Skip to Content
Former Member
Nov 23, 2009 at 07:24 PM

SSO with BO XI 3.1 SP2 - All Client apps work fine, but InfoView fails


BO Experts,

I have a problem getting the SSO for Java InfoView in an 3.1 SP2


Tomcat version: 5.5.20 to work.

I followed Tim Ziembas Guide Configuring Vintela SSO in dist.environment and got to the point where all logs look fine, but the last

step - SSO with InfoViewfails

starting Designer DeskI and clicking OK without entering login data works fine

I activated debug=true in the bscLogin.conf and kerberos logging and also set the following options in Tomcat Java tab</p>

Dcom.wedgetail.idm.sso.password Djcsi.kerberos.maxpacketsize Djcsi.kerberos.debug

log file contains credentials obtained for the SPN

do not see the user name populated with AD SSO if I login with AD as login method the log contains the proper credentials and a 'commit succeeded' Manual AD login works from clients on the server and elsewhere

shows 3 tickets for the user initial flag, 1 krbtgt for the user, and 1HTTP SPN for the URL in which vintela SSO was attempted But SSO is not successful in the browser we get the following error

Account information not recognized: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName and then try again. (FWM 00006)

Please provide us a resolution.



In tomcat.log and stdout.log we see the following error

InfoViewApp Thread [http-8000-Processor23] for action threw exception java.lang.IllegalStateException ResponseFacade.sendError(ResponseFacade at javax.servlet.http.HttpServletResponseWrapper.sendError( com.businessobjects.sdk.credential.WrappedServletResponse.sendError( at com.wedgetail.idm.sso.AbstractAuthenticator.setUnauthorizedResponse(