Symantec Privileged Access Management

  • Private Community
 View Only

  • 1.  Incorrect Login Credentials Provided - CA PAMSC

    Posted Aug 13, 2018 03:42 PM
      |   view attached

    Hi Community

     

    I have the error "Incorrect Login Credentials Provided" when I try to access CA PAM Server Control, checking the jboss / server / default / Server.log log I find the following registers, any idea of what is happening?

     

    2018-08-13 14:38:35,263 ERROR [ims.llsdk.directory.jndi.searcher] Exception outside Connection
    2018-08-13 14:38:35,264 ERROR [ims.llsdk.directory.jndi.searcher] JAVA.LANG.NULLPOINTEREXCEPTION
            AT COM.NETEGRITY.LLSDK6.IMSIMPL.DIRECTORY.JNDI.JNDISEARCHER.GETLDAPCONNECTION(JNDISEARCHER.JAVA:710)
            AT COM.NETEGRITY.LLSDK6.IMSIMPL.DIRECTORY.JNDI.JNDISEARCHER.GETPAGEDSEARCHUNIT(JNDISEARCHER.JAVA:465)
            AT COM.NETEGRITY.LLSDK6.IMSIMPL.DIRECTORY.JNDI.JNDISEARCHER.EVALUATESEARCHUNIT(JNDISEARCHER.JAVA:317)
            AT COM.NETEGRITY.LLSDK6.IMSIMPL.DIRECTORY.JNDI.JNDISEARCHER.FINDOBJECTS(JNDISEARCHER.JAVA:2691)
            AT COM.NETEGRITY.LLSDK6.IMSIMPL.PROVIDER.USERPROVIDERIMPL.FINDUSERS(USERPROVIDERIMPL.JAVA:307)
            AT COM.CA.ACCESSCONTROL.SECURITY.ACAUTHENTICATIONMODULE.DISAMBIGUATEUSER(ACAUTHENTICATIONMODULE.JAVA:152)
            AT COM.NETEGRITY.WEBAPP.AUTHENTICATION.FRAMEWORKLOGINFILTER.DISAMBIGUATEUSER(FRAMEWORKLOGINFILTER.JAVA:706)
            AT COM.NETEGRITY.WEBAPP.AUTHENTICATION.FRAMEWORKLOGINFILTER.DOFILTER(FRAMEWORKLOGINFILTER.JAVA:439)
            AT ORG.APACHE.CATALINA.CORE.APPLICATIONFILTERCHAIN.INTERNALDOFILTER(APPLICATIONFILTERCHAIN.JAVA:235)
            AT ORG.APACHE.CATALINA.CORE.APPLICATIONFILTERCHAIN.DOFILTER(APPLICATIONFILTERCHAIN.JAVA:206)
            AT COM.NETEGRITY.WEBAPP.FILTER.ENCODINGFILTER.DOFILTER(ENCODINGFILTER.JAVA:48)
            AT ORG.APACHE.CATALINA.CORE.APPLICATIONFILTERCHAIN.INTERNALDOFILTER(APPLICATIONFILTERCHAIN.JAVA:235)
            AT ORG.APACHE.CATALINA.CORE.APPLICATIONFILTERCHAIN.DOFILTER(APPLICATIONFILTERCHAIN.JAVA:206)
            AT ORG.JBOSS.WEB.TOMCAT.FILTERS.REPLYHEADERFILTER.DOFILTER(REPLYHEADERFILTER.JAVA:96)
            AT ORG.APACHE.CATALINA.CORE.APPLICATIONFILTERCHAIN.INTERNALDOFILTER(APPLICATIONFILTERCHAIN.JAVA:235)
            AT ORG.APACHE.CATALINA.CORE.APPLICATIONFILTERCHAIN.DOFILTER(APPLICATIONFILTERCHAIN.JAVA:206)
            AT ORG.APACHE.CATALINA.CORE.STANDARDWRAPPERVALVE.INVOKE(STANDARDWRAPPERVALVE.JAVA:231)
            AT ORG.APACHE.CATALINA.CORE.STANDARDCONTEXTVALVE.INVOKE(STANDARDCONTEXTVALVE.JAVA:173)
            AT ORG.JBOSS.WEB.TOMCAT.SECURITY.SECURITYASSOCIATIONVALVE.INVOKE(SECURITYASSOCIATIONVALVE.JAVA:182)
            AT ORG.JBOSS.WEB.TOMCAT.SECURITY.JACCCONTEXTVALVE.INVOKE(JACCCONTEXTVALVE.JAVA:84)
            AT ORG.APACHE.CATALINA.CORE.STANDARDHOSTVALVE.INVOKE(STANDARDHOSTVALVE.JAVA:128)
            AT ORG.APACHE.CATALINA.VALVES.ERRORREPORTVALVE.INVOKE(ERRORREPORTVALVE.JAVA:104)
            AT ORG.JBOSS.WEB.TOMCAT.SERVICE.JCA.CACHEDCONNECTIONVALVE.INVOKE(CACHEDCONNECTIONVALVE.JAVA:157)
            AT ORG.APACHE.CATALINA.CORE.STANDARDENGINEVALVE.INVOKE(STANDARDENGINEVALVE.JAVA:109)
            AT ORG.APACHE.CATALINA.CONNECTOR.COYOTEADAPTER.SERVICE(COYOTEADAPTER.JAVA:241)
            AT ORG.APACHE.COYOTE.HTTP11.HTTP11PROCESSOR.PROCESS(HTTP11PROCESSOR.JAVA:844)
            AT ORG.APACHE.COYOTE.HTTP11.HTTP11PROTOCOL$HTTP11CONNECTIONHANDLER.PROCESS(HTTP11PROTOCOL.JAVA:583)
            AT ORG.APACHE.TOMCAT.UTIL.NET.JIOENDPOINT$WORKER.RUN(JIOENDPOINT.JAVA:447)
            AT JAVA.LANG.THREAD.RUN(THREAD.JAVA:745)

     

    2018-08-13 14:38:35,264 ERROR [STDERR] java.lang.NullPointerException
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.llsdk6.imsimpl.directory.jndi.JndiSearcher.getPagedSearchUnit(JndiSearcher.java:475)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.llsdk6.imsimpl.directory.jndi.JndiSearcher.evaluateSearchUnit(JndiSearcher.java:317)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.llsdk6.imsimpl.directory.jndi.JndiSearcher.findObjects(JndiSearcher.java:2691)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.llsdk6.imsimpl.provider.UserProviderImpl.findUsers(UserProviderImpl.java:307)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.ca.accesscontrol.security.ACAuthenticationModule.disambiguateUser(ACAuthenticationModule.java:152)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.webapp.authentication.FrameworkLoginFilter.disambiguateUser(FrameworkLoginFilter.java:706)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:439)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at com.netegrity.webapp.filter.EncodingFilter.doFilter(EncodingFilter.java:48)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
    2018-08-13 14:38:35,264 ERROR [STDERR]  at java.lang.Thread.run(Thread.java:745)
    2018-08-13 14:38:35,299 INFO  [STDOUT] [Mon Aug 13 14:38:35 COT 2018] [Info] CsrfGuard analyzing request /iam/app/ac/js/jstz.min.js
    2018-08-13 14:38:35,306 INFO  [STDOUT] [Mon Aug 13 14:38:35 COT 2018] [Info] CsrfGuard analyzing request /iam/ui/scripts/jquery-1.9.1.js
    2018-08-13 14:38:35,352 INFO  [STDOUT] [Mon Aug 13 14:38:35 COT 2018] [Info] CsrfGuard analyzing request /iam/StickyCaptcha/stickyImg

    Attachment(s)

    zip
    Communi server.log.zip   1 KB 1 version


  • 2.  Re: Incorrect Login Credentials Provided - CA PAMSC

    Posted Aug 13, 2018 04:03 PM

    Hi Julian,

     

    I have looked through your server.log and did not find anything pertinent.  Are you sure you captured the problem entirely through reproduction?  This server.log only shows 2:38 PM time stamps.

     

    When you authenticate against the PAMSC UI, which account are you using?  Are you using an embedded account, or a LDAP account?  What is the account name?  It may be best to try and reproduce the issue once more, but before doing so, you can put Jboss into debug mode if you are accessing the PAMSC UI for certain.

     

    To set Jboss in debug mode update, '/jboss-4.2.3.GA/server/default/conf/jboss-log4j.xml', under the file appender update the threshold value to debug.

    Example:


    <appender name ="FILE" class="org.jboss.logging.appender.DailyRollingFileAppender">
    <param name="Threshold" value="DEBUG"/>

    You can debug different categories by adding the following to the jboss-log4j.xml file:

    <category name ="com.ca.ppm">
    <priority vaule="DEBUG" />
    </category>

     

    You can resubmit the server.log to this same thread and hopefully there can be something to investigate.  If we still do not see anything, then it may be best to open up a Support case and have a WebEx, though I see you have one case opened (01166144).

     

    Thanks,

    Eric