I have a problem getting the SSO for Java InfoView in an 3.1 SP2
Tomcat version: 5.5.20 to work.
I followed Tim Ziembas Guide Configuring Vintela SSO in dist.environment and got to the point where all logs look fine, but the last
step - SSO with InfoViewfails
starting Designer DeskI and clicking OK without entering login data works fine
I activated debug=true in the bscLogin.conf and kerberos logging and also set the following options in Tomcat Java tab</p>
Dcom.wedgetail.idm.sso.password Djcsi.kerberos.maxpacketsize Djcsi.kerberos.debug
log file contains credentials obtained for the SPN
do not see the user name populated with AD SSO if I login with AD as login method the log contains the proper credentials and a 'commit succeeded' Manual AD login works from clients on the server and elsewhere
shows 3 tickets for the user initial flag, 1 krbtgt for the user, and 1HTTP SPN for the URL in which vintela SSO was attempted But SSO is not successful in the browser we get the following error
Account information not recognized: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName and then try again. (FWM 00006)
Please provide us a resolution.
In tomcat.log and stdout.log we see the following error
InfoViewApp Thread [http-8000-Processor23] for action threw exception java.lang.IllegalStateException ResponseFacade.sendError(ResponseFacade at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:117) com.businessobjects.sdk.credential.WrappedServletResponse.sendError(WrappedServletResponse.java:30) at com.wedgetail.idm.sso.AbstractAuthenticator.setUnauthorizedResponse(AbstractAuthenticator.java:1328)