cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO, WinAD and Design Studio Client

alexander_stettler
Participant

on ‎05-03-2013 11:53 AM

0 Kudos

Hello,

I've some trouble to implement Single-Sign-On for the Design Studio Client application. If I check the Option Single-Sign-On [X] Enabled in the logon screen, I'll get the following error message:

An exception occured during Single-Sign-On:

java.lang.ClassCastException: org.ietf.jgss.GSSException cannot be cast to [B...

See the documentation for Single-Sign-On using Kerberos.


So far, I've added the following two lines to the Analysis.ini file, which is located in the root folder of the Design Studio client:

-Djava.security.auth.login.config=C:\Windows\bscLogin.conf

-Djava.security.krb5.conf=C:\Windows\krb5.ini

The bscLogin.conf contains the following lines:

sap.bo.dsws.client {

com.sun.security.auth.module.Krb5LoginModule required

debug=true

useTicketCache=true;

};

Is there something else missing?

Is it possible to trace the SSO authentication?

Best Regards,

Alex

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

alexander_stettler
Participant
‎05-03-2013 2:29 PM
0 Kudos

Hi all,

in the meantime, I've found a "solution" for my issue...

I could find a GLF log file in the the directory %appdata%\Analysis-workspace\.metadata\.plugins\com.sap.ip.bi.zen\logs\TraceLog with the following entry:

|C5322AECEDC44AC7A114EA0D7D6FD4FC1|2013 05 03 14:42:00.130|+0200|Error|Error|>>|E| |TraceLog| 3872|   1|main        com.businessobjects.dsws.SPNegoAction||LoginContext failed. No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Illegal key size))

This issue could be solved with the installation of the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6, which can be found on the ORACLE website.

After the Installation, a new exception occurred:

|B3718910827449A1913371FB447B88EF1|2013 05 03 15:10:05.362|+0200|Error|Error|>>|E| |TraceLog| 4072|   1|main        com.businessobjects.dsws.SPNegoAction||LoginContext failed. No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Integrity check on decrypted field failed (31)))

This could be "solved", if you start ZEN as administrator. OK, it's only a workaround and not really nice. Thus, does someone of you know a better way for this issue?

Best Regards,

Alex

Show replies
Show replies
Former Member
‎05-26-2013 9:44 PM
0 Kudos

Did you solve this issue?

alexander_stettler
Participant
‎05-27-2013 8:15 AM
0 Kudos

Sorry, I had no time to work on this issue the last few weeks...

former_member234201
Discoverer
‎09-18-2013 12:33 PM
0 Kudos

Hello,

This is the same thing for me. Need to "Run as Administrator" for SSO from Design Studio (1.1) to work.

I changed the User Account Control settings to "Never Notify" and it is no longer necessary to run as administrator.

If someone knows of a better way, I would be glad.

Note : Crystal for Enterprise behaves the same.

Web Services are setup properly : Query as a Web Service and Analysis Office SSO work fine.

Using BI 4.1 SP01 as back-end.

Cheers.

Joel

Former Member
‎04-24-2014 10:09 AM
0 Kudos

That solved the issue for us - with Jre7 as well! Thanks!

"UnlimitedJCEPolicyJDK7.zip"

Ask a Question