VL                                  
OK
<PLGN> <TID: 002524> <RPC ID: 0000000036> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:18.3400 */+NS    AREANeedToSyncCallback
<PLGN> <TID: 002524> <RPC ID: 0000000036> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:18.3400 */-NS                                  
OK -- 0
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4810 */+VL    AREAVerifyLoginCallback       
   -- user lowellw
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4810 */<ARSYS.AREA.LDAP> <FINEST> 
AREAVerifyLoginCallback
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4810 */<ARSYS.AREA.LDAP> <FINER> 
ldap_init("168.44.244.61", 389)
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4810 */<ARSYS.AREA.LDAP> <FINER> connect 
timeout previously: -1
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4810 */<ARSYS.AREA.LDAP> <FINER> connect 
timeout used: 35000
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4810 */<ARSYS.AREA.LDAP> <FINER> 
ldap_simple_bind("txdcs\lowellw", hidden)
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <FINEST> After the 
bind
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <FINER> 
ldap_search_ext("ou=portal,dc=txdcs,dc=teamibm,dc=com", 2, 
"sAMAccountName=lowellw")
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <FINER> 
ldap_simple_bind("CN=lowellw,OU=Portal,DC=txdcs,DC=teamibm,DC=com", hidden)
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <SEVERE> Bind: 
Invalid credentials (LDAPERR Code 49) 80090308: LdapErr: DSID-0C090334, 
comment: AcceptSecurityContext error, data 52e, vece
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <FINE> Found user 
but password is bad
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <FINER> 
LicenseMask=0 LicenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=3 
Email=<NULL> LoginStatus=2 ModificationTime=0
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */<ARSYS.AREA.LDAP> <FINER> 
Groups=<NULL>
<PLGN> <TID: 002524> <RPC ID: 0000000038> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:32:45.4960 */-VL                                
FAIL
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:09.9960 */+VL    AREAVerifyLoginCallback       
   -- user moorec
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:09.9960 */<ARSYS.AREA.LDAP> <FINEST> 
AREAVerifyLoginCallback
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:09.9960 */<ARSYS.AREA.LDAP> <FINER> 
ldap_init("168.44.244.61", 389)
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:09.9960 */<ARSYS.AREA.LDAP> <FINER> connect 
timeout previously: -1
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:09.9960 */<ARSYS.AREA.LDAP> <FINER> connect 
timeout used: 35000
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:09.9960 */<ARSYS.AREA.LDAP> <FINER> 
ldap_simple_bind("txdcs\lowellw", hidden)
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:10.0120 */<ARSYS.AREA.LDAP> <FINEST> After the 
bind
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:10.0120 */<ARSYS.AREA.LDAP> <FINER> 
ldap_search_ext("ou=portal,dc=txdcs,dc=teamibm,dc=com", 2, 
"sAMAccountName=moorec")
<PLGN> <TID: 002524> <RPC ID: 0000000039> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:37:10.0120 */<ARSYS.AREA.LDAP> <FINE> We do not 
know the user
***********
<PLGN> <TID: 006476> <RPC ID: 0000000008> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:52:41.1990 */<ARSYS.AREA.LDAP> <FINER> 
ldap_simple_bind("CN=lowellw,OU=Portal,DC=txdcs,DC=teamibm,DC=com", hidden)
<PLGN> <TID: 006476> <RPC ID: 0000000008> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:52:41.2150 */<ARSYS.AREA.LDAP> <SEVERE> Bind: 
Invalid credentials (LDAPERR Code 49) 80090308: LdapErr: DSID-0C090334, 
comment: AcceptSecurityContext error, data 52e, vece
<PLGN> <TID: 006476> <RPC ID: 0000000008> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:52:41.2150 */<ARSYS.AREA.LDAP> <FINE> Found user 
but password is bad
<PLGN> <TID: 006476> <RPC ID: 0000000008> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:52:41.2150 */<ARSYS.AREA.LDAP> <FINER> 
LicenseMask=0 LicenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=3 
Email=<NULL> LoginStatus=2 ModificationTime=0
<PLGN> <TID: 006476> <RPC ID: 0000000008> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:52:41.2150 */<ARSYS.AREA.LDAP> <FINER> 
Groups=<NULL>
<PLGN> <TID: 006476> <RPC ID: 0000000008> <Queue: AREA      > <Client-RPC: 
390695> /* Mon Dec 15 2008 12:52:41.2150 */-VL                                
FAIL


_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"

Re: SSO with Tomcat/IIS on 7.0

Reply via email to