OBIEE 11g: Error: " [nQSError: 43126] Authentication failed: invalid user/password. " Logging into OBIEE After Setting up OID Authentication
(Doc ID 1406758.1)
Last updated on FEBRUARY 14, 2022
Applies to:
Business Intelligence Server Enterprise Edition - Version 11.1.1.5.0 [1308] and laterBusiness Intelligence Suite Enterprise Edition - Version 11.1.1.5.0 [1308] and later
Information in this document applies to any platform.
Symptoms
You have defined Oracle Internet Directory (OID) as an alternative authenticator. You have followed the steps in Oracle Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition 11g Release 1 (11.1.1) Part Number E10543-04.
You able to see all the OID users and groups in Weblogic Console, but cannot log in to OBIEE with those users.
If you define a new trusted user (BISystemUser) in OID, set credentials, roles and deleting BISystemUser in defaultauthenticator, no users can log in, even those defined to defaultauthenticator. Adding BISystemUser back to defaultauthenticator and after refreshing GUIDs, you can log in with users defined to defauthenticator, but not with users defined in OID.
In the BI Server log file you see the following error:
[2012-01-20T15:55:23.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000] [tid: 1] [13026] Error in getting roles from BI Security Service: 'Error Message From BI Security Service: FailedAuthentication : The security token cannot be authenticated.'
You see the following error in bi_server1 diagnostics log after restarting the Weblogic servers:
[2012-01-20T10:55:23.890-05:00] [bi_server1] [ERROR] [WSM-00006] [oracle.wsm.resources.security] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00008 : Web service authentication failed..
[2012-01-20T10:55:23.893-05:00] [bi_server1] [ERROR] [WSM-07607] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token executor class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.
[2012-01-20T10:55:23.897-05:00] [bi_server1] [ERROR] [WSM-07602] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in WS-Policy Execution due to exception.
[2012-01-20T10:55:23.901-05:00] [bi_server1] [ERROR] [WSM-07501] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in Oracle WSM Agent process Request, category=security, function=agent.function.service, application=bimiddleware, composite=null, modelObj=SecurityService, policy=oracle/wss_username_token_service_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token.
[2012-01-20T10:55:23.906-05:00] [bi_server1] [ERROR] [] [oracle.wsm.agent.handler.wls.WSMAgentHook] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [APP: bimiddleware#11.1.1]
WSMAgentHook: An Exception is thrown: FailedAuthentication : The security token cannot be authenticated.
You see this error in bi_server1 log when sigining in as OID user:
[2012-01-20T11:23:39.196-05:00] [bi_server1] [ERROR] [WSM-00006] [oracle.wsm.resources.security] [tid: [ACTIVE].Execute Thread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:
132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00008 : Web service authentication failed..
[2012-01-20T11:23:39.200-05:00] [bi_server1] [ERROR] [WSM-07607] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token executor class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.
[2012-01-20T11:23:39.202-05:00] [bi_server1] [ERROR] [WSM-07602] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in WS-Policy Execution due to exception.
[2012-01-20T11:23:39.204-05:00] [bi_server1] [ERROR] [WSM-07501] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=bimiddleware, composite=null, modelObj=SecurityService, policy=oracle/wss_username_token_service_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token.
[2012-01-20T11:23:39.207-05:00] [bi_server1] [ERROR] [] [oracle.wsm.agent.handler.wls.WSMAgentHook] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [APP: bimiddleware#11.1.1] WSMAgentHook: An Exception is thrown: FailedAuthentication : The security token cannot be authenticated.
You see this error in BI Server log when signing on as an OID user:
[2012-01-20T16:23:39.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6] [tid: 35e] Error Message From BI Security Service: FailedAuthentication : The security token cannot be authenticated.
[2012-01-20T16:23:39.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6] [tid: 35e] [nQSError: 43126] Authentication failed: invalid user/password.
Changes
Some security changes were made in Enterprise Manager.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |