Skip to Content

Can't get DataServices TA QUERY_STRING to work, InfoSteward TA works. (decrypt fails)

1) Information Steward Trusted Authentication is working with same user (dsuser) on same machine.
2) DataServices Management Console Trusted Authentication is not working (dsuser or administrator) - see trace errors below
3) I can successfully login to DataServices Management Console as dsuser with ldap authentication

Settings from tomcat/webapps/DataServices/WEB-INF/web.xml
———————————————————————————————————————

<context-param>
<param-name>sso.enabled</param-name>
<param-value>true</param-value>
</context-param>

<context-param>
<param-name>trusted.auth.user.retrieval</param-name>
<param-value>QUERY_STRING</param-value>
</context-param>

<context-param>
<param-name>trusted.auth.user.param</param-name>
<param-value>user</param-value>
</context-param>


cms trace for DataServices Trusted Authentication attempt: user=dsuser
———————————————————————————————————————
|||||||||||Found a working alias: secLDAP:cn=dsuser, cn=users, dc=war, dc=com^^
|||||||||||Decoding as header version 1^^
BCM error: Could not finish CCL decryption^^
failed UTF8 -> UCS2 conversion^^
CEnterprise::AcceptLogin: SCrypt: failed to decrypt client's request for trusted authentication.^^
Invalid password for user dsuser^^

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • May 03 at 10:38 AM

    That is what is curious. I have gone through the KBA procedure about 5 times. If you look back at 1) above, Information Steward TA on the same machine works fine, so, it seems like the trustedprincipal.conf must be ok.

    Add comment
    10|10000 characters needed characters exceeded

  • May 02 at 05:37 AM

    Daniel Boquist

    Can you please confirm if you have followed the SAP Notefor setting up Trusted Authentication

    2298284 - Setting up Trusted Authentication for Information Steward using QUERY_STRING

    Looks like the trustedprincipal.conf was not updated properly. Refer below SAP Note

    1593628 - Setting up Trusted Authentication in BI4 for BIlaunchPad and Opendocument using QUERY_STRING [Video]

    Regards

    Arun Sasi

    Add comment
    10|10000 characters needed characters exceeded