on 07-19-2011 6:11 AM
Hi Experts,
we currently installed and configured PI 7.3 system. Even I run post installation PI configuration several times, we are still facing error when Integration engine sends message to messaging system. ( my scenario: I send test message to IE directly, avoiding AE )...
It might look easy: but even adding PIISUSER full authorization and system restart, the result is the same. I don't know if it could have connection but I also get HTTP 200 instead of HTTP 500 when testing INTEGRATION_DIRECTORY_HMI destination.
Thanks for any help.
<Trace level="1" type="B" name="CL_XMS_PLSRV_IE_ADAPTER-ENTER_PLSRV">
<Trace level="1" type="B" name="CL_XMS_PLSRV_CALL_XMB-CALL_XMS_HTTP" />
- <!-- ************************************
-->
<Trace level="1" type="T">error reading SAP_XIAdapterFramework from SLD</Trace>
<Trace level="1" type="T">error reading SAP_XIAdapterFramework from SLD</Trace>
<Trace level="1" type="T">Get logon data for adapter engine (SAI_AE_DETAILS_GET):</Trace>
<Trace level="1" type="T">URL = http://xxx:xxxx/MessagingSystem/receive/AFW/XI</Trace>;
<Trace level="1" type="T">User = PIISUSER</Trace>
<Trace level="1" type="T">Cached =</Trace>
<Trace level="1" type="T">Security: Basic authentication</Trace>
<Trace level="1" type="T">Serializing message object...</Trace>
<Trace level="1" type="T">Tuning - AFW_MAXREQUESTCONTENTLENGTH 2000000000</Trace>
<Trace level="1" type="T">HTTP Multipart document length: 2948</Trace>
<Trace level="1" type="T">Timeout: 0</Trace>
<Trace level="1" type="T">HTTP-client: request sent</Trace>
<Trace level="1" type="T">HTTP-client: response received</Trace>
<Trace level="1" type="T">HTTP-client: status code = 401</Trace>
<Trace level="1" type="System_Error">Authorization error while sending by HTTP (error code: 401 , error text: Unauthorized)</Trace>
</Trace>
Hi Milan,
Please ref the link for HTTP errors: /people/krishna.moorthyp/blog/2006/07/23/http-errors-in-xi
Thanks,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hareenkumar,
I think I covered HTTP 401 mention in that blog:
I re-run config wizard, with new password, restart system, even manually changed PIISUSER pwd in exchange profile + restart.
Still HTTP 401...
Maybe I could try change pwd in su01, set in exchange profile, restart and will see...
Thanks,
Milan
Hi,
So this password change in Exchange Profile + su01 transaction + system restart didn't help.
I increase trace level, and this is even more detailed log in pipeline step Call Adapter.
We also find out that when message arrive to IE we have in java log three entries:
LOGIN.FAILED
User: N/A
IP Address: xxx
Authentication Stack: sap.com/com.sap.aii.af.ms.app*MessagingSystem
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule SUFFICIENT ok exception true Received no SAP Authentication Assertion Ticket.
2. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false true
3. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule REQUISITE ok exception true Authentication did not succeed.
This log is logged under J2EE_GUEST User.
LOGIN.OK
User: SLD_CL_PIQ
IP Address: xxx
Authentication Stack: sap.com/com.sap.lcr*sld
LOGIN.OK
User: SLD_CL_PIQ
IP Address: xxx
Authentication Stack: sap.com/com.sap.lcr*sld
Last two logs are logged by SLD_CL_PIQ user.
Thanks for any help!
<!-- ************************************
-->
- <Trace level="1" type="B" name="CL_XMS_PLSRV_IE_ADAPTER-ENTER_PLSRV">
<Trace level="3" type="T">Channel for adapter engine: File</Trace>
<Trace level="1" type="B" name="CL_XMS_PLSRV_CALL_XMB-CALL_XMS_HTTP" />
- <!-- ************************************
-->
<Trace level="2" type="T">no values in cache (no lock found) - start reading from SLD</Trace>
<Trace level="1" type="T">error reading SAP_XIAdapterFramework from SLD</Trace>
<Trace level="2" type="T">Adapter Framework(s) found</Trace>
<Trace level="2" type="T">Service Port(s) found - take first one</Trace>
<Trace level="2" type="T">URL found</Trace>
<Trace level="2" type="T">no values in cache (lock found) - start reading from SLD</Trace>
<Trace level="1" type="T">error reading SAP_XIAdapterFramework from SLD</Trace>
<Trace level="2" type="T">Adapter Framework(s) found</Trace>
<Trace level="2" type="T">Service Port(s) found - take first one</Trace>
<Trace level="2" type="T">URL found</Trace>
<Trace level="1" type="T">Get logon data for adapter engine (SAI_AE_DETAILS_GET):</Trace>
<Trace level="1" type="T">URL = http://xxx/MessagingSystem/receive/AFW/XI</Trace>;
<Trace level="1" type="T">User = PIISUSERA</Trace>
<Trace level="1" type="T">Cached =</Trace>
<Trace level="3" type="T">Creating HTTP-client</Trace>
<Trace level="3" type="T">HTTP-client: creation finished</Trace>
<Trace level="1" type="T">Security: Basic authentication</Trace>
<Trace level="1" type="T">Serializing message object...</Trace>
<Trace level="1" type="T">Tuning - AFW_MAXREQUESTCONTENTLENGTH 2000000000</Trace>
<Trace level="1" type="T">HTTP Multipart document length: 2941</Trace>
<Trace level="3" type="T">HTTP-client: sending http-request...</Trace>
<Trace level="1" type="T">Timeout: 0</Trace>
<Trace level="1" type="T">HTTP-client: request sent</Trace>
<Trace level="3" type="T">HTTP-client: request sent</Trace>
<Trace level="3" type="T">HTTP-client: Receiving http-response...</Trace>
<Trace level="1" type="T">HTTP-client: response received</Trace>
<Trace level="3" type="T">HTTP-client: checking status code...</Trace>
<Trace level="1" type="T">HTTP-client: status code = 401</Trace>
<Trace level="3" type="System_Error">Authorization error while sending by HTTP (error code: 401 , error text: Unauthorized)</Trace>
</Trace>
</Trace>
Hi,
As per my understanding this might be because of user authorization...
*This role concept implies that both service users PIAFUSER and PIISUSER must be assigned the SAP_XI_APPL_SERV_USER role.
The SAP_XI_APPL_SERV_USER role also includes the authorizations for executing the IDoc Adapter and the Plain HTTP Adapter.
In the Adapter Engine and PCK, only the security role xi_af_receiver of the J2EE component sap.com/com.sap.aii.af.ms.appMessagingSystem allows the execution of incoming messages.
Look into the link for more details...
http://help.sap.com/saphelp_nw04s/helpdata/en/d4/d12940cbf2195de10000000a1550b0/content.htm
Regards,
Naveen.
If system copy process as part of the ES Repository setup is not done properly, there are some duplicated entries between the source system and the system where the copy was done. For more information, see SAP Note 1244596 u2013 Duplicate Key Exception.
In the case of authentication or authorization errors (HTTP error codes 401, 403), make sure that the user and password are defined on the receiver (in the Adapter Engine), and that the user has the appropriate role (the user needs to have the role SAP_XI_IS_SERV_USER_MAIN).
HTTP 401
o User XIAFUSER/PIAFUSER has used the wrong password.
o Check the exchange profile and transaction SU01; try to reset the password.
o Restart the Java Engine to activate changes in the exchange profile.
HTTP 401
o User XIISUSER/PIISUSER has used the wrong password.
o Check the exchange profile and transaction SU01; reset the password.
o Restart the Java Engine to activate changes in the exchange profile.
o Delete the Adapter Engine cache in transaction SXI_CACHE Goto Cache.
o Restart the message.
Regards
Pothana
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.