Hi All,
We have configured SAP SSO 3.0 as SAML IdP and configured Two-Factor-Authentication with SMS Gateway (cloud API URL).
In a nutshell please see our architecture diagram. The 2FA is working more than 2 years now.
We used Java Policy script ( /accesspolicies/cfg)
But since 4 days, we are getting below error in NWA Trace. But when I used Postman app in SAP SSO server and test, then I am getting OTP (using postman) so there is no Network related issue.
There are no changes made to script or configuration on SAP SSO.
What could be reason for handshake failure ? Your inputs are highly appriciated.
Passcode cannot be sent via sms. The error is :
[EXCEPTION]
java.lang.RuntimeException: Error while silently connecting: org.w3c.www.protocol.http.HttpException: Peer sent alert: Alert Fatal: handshake failure
at org.w3c.www.protocol.http.HttpURLConnection.error(SourceFile:198)
at org.w3c.www.protocol.http.HttpURLConnection.checkReply(SourceFile:192)
at org.w3c.www.protocol.http.HttpURLConnection.getResponseCode(SourceFile:412)
at sun.reflect.GeneratedMethodAccessor732.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:225)
at org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1473)
at org.mozilla.javascript.Interpreter.interpret(Interpreter.java:815)
at org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:109)
at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
at org.mozilla.javascript.InterpretedFunction.exec(InterpretedFunction.java:120)
at com.sap.security.accesspolicies.lib.impl.AbstractExecutorEngine.internalExecute(AbstractExecutorEngine.java:310)
at com.sap.security.accesspolicies.lib.impl.AbstractExecutorEngine.execute(AbstractExecutorEngine.java:220)
at com.sap.security.accesspolicies.lib.impl.ScriptExecutionBuilderImpl.execute(ScriptExecutionBuilderImpl.java:106)
at com.sap.security.jaas.policies.PolicyBasedEngine.execPolicyMethod(PolicyBasedEngine.java:60)
at com.sap.security.jaas.policies.PolicyEngine.executePolicyMethod(PolicyEngine.java:327)
at com.sap.security.jaas.policies.PolicyEngine.executePolicyMethod(PolicyEngine.java:265)
at com.sap.security.jaas.otp.modes.OTPAndPwdMode.callPolicyScriptResultMethod(OTPAndPwdMode.java:1529)
at com.sap.security.jaas.otp.modes.OTPAndPwdMode.callFirstStageLoginScript(OTPAndPwdMode.java:1458)
at com.sap.security.jaas.otp.modes.OTPAndPwdMode.firstStageLogin(OTPAndPwdMode.java:501)
at com.sap.security.jaas.otp.modes.OTPAndPwdMode.login(OTPAndPwdMode.java:198)
at com.sap.security.jaas.otp.TOTPLoginModule.login(TOTPLoginModule.java:51)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:254)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:66)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:284)
at com.sap.security.saml2.idp.core.idstore.IdentityStoreService.doLocalLogin(IdentityStoreService.java:2210)
at com.sap.security.saml2.idp.core.idstore.IdentityStoreService.getAuthenticatedSubject(IdentityStoreService.java:1360)
at com.sap.security.saml2.idp.core.sso.SSOService.createAuthnResponse(SSOService.java:562)
at com.sap.security.saml2.idp.core.sso.SSOService.handleAuthnRequest(SSOService.java:233)
at com.sap.security.saml2.idp.core.endpoints.SSOEndPoint.doProcessFCRequest(SSOEndPoint.java:142)
at com.sap.security.saml2.idp.core.endpoints.AbstractEndPoint.processFCRequest(AbstractEndPoint.java:1314)
at com.sap.security.saml2.idp.core.endpoints.AbstractEndPoint.processRedirectPayload(AbstractEndPoint.java:1193)
at com.sap.security.saml2.idp.core.endpoints.AbstractEndPoint.doPost(AbstractEndPoint.java:252)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:152)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:38)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:466)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:210)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:439)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:428)
at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:38)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:81)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:278)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:85)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:35)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.SessionSizeFilter.process(SessionSizeFilter.java:26)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:57)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:43)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:468)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:262)
at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328).
Regards
Imran
- SAP Managed Tags:
Accepted Solutions (0)
Answers (1)
| User | Count |
|---|---|
| 78 | |
| 10 | |
| 10 | |
| 7 | |
| 7 | |
| 6 | |
| 6 | |
| 6 | |
| 5 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.