InternalServerError reported on token expiration rather than Unauthenticated in vSphere Automation SDK
search cancel

InternalServerError reported on token expiration rather than Unauthenticated in vSphere Automation SDK

book

Article ID: 301561

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

When a session using a non-renewable SAML token is made to vSphere API and when the token expires in this scenario and can't be renewed (thus the session is over as well), it has to report Unauthenticated and not InternalServerError.

Symptoms:

When a session/authenticated call using non-renewable SAML token is made to vCenter using the vsphere automation SDK or same call is made to vSphere REST API the following error occurs:

***
com.vmware.vapi.std.errors.internal_server_error => {data=<unset>, messages=[com.vmware.vapi.std.localizable_message => {args=[Failed trying to retrieve token: ns0:RequestFailed: EndTime: Mon May 30 02:08:49 UTC 2022 is not after startTime: Mon May 30 02:08:49 UTC 2022], default_message=Provider method implementation threw unexpected exception: Failed trying to retrieve token: ns0:RequestFailed: EndTime: Mon May 30 02:08:49 UTC 2022 is not after startTime: Mon May 30 02:08:49 UTC 2022, id=vapi.bindings.method.impl.unexpected}]}

***


Cause

It occurs when a session using a non-renewable SAML token is made to vSphere API.

Resolution

Alternate Workaround is proposed till the bug is fixed.

Workaround:

1. Request a "renewable" SAML token from SSO. (The "samlToken" used  must have the "renewable" flag set to true)

Or

2. When the client receives an InternalServerError, parse the error message. If it is of the form "Failed trying to retrieve token: ns0:RequestFailed: EndTime: {%datetime} is not after startTime:", re-login by recreating the session.

 


Additional Information

Impact/Risks:

NA


Powered by Wolken Software