Authentication Failed for User IDM with FailedLoginException
search cancel

Authentication Failed for User IDM with FailedLoginException

book

Article ID: 47253

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

Symptoms: 

When Identity Manager (IM) workflow is turned on, the managed server .out log shows the below error message and the environment fails to startup:

13:26:33,701 ERROR [com.workpoint.client.connect.ClientContextEJB] An error occured while attempting to get a connection to the server.

java.rmi.RemoteException: NamingException caught attempting to locate the 'ServerConfigPvt_EJB' object. Please verify that the server is running and the client configuration is correct.; nested exception is:

       javax.naming.AuthenticationException: [Security:090304]Authentication Failed: User IDM javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User IDM denied [Root exception is javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User IDM javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User IDM denied]

       at com.workpoint.client.connect.ClientContextEJB.A(Unknown Source)

       at com.workpoint.client.connect.ClientContextEJB.getServerConfigPvt(Unknown Source)

       at com.workpoint.client.ClientContext.retrieveAuthInfo(Unknown Source)

       at com.workpoint.servlet.client.WpClientServlet.A(Unknown Source)

       at com.workpoint.servlet.client.WpClientServlet.init(Unknown Source)

       at javax.servlet.GenericServlet.init(GenericServlet.java:240)

       at com.netegrity.webapp.filter.ConsolePageFilter.init(ConsolePageFilter.java:121)

       at weblogic.servlet.internal.FilterManager$FilterInitAction.run(FilterManager.java:374)

…….

Caused by: javax.naming.AuthenticationException: [Security:090304]Authentication Failed: User IDM javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User IDM denied [Root exception is javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User IDM javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User IDM denied]

       at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:44)

       at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:808)

       at weblogic.jndi.WLInitialContextFactoryDelegate.pushSubject(WLInitialContextFactoryDelegate.java:690)

       at weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:485)

       at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:373)

 

 Environment:  

Identity Manager R12.6 SP8

Weblogic 12.1.3

OS Windows 2008 SP2

 

Cause: 

Weblogic uses the default “IDM” user and its password in ra.xml file under

<Oracle_Midleware_domain_path>\iam_im.ear\workflow.rar\META-INF\

 

and workpoint-client.properties under

<Oracle_Midleware_domain_path>\iam_im.ear\config\

for authentication.

By default, the password for “IDM” user is “password” in ra.xml

and in workpoint-client.properties

 

 

Environment

Release: CAIDMB99000-12.6.8-Identity Manager-B to B
Component:

Resolution

Resolution:

IDM” user in workpoint-client.properties and ra.xml needs to be updated with correct password.

1.       Verify that “IDM” user exists in Weblogic:

 

 

 

 

Note: you can change IDM password from here by selecting IDM  -->  select Passwords tab  -->  enter new password --> click Save.

2.       Stop Identity Manager application server:

3.       Enter password of “IDM” user in ra.xml

 

Save the change.

4.       Enter the password of “IDM” user in workpoint-client.properties:

 

5.       Start Identity Manager application server and verify the error no longer appears.