IDM connection to JasperReports Server fails with "IAM is Unauthorized to access the resource"
search cancel

IDM connection to JasperReports Server fails with "IAM is Unauthorized to access the resource"

book

Article ID: 437544

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager

Issue/Introduction

When testing connectivity between CA Identity Manager (IDM) and JasperReports Server, the following error appears in the logs or Management Console:

 

ERROR [com.ca.ims.jasperreporting.JasperUtils] Exception occurred while getting the Reports... Exception details are com.ca.ims.jasperreporting.JasperException: IAM is Unauthorized to access the resource. Full authentication is required to access this resource.

Environment

  • CA Identity Suite / Virtual Appliance 14.x
  • JasperReports Server 8.x

Cause

The jasperserver.log indicates a conflict with an existing user: 

ERROR ExternalUserSetupProcessor - Error processing external user IAM: Internally defined user IAM already exists. Please contact an admin user to resolve the issue. 

The integration fails because it cannot map the external "IAM" user while a local/internal user with the same name already exists in the Jasper database.

Resolution

  1. Log in to the JasperReports Server as an administrator (e.g., superuser).
  2. Navigate to Manage > Users.
  3. Locate the user named IAM.
  4. Delete the internal IAM user.
  5. In the CA Identity Manager Management Console, go to the Jasper configuration and click Test Connection.
  6. The connection should now succeed as the system can properly initialize the external user.

Additional Information

Another possible cause is the missing or unsync iam.jks and iam.properties files, see the document below how to copy these files to the correct folders

Configure Token-Based Authentication

 

Powered by Wolken Software