OBIEE 11g: Error: " [nQSError: 43126] Authentication failed: invalid user/password. " Logging into OBIEE After Setting up OID Authentication

(Doc ID 1406758.1)

Last updated on DECEMBER 01, 2016

Applies to:

Business Intelligence Server Enterprise Edition - Version 11.1.1.5.0 [1308] and later
Business Intelligence Suite Enterprise Edition - Version 11.1.1.5.0 [1308] and later
Information in this document applies to any platform.
***Checked for relevance on 02-Oct-2013***
***Checked for relevance on 02-Apr-2015***

Symptoms

You have defined Oracle Internet Directory (OID) as an alternative authenticator. You have followed the steps in Oracle Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition 11g Release 1 (11.1.1) Part Number E10543-04.

You able to see all the OID users and groups in Weblogic Console, but cannot log in to OBIEE with those users.

If you define a new trusted user (BISystemUser) in OID, set credentials, roles and deleting BISystemUser in defaultauthenticator, no users can log in, even those defined to defaultauthenticator. Adding BISystemUser back to defaultauthenticator and after refreshing GUIDs, you can log in with users defined to defauthenticator, but not with users defined in OID.

In the BI Server log file you see the following error:

[2012-01-20T15:55:23.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000] [tid: 1] [13026] Error in getting roles from BI Security Service: 'Error Message From BI Security Service: FailedAuthentication : The security token cannot be authenticated.'


You see the following error in bi_server1 diagnostics log after restarting the Weblogic servers:

[2012-01-20T10:55:23.890-05:00] [bi_server1] [ERROR] [WSM-00006] [oracle.wsm.resources.security] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00008 : Web service authentication failed..
[2012-01-20T10:55:23.893-05:00] [bi_server1] [ERROR] [WSM-07607] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token executor class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.
[2012-01-20T10:55:23.897-05:00] [bi_server1] [ERROR] [WSM-07602] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in WS-Policy Execution due to exception.
[2012-01-20T10:55:23.901-05:00] [bi_server1] [ERROR] [WSM-07501] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in Oracle WSM Agent process Request, category=security, function=agent.function.service, application=bimiddleware, composite=null, modelObj=SecurityService, policy=oracle/wss_username_token_service_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token.
[2012-01-20T10:55:23.906-05:00] [bi_server1] [ERROR] [] [oracle.wsm.agent.handler.wls.WSMAgentHook] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 000JKwmQyjB4MumLGqP5if00049v000000,0:816] [APP: bimiddleware#11.1.1]
WSMAgentHook: An Exception is thrown: FailedAuthentication : The security token cannot be authenticated.


You see this error in bi_server1 log when sigining in as OID user:

[2012-01-20T11:23:39.196-05:00] [bi_server1] [ERROR] [WSM-00006] [oracle.wsm.resources.security] [tid: [ACTIVE].Execute Thread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:
132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00008 : Web service authentication failed..
[2012-01-20T11:23:39.200-05:00] [bi_server1] [ERROR] [WSM-07607] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token executor class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.
[2012-01-20T11:23:39.202-05:00] [bi_server1] [ERROR] [WSM-07602] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in WS-Policy Execution due to exception.
[2012-01-20T11:23:39.204-05:00] [bi_server1] [ERROR] [WSM-07501] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] [APP: bimiddleware#11.1.1] Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=bimiddleware, composite=null, modelObj=SecurityService, policy=oracle/wss_username_token_service_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token.
[2012-01-20T11:23:39.207-05:00] [bi_server1] [ERROR] [] [oracle.wsm.agent.handler.wls.WSMAgentHook] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6,0:1:1:8:1] [APP: bimiddleware#11.1.1] WSMAgentHook: An Exception is thrown: FailedAuthentication : The security token cannot be authenticated.


You see this error in BI Server log when signing on as an OID user:

[2012-01-20T16:23:39.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6] [tid: 35e] Error Message From BI Security Service: FailedAuthentication : The security token cannot be authenticated.
[2012-01-20T16:23:39.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 7e47987bc6c89334:452ebbf2:132162bd67f:-8000-00000000001fa6f6] [tid: 35e] [nQSError: 43126] Authentication failed: invalid user/password.

Changes

Some security changes were made in Enterprise Manager.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms