search cancel

Error : login.microsoftonline.com Name or service not known on WAOP

book

Article ID: 228963

calendar_today

Updated On:

Products

CA Single Sign On Federation (SiteMinder) SITEMINDER

Issue/Introduction

 

When running a Web Agent Option Pack as OAuth 2.0 client with
Microsoft Azure AD as OAuth 2.0 Authorization server, Web Agent
Option Pack reports error 500 when handling the Azure response :

  GET https://myclient.mydomain.com/affwebservices/public/oauthtokenconsumer/
  a26fa4fb-c8w5-4979-932e-ce9665b582be?code=0.AV8A6Di2CHYGzEW2d1wDixfSivukb6K12HlJky7OlmW1gr5fAAA
  [...]
  a1-bc0b-5e979fcbc927

    HTTP/1.1 500 Internal Error occured while trying to process the request.
    Transaction ID: 1a3876e9-093736ac-61581d02-931efffc-370f6303-4 failed.
    Date: Wed, 17 Nov 2021 15:47:43 GMT
    Server: Apache
    X-Powered-By: ServletExec/6.0.0.2_39, Servlet/2.5, JSP/2.1

    The following error occurred: 500 - Internal Error occured while
    trying to process the request. Transaction ID:
    1a3876e9-093736ac-61581d02-931efffc-370f6303-4 failed.

    FWSTrace.log :

     [11/17/2021][16:47:43][3901][92698368][1a3876e9-093736ac-61581d02-931efffc-370f6303-4]
     [OAuthUtils.java][traceSensitiveMessage][Access token request:
     grant_type=authorization_code&code=0.AV8A6Di2CHYGzEW2d1wDixfSivukb6K12HlJky7OlmW1gr5fAAA
     .AQABAAIAAAD--DLA3VO7QrddgJg7WevrYXoJ0wQWEIkYahSeC4xtHsxiVBoy7lY_WE3Wb8LfHkyx8q7DYHP6N
     [...]
     &redirect_uri=https%3A%2F%2Fmyclient.mydomain.com%2Faffwebservices%2Fpublic
     %2Foauthtokenconsumer%2Fa26fa4fb-c8w5-4979-932e-ce9665b582be
     &client_id=a26fa4fb-c8w5-4979-932e-ce9665b582be&client_secret=<Value not shown>]

     [11/17/2021][16:47:46][3901][92698368][1a3876e9-093736ac-61581d02-931efffc-370f6303-4]
     [FWSBase.java][getAllCAcerts][Obtained CA certificates from policy server. Total Certs received: 3]

     [11/17/2021][16:47:46][3901][92698368][1a3876e9-093736ac-61581d02-931efffc-370f6303-4]
     [MessageDispatcher.java][dispatchMessage][Dispatcher object thrown unknown exception while processing the message.
     Message: login.microsoftonline.com: Name or service not known.]

     [11/17/2021][16:47:46][3901][92698368][1a3876e9-093736ac-61581d02-931efffc-370f6303-4]
     [MessageDispatcher.java][dispatchMessage][Exception:

     java.net.UnknownHostException: login.microsoftonline.com: Name or service not known
      at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method)
      at java.net.InetAddress$2.lookupAllHostAddr(InetAddress.java:928)
      at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1323)

     [11/17/2021][16:47:46][3901][92698368][1a3876e9-093736ac-61581d02-931efffc-370f6303-4]
     [OAuth20Utils][sendClientMessage][Exception occured while sending an OAuth message:
     Exception occurred while message dispatcher (srca) object trying to send SOAP request
     message to the SAML producer.]

     [11/17/2021][16:47:46][3901][92698368][1a3876e9-093736ac-61581d02-931efffc-370f6303-4]
     [TokenConsumer.java][setupFailureDefault]
     [Ending OAuth service request processing with HTTP error 500]

 

Environment

 

  Policy Server 12.8SP5 on RedHat 7;
  Web Agent Option Pack 12.52SP1CR09 on ServletExec 6 on RedHat 6;

 

Resolution

 

  - Set up communication with the login.microsoftonline.com and make
    sure that the FQDN is fully resolved on the Web Agent Option Pack
    machine;

  - To diagnostic the FQDN problem futher, open a console on the Web
    Agent Option Pack machine and run the following commands as root
    (1):

    # nslookup login.microsoftonline.com
    # dig login.microsoftonline.com
    # host login.microsoftonline.com

    and check that each command as well as that from /etc/hosts file
    the login.microsoftonline.com is resolved.

 

Additional Information

 

(1)

    A strange UnknownHostException

      If it is a dual stack (ipv6 + v4) Java prefers ipv6.

      You can force it to prefer ipv4, if your ipv6 is misconfigured somehow.

      Set system property with: -Djava.net.preferIPv4Stack=true

      [...]

      i have had the same exception and solved it by setting my hostname
      manually in /etc/hosts for the 'localhost' entry both.

      127.0.0.1       localhost DL006285-linux

      # special IPv6 addresses
      ::1             localhost ipv6-localhost ipv6-loopback DL006285-linux

    https://stackoverflow.com/questions/18056979/a-strange-unknownhostexception