Hi,

i have this session error at login using Identity Application 4.5.5 on
Suse 11 SP4 os :

com.netiq.idm.auth.oauth.OAuthFilter- [RBPM] SSO Header issued by SSO
Filter oauth for User cn=admin,o=gsecoll.
2017-01-09 12:36:10,373 [http-bio-8080-exec-1] INFO
com.novell.common.auth.saml.AuthTokenGenerator- [RBPM] SAML Token is
issued by the request from SSO filter oauth
Sending assertion
Evaluate challenge called, m_sent == 1
Response: result={0}
Result: 0
2017-01-09 12:36:10,523 [http-bio-8080-exec-1] INFO
com.novell.pwdmgt.util.PasswordHelper- [RBPM] [Login_Success]
cn=admin,o=gsecoll successfully logged in.
2017-01-09 12:36:10,675 [http-bio-8080-exec-1] INFO
org.apache.struts.tiles.TilesRequestProcessor- Tiles definition factory
found for request processor ''.


And this error at admin logout:

2017-01-09 13:03:21,138 [http-bio-8080-exec-4] TRACE
password.pwm.util.ServletHelper- {c} user locale set to 'it'
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,164 [http-bio-8080-exec-4] TRACE
password.pwm.SessionFilter- {c} http non-secure request headers:
[10.159.3.52/desktop-sr1eb3e.risorse.int]
host=10.160.16.172:8080
connection=keep-alive
upgrade-insecure-requests=1
user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87
Safari/537.36

accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8

referer=http://10.160.16.172:8080/IDM/portal/cn/DefaultContainerPage/MyProfile
accept-encoding=gzip, deflate, sdch
accept-language=it-IT,it;q=0.8,en-US;q=0.6,en;q=0.4

cookie=x-oidp-oauth2-1483963303165--947493745="V8BLOAUXkNpSOsqBIUmsQfW3qAzl0rU05Fem1n3 PPsELPNvN/q7kD4NlJgwtxa1RLbut4J0jXtPedFXNR9bssJtM/SZUPokqihe14EYENbMxu0jR5TDtOf3XPT1Y/UnLKPHEsapVhYWWufWZnaXWDnoEmrnfw7NB/ZwaZ@/g7opgYAaa0KhH@bHb81@ZudL/@TYNWJNowGnvGQrm4VdQWbN6ItmjvYDcclofisBWnXw1IShdRN Ue0/rtl5FmDvHZPiwiI87Mv2JLXPDq9W/0Ne3xFCVaROcFjJmt@V1Z2m@1rX/TCPq5LsFJbaFpHB8onNii2WYvbfBrOHKhTMgOJzEVCWp2RxbTe UzCb4rj9RAcZ6@6HcvsoUSsjuKnH/1gzvWfPG7NfPBlpcRCnihB4g~~";
netiq_idm_rbpm_acsrf=f0029701-0b47-42cd-ae6d-a13319b26b7f;
idm-locale-cookie=it;
x-oidp-session59303D34382C2D310=200-TVGVP/FZGSQ0QZZA2I4OKUMFXDTIFWSKYRKWLTF1-132EC-5257!1!5257!120!127!nAkFKVGjHNpEUMgWQddWDYls/sNw0yNjotAJxZryzyQ~!btOAPtTpgNiW7JQ4vMIWvBtr4gv3T9 wuBLu1Vs94Fn5o4w511KQhMjc1Dv5HfhcPQK0u27H4jkY+v8+s mI0W2gjYDC9oi2LbiQlec4sFF8ESqGKdCYBTe0d1KDt4oh1RWB nAfPFJovM2y4weos9z84yUWkxfZqNTQioVaTrNy1XnWL6jCPAt KPqXGp+e/epRbne+Grq4cb8ALCKU1JUtiOXSHwGEqzrwCPYQsaXRpOW0bQS f5dUwoi5xLfnI52ZvhhGPSr0yK8Jx8jX6p4DfwBfK1+d8BTtfK gZTVOE0ZD+sicPpsVBniOB//quqSui8XIF4lqcGwVejL6+MDT3DIS56iDXPVt0wXnffL5xNbDN UyJBKc3yrt+eA9uHjs4aozvqSx3k2a9W3R7QMz5ludMIN/XgcTq6JVcPF4NYwfCU~
dnt=1
2017-01-09 13:03:21,170 [http-bio-8080-exec-4] TRACE
password.pwm.SessionFilter- {c} GET request for: /sspr/public/Logout
[10.159.3.52/desktop-sr1eb3e.risorse.int]

logoutURL='http://10.160.16.172:8080/osp/a/idm/auth/app/logout?logout-n=2&target=http://10.160.16.172:8080/IDM/logout.do?logout=true'
2017-01-09 13:03:21,180 [http-bio-8080-exec-4] TRACE
password.pwm.SessionFilter- {c} session has not been validated,
redirecting with verification key to http://tinyurl.com/jns5rp8
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,200 [http-bio-8080-exec-8] TRACE
password.pwm.SessionFilter- {c} GET request for: /sspr/public/Logout
[10.159.3.52/desktop-sr1eb3e.risorse.int]

logoutURL='http://10.160.16.172:8080/osp/a/idm/auth/app/logout?logout-n=2&target=http://10.160.16.172:8080/IDM/logout.do?logout=true'

session_verification_key='d3F1Mb7z4DaCgfDZHnmdubiZ LahfSOpR159831c8390'
2017-01-09 13:03:21,203 [http-bio-8080-exec-8] TRACE
password.pwm.SessionFilter- {c} session validated, redirecting to
original request url: http://tinyurl.com/zmzdpof
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,219 [http-bio-8080-exec-8] TRACE
password.pwm.SessionFilter- {c} GET request for: /sspr/public/Logout
[10.159.3.52/desktop-sr1eb3e.risorse.int]

logoutURL='http://10.160.16.172:8080/osp/a/idm/auth/app/logout?logout-n=2&target=http://10.160.16.172:8080/IDM/logout.do?logout=true'
2017-01-09 13:03:21,223 [http-bio-8080-exec-8] TRACE
password.pwm.util.Helper- {c} beginning test of requested redirect URL:
http://tinyurl.com/hfmoloc [10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,223 [http-bio-8080-exec-8] TRACE
password.pwm.util.Helper- {c} will test parsed and decoded URL:
http://10.160.16.172:8080/osp/a/idm/auth/app/logout
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,223 [http-bio-8080-exec-8] DEBUG
password.pwm.util.Helper- {c} positive URL match for pattern:
http://10.160.16.172:8080 [10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,224 [http-bio-8080-exec-8] DEBUG
password.pwm.SessionFilter- {c} logoutURL parameter detected in request,
setting session logout url to http://tinyurl.com/hfmoloc
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,228 [http-bio-8080-exec-8] DEBUG
password.pwm.servlet.LogoutServlet- {c} processing logout request from
user [10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,235 [http-bio-8080-exec-8] TRACE
password.pwm.servlet.LogoutServlet- {c} redirecting user to session
parameter set logout url:http://tinyurl.com/hfmoloc
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,235 [http-bio-8080-exec-8] DEBUG
password.pwm.PwmSession- {c} invalidating session
[10.159.3.52/desktop-sr1eb3e.risorse.int]
2017-01-09 13:03:21,333 [http-bio-8080-exec-8] ERROR
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/IDM].[jsp]-
Servlet.service() for servlet jsp threw exception
com.sssw.fw.exception.EboSecurityException: Denied access to this
framework element.
at
com.sssw.portal.manager.EboPortalManager.getContai nerPageInfo(EboPortalManager.java:1948)
at
com.sssw.portal.manager.EboPortalManager.getContai nerPageInfo(EboPortalManager.java:1893)
at
com.novell.afw.portal.aggregation.EboPortalAggrega tionHelper.redirectToPortalHomePage(EboPortalAggre gationHelper.java:1508)

It seems a session token error

Time sync is ok
Saml Attribute in EDirectory is ok

Could you help me?
Thank a lot


--
rossfalc2010
------------------------------------------------------------------------
rossfalc2010's Profile: https://forums.netiq.com/member.php?userid=2329
View this thread: https://forums.netiq.com/showthread.php?t=57166