Openam Admintokenaction Fatal Error Cannot Obtain Application Sso Token
Contents |
here for
Logging Configuration Class "com.sun.identity.log.s1is.logconfigreader" Failed
a quick overview of the site Help Center ssoadm fatal error: cannot obtain application sso token Detailed answers to any questions you might have Meta Discuss the workings
Check Amconfig.properties For The Following Properties
and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token up vote 69 down vote favorite 2 I was trying to install openam 12 war with apache tomcat agent as configured sso.But tried more than fifty times but am getting only error. If I change below property value as amAdmin from webagent,while calling the protected application in tomcat second instance it countinously redirecting to same page again and again but didn't get any exception. amAdmin is my admin user of openam console. OpenSSOAgentBootstrap.properties/com.sun.identity.agents.app.username = Exception in Tomcat log Apr 16, 2015 5:41:10 PM org.apache.tomcat.util.digester.Digester startElement SEVERE: Begin event threw error java.lang.ExceptionInInitializerError at com.sun.identity.agents.arch.AgentConfiguration.bootStrapClientConfiguration(AgentConfiguration.java:727) at com.sun.identity.agents.arch.AgentConfiguration.initializeConfiguration(AgentConfiguration.java:1140) at com.sun.identity.agents.arch.AgentConfiguration.
ExportXMLWordPrintableDetails Type: Bug Status: Resolved Priority: Major Resolution: Duplicate Affects Version/s: 10.1.0-Xpress Fix Version/s: None Component/s: install Labels: None Environment: Suse Linux 11.2 64bit, Tomcat 6.0.36, embeded db, JDK 1.6.0.39 Description Installation fails with AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password, refer to install.log under /opt/openam for more information. http://stackoverflow.com/questions/29676170/admintokenaction-fatal-error-cannot-obtain-application-sso-token Official version has low detail of explanation, so we used night build, which yields in more detailed messages. Details: -------------------------------------------------------- Checking configuration directory /opt/openam....Success. Installing OpenAM configuration store...Success RSA/ECB/OAEPWithSHA1AndMGF1Padding. Extracting OpenDJ, please wait...Complete Running OpenDJ setupSetup command: --cli --adminConnectorPort 4444 --baseDN dc=openam,dc=ami,dc=cz --rootUserDN https://bugster.forgerock.org/jira/browse/OPENAM-2233 cn=Directory Manager --ldapPort 50389 --skipPortCheck --rootUserPassword xxxxxxx --jmxPort 1689 --no-prompt --configFile /opt/openam/opends/config/config.ldif --doNotStart --hostname srv1.openam.ami.cz OpenDJ 2.4.6 Please wait while the setup program initializes... See /opt/tomcat6/temp/opends-setup-7851090990523436291.log for a detailed log of this operation. Configuring Directory Server ..... Done. To see basic server configuration status and configuration you can launch /opt/openam/opends/bin/status ...Success. ...Success Installing OpenAM configuration store in /opt/openam/opends...Success. Creating OpenAM suffix...Success Tag swapping schema files....Success. Loading Schema opendj_config_schema.ldif...Success. Loading Schema opendj_user_schema.ldif...Success. Loading Schema opendj_embinit.ldif...Success. Loading Schema opendj_user_index.ldif...Success. Loading Schema opendj_plugin.ldif...Success. Loading Schema cts-container.ldif...Success. Loading Schema cts-add-schema.ldif...Success. Loading Schema cts-indices-schema.ldif...Success. Loading Schema 99-oauth2attributes.ldif...Success. ...Success. Reinitializing system properties. Gliffy Diagrams Sort Name Modify Date Ascending Descending AttachmentsIssue Links duplicates OPENAM-2076 Configurator fails in 10.0.1 where it works in 10.0.0. Resolved Activity People Assignee: Peter Major Reporter:
OpenDJ OpenIDM OpenICF OpenIG Intro to Identity Downloads Forums General Discussion ForgeRock Projects OpenAM OpenIDM OpenDJ OpenIG OpenUMA DevOps Internet of Things Documentation Groups Resources Events Calendar Upcoming Event Map https://forgerock.org/topic/ssoadm-works-once-per-startup/ Add Event! ssoadm works once per startup Home Forums ForgeRock Projects OpenAM ssoadm works once per startup Learn more about our upcoming Identity Summits Tagged:amadmin, password, ssoadm This https://docs.oracle.com/cd/E19681-01/820-3745/ghtso/index.html topic contains 3 replies, has 2 voices, and was last updated by kirkm 1 year, 8 months ago. Author Posts February 12, 2015 at 8:15 pm #3070 kirkmParticipant fatal error Having problems with ssoadm working on openam 11. I get the error below and various log file and debug entries. If I restart the tomcat container and run the same exact command, the command runs fine, but only once! Subsequent running of the same command fail until I restart the container again. Any ideas what's going cannot obtain application on here? The command: ./ssoadm list-servers -u amadmin -f ./pwd.file The error output: Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password February 13, 2015 at 9:39 am #3078 Peter MajorModerator This issue seems to be slightly related: https://bugster.forgerock.org/jira/browse/OPENAM-4292 Did you modify the dsameuser (ampassword -a) or amadmin passwords recently? February 13, 2015 at 2:43 pm #3087 kirkmParticipant Thanks Peter, that gives me someplace to look. The amadmin password was changed at some point in time and have multiple people managing the system. I am unsure if the ssoadm issue started after the change. How best to sync the passwords back up? What is the correct way to change the ampassword in OpenAM 11
8.0 Release NotesPrevious: 4079: ssoadm import-svc-cfg command fails when using Directory Server as the configuration data storeNext: 2905: jss4.jar entry is missing in the ssoadm classpath3955: Unable to execute the ssoadm command You are unable to execute the ssoadm command with the get-realm due to this exception. Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password Check if the amadmin password is different from the directory manager password for the service management data store. If yes, apply the following workaround. Workaround. Modify the server configuration XML as follows: Log in to the OpenSSO Console as amadmin. Use the ssoadm.jsp get-svrcfg-xml to get the server configuration XML. Use encode.jsp to encode the amadmin password. Set the encoded password in the two places represented by amadmin-password in the XML. For example: