This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Karl Lopgerobergobu
Mar 27, 2013, 1:53 PM
7 Posts

Managed Account

  • Category: Domino Administrator
  • Platform: Windows
  • Release: 9.0
  • Role: Administrator
  • Tags:
  • Replies: 6

Hi Guys,

Just like everybody else, I'm struggeling with having this Open Social working between Notes 9 and Connections 4.

I created the Managed Account just as described in SHOW110, and it is neatly being pushed to Notes clients via de policy. I also added the widgets and distributed them to the clients. (please see screens).

But when the update widged is opened, it remains blank.

In the logs I see the following:

 

CWPST0306W: An exception occurred while invoking the target method login.
javax.security.auth.login.LoginException: Single Sign-On configuration is invalid
	at com.ibm.workplace.internal.notes.security.auth.LtpaLoginModule.login(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at com.ibm.rcp.security.auth.ExtLoginModuleProxy.invokeImpl(Unknown Source)
	at com.ibm.rcp.internal.security.AbstractProxy.invoke(Unknown Source)
	at $Proxy0.login(Unknown Source)
	at com.ibm.rcp.security.auth.ExtLoginModuleProxy.login(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at javax.security.auth.login.LoginContext.invoke(Unknown Source)
	at javax.security.auth.login.LoginContext.access$000(Unknown Source)
	at javax.security.auth.login.LoginContext$4.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Unknown Source)
	at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
	at javax.security.auth.login.LoginContext.login(Unknown Source)
	at com.ibm.rcp.security.auth.service.AbstractLoginService.login(Unknown Source)
	at com.ibm.rcp.accounts.internal.AccountsLoginContextServiceImpl.login(Unknown Source)
	at com.ibm.rcp.net.http.internal.URLConnectionFactory.getURLConnection(Unknown Source)
	at com.ibm.rcp.net.http.internal.URLConnectionFactory.getURLConnection(Unknown Source)
	at com.ibm.rcp.net.http.internal.protocol.HttpsURLConnection.<init>(Unknown Source)
	at com.ibm.rcp.net.http.internal.protocol.HttpsHandler.createURLConnection(Unknown Source)
	at com.ibm.rcp.net.http.internal.protocol.BaseHandler.openConnection(Unknown Source)
	at com.ibm.rcp.net.http.internal.protocol.BaseHandler.openConnection(Unknown Source)
	at org.eclipse.osgi.framework.internal.protocol.URLStreamHandlerProxy.openConnection(Unknown Source)
	at java.net.URL.openConnection(Unknown Source)
	at java.net.URL.openStream(Unknown Source)
	at com.ibm.fiesta.notes.security.ContainerSecurityTokenProvider$2.run(Unknown Source)
	at org.eclipse.core.internal.jobs.Worker.run(Unknown Source)

Anyone an idea what is going wrong?

Many thanks in advance.

Marco Janssen

~Joseph Nimjumimanettu
Mar 27, 2013, 2:18 PM
34 Posts
RE: Managed Account
Hi Marco,

What type of Web SSO Configuration do you have configured for your "server.acme.corp" server?

Best regards,
-Stanton
~Karl Lopgerobergobu
Mar 27, 2013, 2:26 PM
7 Posts
RE: Managed Account

 


Hi Stanton,

Thanks for your reply. 

I created an screenshot with a Acme version of our SSO doc but can't edit it to this post.

I have an Internet Site SSO doc with Websphere Token1 and 2 imported. SSO between Webmail and Connections is working perfectly.

 

~Joseph Nimjumimanettu
Mar 28, 2013, 11:27 AM
34 Posts
RE: Managed Account
Marco, your screenshot didn't make it.  I cannot see it in your second post, although I see the screenshots in the first post.  I'm not sure the difference in how you posted the screenshots between the first and second post.  Can you try again?

Thanks,
-Stanton
~Karl Lopgerobergobu
Mar 28, 2013, 8:21 PM
7 Posts
RE: Managed Account

I don't know if you can see the screenshot.

I can if I edit the reply, but not when I'm viewing the complete topic. Can I send it to you directly?

~Joseph Nimjumimanettu
Mar 30, 2013, 4:06 PM
34 Posts
RE: Managed Account
I can see the screenshot this time.  Thanks for posting it again.

Is the hostname for acme/Corp server.acme.corp?
I see the server name in your account is "https://server.acme.corp/fiesta/container".  What is the "Gadget Server URL" setting in the "Widgets" tab of your desktop policy settings?  Does it authority part of the URL match, including both the hostname and the scheme?
Are you using internet site documents for your server acme/Corp?  You have an organization in your SSO document, which should only be present if you are using internet site documents.  See http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin85.doc%2FH_ENABLING_SINGLE_SIGN_ON_FOR_DOMINO_AND_WEBSPHERE_SERVERS_STEPS.html

This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal