Unable to add the AVI Load Balancer as a data source in Aria Operations for Networks (AON) / VMware vRealize Network Insight (vRNI). The AON / vRNI UI displayed the following error: 'Invalid credentials or locked account. Please verify'
In the collector log at /var/log/arkin/collector
, similar error messages were observed, highlighting issues with the Authentication Cookie Header that resulted in a 401 login failure.
YYYY-MM-DDTHH:MM:SS.SSSZ INFO dataprovider.southbound.AbstractDPConnectionEntity collector-process-msg-exec-247 isCertValidationEnabled:141 FeatureManager check false
YYYY-MM-DDTHH:MM:SS.SSSZ INFO utils.configutils.DPOperationalConfigLoader collector-process-msg-exec-247 getIntValue:121 Using default value for read.timeout.millis: 90000 for NSXALB
YYYY-MM-DDTHH:MM:SS.SSSZ INFO utils.configutils.DPOperationalConfigLoader collector-process-msg-exec-247 getIntValue:121 Using default value for read.timeout.millis: 90000 for NSXALB
YYYY-MM-DDTHH:MM:SS.SSSZ INFO vmware.nsxalb.NSXALBHttpConnectionWrapper collector-process-msg-exec-247 getNewAccessToken:72 Creating new access token using login request
YYYY-MM-DDTHH:MM:SS.SSSZ INFO vmware.nsxalb.NSXALBHttpConnectionWrapper collector-process-msg-exec-247 setAuthHeaders:121 Session creation request. Wont insert anything in headers.
YYYY-MM-DDTHH:MM:SS.SSSZ WARN client.protocol.ResponseProcessCookies collector-process-msg-exec-247 processCookies:130 Invalid cookie header: "Set-Cookie: avi-sessionid=None_ Path=/_ Expires=Wed, DD MMM YYYY 00:59:58 GMT_ Max-Age=86400_ HttpOnly_ Secure_ SameSite=None". Invalid 'expires' attribute: Wed, DD MMM YYYY 00:59:58 GMT
YYYY-MM-DDTHH:MM:SS.SSSZ WARN client.protocol.ResponseProcessCookies collector-process-msg-exec-247 processCookies:130 Invalid cookie header: "Set-Cookie: sessionid=None_ Path=/_ Expires=Wed, DD MMM YYYY 00:59:58 GMT_ Max-Age=86400_ HttpOnly_ Secure_ SameSite=None". Invalid 'expires' attribute: Wed, DD MMM YYYY 00:59:58 GMT
YYYY-MM-DDTHH:MM:SS.SSSZ WARN client.protocol.ResponseProcessCookies collector-process-msg-exec-247 processCookies:130 Invalid cookie header: "Set-Cookie: accesstoken=None_ Path=/_ Expires=Wed, DD MMM YYYY 00:59:58 GMT_ Max-Age=86400_ HttpOnly_ Secure_ SameSite=None". Invalid 'expires' attribute: Wed, DD MMM YYYY 00:59:58 GMT
YYYY-MM-DDTHH:MM:SS.SSSZ WARN client.protocol.ResponseProcessCookies collector-process-msg-exec-247 processCookies:130 Invalid cookie header: "Set-Cookie: refreshtoken=None_ Path=/_ Expires=Wed, DD MMM YYYY 00:59:58 GMT_ Max-Age=86400_ HttpOnly_ Secure_ SameSite=None". Invalid 'expires' attribute: Wed, DD MMM YYYY 00:59:58 GMT
YYYY-MM-DDTHH:MM:SS.SSSZ INFO vmware.nsxalb.NSXALBHttpConnectionWrapper collector-process-msg-exec-247 shouldRefreshToken:105 ShouldRefreshToken: /login
YYYY-MM-DDTHH:MM:SS.SSSZ INFO vmware.nsxalb.NSXALBHttpConnectionWrapper collector-process-msg-exec-247 shouldRefreshToken:107 Session create/destroy request. should not refresh tokens. path /login
YYYY-MM-DDTHH:MM:SS.SSSZ ERROR dataprovider.utils.HttpUtils collector-process-msg-exec-247 checkCodeAndThrow:53 Could not get response for /login, status 401
YYYY-MM-DDTHH:MM:SS.SSSZ ERROR dataprovider.utils.HttpUtils collector-process-msg-exec-247 checkStatusAndThrow:41 API /login error response
{"error":"Invalid credentials"}
YYYY-MM-DDTHH:MM:SS.SSSZ WARN common.utils.CommonUtils collector-process-msg-exec-247 logException:2555 Unable to create login request
com.vnera.dataproviders.core.common.impl.dataprovider.utils.exceptions.HttpException: Could not get response for /login, status 401
at com.vnera.dataproviders.core.common.impl.dataprovider.utils.HttpUtils.checkCodeAndThrow(HttpUtils.java:54) _[dataproviders-0.001-SNAPSHOT.jar:_]
at com.vnera.dataproviders.core.common.impl.dataprovider.utils.HttpUtils.checkStatusAndThrow(HttpUtils.java:34) _[dataproviders-0.001-SNAPSHOT.jar:_]
VMware Aria Operations for Networks
VMware AVI Load Balancer
Please verify Basic Authentication is enabled in AVI Load Balancer. By default, this option is disabled.
To configure the Basic Authentication:
Go to AVI Load Balancer UI > Administration > System Settings > Access, change Basic Authentication to Allowed.