URGENT : Worflow Issue with Siteminder (SSO problem)

GreatKarur

Hi Guys,

We are having the following environments,

Webtop 6.6, Content Server 6.0 and Siteminder.

Without the SSO everything is works fine. However when we enable SSO (with Siteminder) we having issue with workflow,

Step 1 : (In WebTop) Tools ---> Workflow ---> Start

Step 2 : Select the workflow template and press Ok

Step 3 : Provide the Workflow name and press Next

Step 4 : Press Next

Step 5 : Getting following error,

06:57:54,661 ERROR [tomcat-http--5] com.documentum.web.common.Trace - Failed to create session manager. : [DM_SESSION_E_AUTH_FAIL]error: "Authentication failed for user tenv\test1 with docbase localdev."

DfPrincipalException:: THREAD: tomcat-http--5; MSG: [DM_SESSION_E_AUTH_FAIL]error: "Authentication failed for user tenv\test1 with docbase localdev."; ERRORCODE: 100; NEXT: null

at com.documentum.fc.client.DfPrincipalException.convertToPrincipalException(DfPrincipalException.java:23)

at com.documentum.fc.client.DfDefaultPrincipalSupport.getSession(DfDefaultPrincipalSupport.java:75)

at com.documentum.fc.client.impl.session.PrincipalAwareSessionFactory.newPrincipalSession(PrincipalAwareSessionFactory.java:41)

at com.documentum.fc.client.impl.session.PrincipalAwareSessionFactory.newSession(PrincipalAwareSessionFactory.java:33)

at com.documentum.fc.client.impl.session.PooledSessionFactory.newSession(PooledSessionFactory.java:47)

at com.documentum.fc.client.impl.session.SessionManager.getSessionFromFactory(SessionManager.java:111)

Somewhat i decompile the EMC classes and found the error is thrown in "com.documentum.web.common.job.JobExecutionService" while hitting the line

com.documentum.fc.client.IDfSessionManager newDfSessionManager = SessionManagerHttpBinding.getNewDfSessionManager();

of execJobAfterPre() method.

I enabled auth-trace in the repository and captured the following log statements,

Fri Nov 25 01:40:58 2011 255992: 10658[10658] AT 10658: Start-AuthenticateDomain:LogonName(tenv\test1), UserExtraDomain(tenv), auth_protocol()

Fri Nov 25 01:40:58 2011 256530: 10658[10658] AT 10658: AuthenticateDomain - no domain required:domainOverride(False), user_login_domain(QA_PKI_LDAP), serverAuthTarget(), userAuthTarget(tenv)

Fri Nov 25 01:40:58 2011 257304 [DM_USER_E_LOGON_DOM_NO_MATCH_USR]error: "You cannot authenticate against 'TENV' domain."

Fri Nov 25 01:40:58 2011 257561: 10658[10658] AT 10658: End-AuthenticateDomain:

Fri Nov 25 01:40:58 2011 258000: 10658[10658] AT 10658: failure

Is it becaue of EMC product issue ?

Any help is highly appreciated.

Regards,

Rajkumar Sukumar

Find more posts tagged with

Note:

If there are Accepted Answers, those will be shown by default. You can switch to 'All Replies' by selecting the tab below.

Accepted answers

GreatKarur

Hi,

The issue is because of product issue. I raised an EMC SR ticket and the issue got resolved.

Regards,

Raj

All comments

Documentumguru

make sure dm_bof_registry user is Active. Clear the cache ans try.

GreatKarur

Yes, dm_bof_registry is active and so many times we have cleared the cache and recycled the server, however still we got the same issue.

Regards,

Raj

GreatKarur

Hi,

The issue is because of product issue. I raised an EMC SR ticket and the issue got resolved.

Regards,

Raj