cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Error accessing Customers from sharepoint

Go to solution
RMo
Explorer

on ‎05-02-2012 3:39 PM

0 Kudos

Hello,

I completed the duet enterprise 1.0 configuration wizard. Now when I try to access Customers from sharepoint as in point 8 of Holger's troubleshooting guide, I got the same error that is there: "An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail."

Unfortunately the detailed error in SRTUTIL is different than the ones contained in the troubleshooting guide, and it is the following:

"

Invalid algorithm (expected http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 htt

Message no. WSS034

"

both for WS-Configuration and WS-Security.

Do you have any ideas of where did I do something wrong?

Thanks in Advance

Renato

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

linda_peruzzi
Participant
‎05-02-2012 6:18 PM
0 Kudos

Hi Renato,

I did find a message about this error. 

I think you have already reran the program WSS_SETUP in your Gateway server with the settings outlined in the Duet Enterprise Installation Guide.

According to the message, you need to do the following additional steps to fix the issue.  I haven't had to do this so not sure it will fix the issue but I would first do step 1 and retest.  If it still does not work, move onto the next steps.

1) SAML profile: Deactivate and Reactivate

2) regenerate the BDC models

3) import them again into sharepoint

4) and then execute the scenario from Sharepoint.

Let me know how it goes.

...Linda

Show replies
Show replies
RMo
Explorer
‎05-03-2012 9:32 AM
0 Kudos

Hi Linda,

thank you for your reply.

I did what you suggested and after first step ( SAML profile: Deactivate and Reactivate) I have now have a different error:

"The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="SAP NetWeaver Application Server [<SID>/100]"

where <SID> is my SAP system ID.

I found this error in Holger's troubleshooting guide, but the resolution suggested was in place already.

Do you have any other ideas?

I don't know where to set change the client Authentication scheme (if this is needed) and how to check if it is set to 'Anonymous'.

Thank you

Renato


Former Member
‎05-03-2012 10:58 AM
0 Kudos

Hi Renato,

so if you open the WSDL from the Account.xml you do see the settings mentioned in the troubleshooting guide, like in the RequestSecurityTokenTemplate.

Regards,

  Holger.

RMo
Explorer
‎05-03-2012 11:24 AM
0 Kudos

Hi Holger,

not sure if I did what you are saying.

I did the following:

"Resolution 1:

If you have used the Duet Enterprise Wizard, this should not happen anymore. First check any of the WSDLs that were created for the SAML based endpoints. Go to SOAMANAGER -> Service Administration -> Single Service Configuration and search (for example for the IWXManageReports_In_V1).Then select this service and from the Overview click on the “Open WSDL document for selected binding or service”

then searched for the entry:

<sp:RequestSecurityTokenTemplate>

<wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</wst:KeyType>

<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</wst:TokenType>

....

and the was there. The same for the AlgorithmSuite TripleDesSha256Rsa15.

I did the same for IWXManageCustomerIn and IWXManageProductIn that I suppose are related to my problem.

Where do I have to look for the Account.xml file to search the AlgorithmSuite and the RequestSecurityTokenTemplate?

Thanks

Renato

Former Member
‎05-03-2012 4:46 PM
0 Kudos

Hi Renato,

that looks very good. Can you just doublecheck that the SAML Profile used in SOAMANAGER has the name SharePoint for the SAML Issuer (as outlined in the troubleshooting guide?).

Then please remove the BDC models from SharePoint one more time, export a new set via the BDC Publisher from SAP and reimport the "new" models in SharePoint.

Hopefully that helps.

Regards,

Holger.

RMo
Explorer
‎05-04-2012 11:04 AM
0 Kudos

Hi Holger,

SAML profile used is correct (as per trouboleshooting guide).

I removed the BDC models from Sharepoint then exported a new and finally imported them again in sharepoint.

Now when i try to access customers or products I have the following error:

"Access denied by Business Data Connectivity"

I checked in  SharePoint 2010 Central Administration on the server -> Manage service applications -> Business Data Connectivity Service ->Set Object Permissions on the services in the BDC

and I saw "nt authority/authenticated users"  with the following permissions ticked:

Execute

Selectable In Clients

Is this related to the new problem?

What next?

Thanks

Renato

Former Member
‎05-04-2012 11:16 AM
0 Kudos

Hi,

in Business Data Connectivity Service can you go to "Set Metadata Store Permissions", add "All Authenticated Users", select "

RMo
Explorer
‎05-04-2012 11:39 AM
0 Kudos

Hi Holger,

sorry I didn't realized that I was connecting with the wrong user.

I tried again and now it works finally!!!

It has been a little tricky but finally I can see both products and customers ...

Thank you very much for your help

Bye

Renato

Answers (0)

Ask a Question