When trying to login to NFA 9.3.3 I receive HTTP ERROR 500 Problem accessing /sso/sign-in-process.jsp'.

book

Article ID: 35431

calendar_today

Updated On:

Products

CA Network Flow Analysis (NetQos / NFA)

Issue/Introduction

Problem: 

When trying to login to NFA 9.3.3 I receive the error below after entering my user credentials:

HTTP ERROR 500

Problem accessing /sso/sign-in-process.jsp. Reason:

    System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Security.Cryptography.CryptographicException: The input data is not a complete block.
   at System.Security.Cryptography.CapiSymmetricAlgorithm.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.Read(Byte[] buffer, Int32 offset, Int32 count)
   at System.IO.StreamReader.ReadBuffer()
   at System.IO.StreamReader.ReadToEnd()
   at NetQoS.ReporterAnalyzer.Business.RASingleSignOn.DecryptFromBytesUsingAES(Byte[] bytes, Byte[] key, Byte[] initializationVector)
   at NetQoS.ReporterAnalyzer.Business.RASingleSignOn.DecryptCAPCBytesAES(Byte[] bytes)
   at NetQoS.ReporterAnalyzer.Business.RASingleSignOn.DecryptCAPCURLString(String base64URLString)
   at NetQoS.ReporterAnalyzer.Business.RASingleSignOn.GetProperty(String propName)
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
   at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at NetQoS.Core.Services.Controller.InvokeMethod(Object objectItem, String methodName, Object[] parameters)
   at NetQoS.DataSource.WebService.CallMethod.Invoke(String interfaceName, String methodName, Object[] parameters)
   at NetQoS.DataSource.WebService.SingleSignOnWS.GetProperty(String propName)
   --- End of inner exception stack trace ---

The "Test LDAP" Option in the NFA SSO Config Tool will thrown and error stating "Invalid option Selected" like below:

<Please see attached file for image>

LDAP_InvalidOption.png

 

Environment:  

NFA 9.3.3 linked to CAPC as a Data Source.

Cause: 

Local Override set in NFA for the "LDAP Connection Password" is not encrypted by the NFA SSO Configuration tool, however the NFA 9.3.3 SSO Module expects the LDAP Password to be encrypted if you are linked to CAPC.  This will only happen if NFA is linked to CAPC, and should not occur with NPC, UIM, or NFA Stanalone.

Resolution/Workaround:

1. Make sure the CAPC SSO Settings have the LDAP Connection Password set with "Remote Override" so that the password will sync down to NFA.  If you make any changes make sure to resync the NFA Data Source.

2. Remove the "Local Override" in NFA for the "LDAP Connection Password" by running the query below on the NFA Console server:

mysql -P3308 -D reporter -t -e "delete from performance_center_properties where PropName = 'LdapConnectionPassword' and Priority = 2;"

3. Attempt to login to NFA again.

Additional Information:

 

CAPC SSO Configuration Guide

 

Environment

Release:
Component: NQRACO

Attachments

1558697334145000035431_sktwi1f5rjvs16nrs.png get_app