An Internal Authentication Error Has Occurred Opensso
enterprise Single Sign-On infrastructure. I have done it many times in the development and staging environment and they worked! However, I keep getting "An internal authentication error has occurred" when this custom Authentication module is turned on. No choice. I need to turn on the verbose logging and this is what is been captured in Authentication debug log - "unable to find LoginModule class" Ok, I must have made a mistake during the registration of the auth module via ssoadm.jsp. I think I must have key in only the Java class name without the full package path. So I went ahead with ssoadm.jsp again to register with a full package Java class name. Restarted OpenSSO server just to play safe. No luck! Hmmm.... I recalled that in the days of Sun Access Manager 6.x and 7.x, there was no such thing as registering an authentication module via ssoadm.jsp. We did it manually and one of the steps was to add in the Pluggable Authentication Module Classes in Configuration > Core. So I went ahead to verify the entries. Jackpot! Removing the last entry resolved the issue. . Posted by Chee Chong at 2:34 PM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: OpenAM, OpenSSO No comments: Post a Comment Newer Post Older Post Home Subscribe to: Post Comments (Atom) Search This Blog Loading... About Me Chee Chong, LOWSolutions Architect(Portal, Messaging, Identity, Systems)Azimuth Labs Pte Ltd Twitter Updates Twitter Updates follow me on Twitter Topics OpenAM (268) OpenSSO (73) OpenDJ (68) Corporate Email Hosting (63) Sun Directory Server (56) Sun Messaging Server (52) General (40) OpenIDM (30) OpenMail (24) Sun Portal Server (19) CA SiteMinder (18) AV/AS (16) Sun Access Manager (16) Sun Cluster (16) Gmail (14) LifeRay (14) OpenDS (12) Microsoft (10) Mobile Office (8) Open Identity Bridge (6) SSO (6) Sun Calendar Server (6) Bridge SPE (5) OpenIG (4) SharePoint (4) Solaris (4) Citrix XenMobile (3) Compuware (3) ELK (3) Open Source (3) OpenID Connect (3) Oracle Fusion Middleware (3) Sun Identity Manager (3) Mobile Device Management (2) OpenLDAP (2) RSA SecurID Access (2) API Gateway (1) APM (1) AWS (1) Ansible (1) Brainwave (1) CA API Gateway (1) CA Directory (1) CTS (1) Data Access Governance (1) Facebook Business Manager (1) IoT (1) Layer 7 (1) MFA (1) Mulesoft (1) MySQL (1) OAuth2 (1) OpenICF (1) OpenUMA (1) Oracle Database (1) Performance Tuning (1) Ping Identity (1) PingID (1) Puppet Scripts (1) RSA LifeCycle & Governance (1) Risk Authentication (1) SailPoint IdentityIQ
ExportXMLWordPrintable Details Type: Bug Status: Closed Priority: Major Resolution: Fixed Affects Version/s: current Fix Version/s: FAM-8.0-build-6 Component/s: authentication Labels: None Environment: Operating System: All Platform: Sun Issuezilla Id: 2,355 Tags: newtestcase Description DistAuth server should display the more meaningful error when wrong org dn is specified in the URL. Access distAuth server UI from browser using: http://host:port/distAuth/UI/Login?org=dc=opensso,dc=java,dc=xyz Note the wrong org dn in the URL An internal authentication error has occurred. Contact your system administrator is displayed. OptionsSort By NameSort By DateAscendingDescendingDownload AllAttachments CRT_approved:2355 27/Aug/08 10:43 AM 0.1 kB pluo CRT_submittal:2355 27/Aug/08 10:34 AM 18 kB manish_rustagi Activity Ascending http://azlabs.blogspot.com/2011/02/internal-authentication-error-has.html order - Click to sort in descending order All Comments Work Log History Activity Hide Permalink manish_rustagi added a comment - 24/Apr/08 1:05 PM Reassign it to myself Show manish_rustagi added a comment - 24/Apr/08 1:05 PM Reassign it to myself Hide Permalink dillidorai added a comment - 14/Aug/08 2:28 PM Targeting for build 6 for now. Manish to evaluate and change te cubcomponent or https://java.net/jira/browse/OPENSSO-2355 target. Show dillidorai added a comment - 14/Aug/08 2:28 PM Targeting for build 6 for now. Manish to evaluate and change te cubcomponent or target. Hide Permalink manish_rustagi added a comment - 26/Aug/08 10:05 AM Started Show manish_rustagi added a comment - 26/Aug/08 10:05 AM Started Hide Permalink manish_rustagi added a comment - 27/Aug/08 10:34 AM Created an attachment (id=6067) CRT_submittal:2355 Show manish_rustagi added a comment - 27/Aug/08 10:34 AM Created an attachment (id=6067) CRT_submittal:2355 Hide Permalink pluo added a comment - 27/Aug/08 10:44 AM Created an attachment (id=6068) CRT_approved:2355 Show pluo added a comment - 27/Aug/08 10:44 AM Created an attachment (id=6068) CRT_approved:2355 Hide Permalink manish_rustagi added a comment - 27/Aug/08 11:03 AM Fix checked in Show manish_rustagi added a comment - 27/Aug/08 11:03 AM Fix checked in Hide Permalink cmwesley added a comment - 07/Oct/08 10:53 AM Verified in build: 20081006.1 (5c) Show cmwesley added a comment - 07/Oct/08 10:53 AM Verified in build: 20081006.1 (5c) Hide Permalink cmwesley added a comment - 21/Nov/08 7:38 PM Updated test case OpenSSO_Auth(DistAuth)_23 with issue number and common criteria details. Show cmwesley added a comment - 21/Nov/08 7:38 PM Updated test case OpenSSO_Au
with SSL Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] See http://docs.oracle.com/cd/E19575-01/820-3740/ggrfj/index.html Figure 5-1. I think when the closed https://lists.forgerock.org/pipermail/openam/2012-August/028143.html browser is opened again, it is at "New Session (Invalid)" state. https://bugster.forgerock.org/jira/browse/OPENAM-3001 It's perfectly alright to see that error. From: Jason Viafora
as part of Device Print authLog In ExportXMLWordPrintable Details Type: Bug Status: Closed Priority: Major Resolution: Fixed Affects Version/s: 11.0.0 Fix Version/s: 11.0.0, 12.0.0 Component/s: authentication Labels: 11.0-MUST-FIX AME Environment: OpenAM 11.0.0-SNAPSHOT (2013-September-16 00:51) java 1.6 tomcat 6 Sprint: Sprint 38, Sprint 40 Description An internal authentication error has occurred. message is displayed when old OTP token is submitted as part of the Device Print authentication. Stack trace shows Caused by: com.iplanet.dpro.session.SessionException: Session state is invalid. Steps: 1. Setup realm to use Device Print auth as part of Auth Chain 2. Login as user in the realm, copy and paste an old OTP token into the OTP token field and click Submit Token button Expected Results Authentication failed message Actual Results: An internal authentication error has occurred. is displayed. Stack Trace from Authentication debug amAuth:09/17/2013 01:21:53:273 PM PDT: Thread[http-18080-4,5,main] Error retrieving SSOToken : com.iplanet.sso.SSOException: Session state is invalid. AQIC5wM2LY4SfcwvfrCfGHQ6YQKo7GalnJgQlnTPTnDtFAE.*AAJTSQACMDEAAlNLABQtNTM0ODIxOTk2OTM1ODIxNDQ0Mg..* at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:176) at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:192) at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:307) at com.sun.identity.authentication.service.LoginState.getSSOToken(LoginState.java:1926) at com.sun.identity.authentication.service.LoginState.logFailed(LoginState.java:4892) at com.sun.identity.authentication.service.LoginState.logFailed(LoginState.java:4849) at com.sun.identity.authentication.service.AMLoginContext.runLogin(AMLoginContext.java:786) at com.sun.identity.authentication.server.AuthContextLocal.submitRequirements(AuthContextLocal.java:699) at com.sun.identity.authentication.UI.LoginViewBean.processLoginDisplay(LoginViewBean.java:1400) at com.sun.identity.authentication.UI.LoginViewBean.processLogin(LoginViewBean.java:879) at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:541) at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServle