OTDS Authentication Issue
Hello,
I'm calling two webservices on AWP simultaneously, to create application entity and upload document using an otds ticket. now the problem is when using the same otds ticket twice, this error is raised.
Please advise.
![CDATA[The validation of an OTDS ticket has failed for the resource with the name '__OTDS#Shared#Platform#Resource__' in organization 'dev'.]]></log4j:message> <log4j:MDC><![CDATA[correlationID=00155d1a-3d09-a1eb-adc6-3bdb254699f8 host=gpwork processid=990 hopCount=0]]></log4j:MDC> <log4j:throwable><![CDATA[com.opentext.otds.OtdsException: Replay detected at com.opentext.otds.client.WebServiceOtdsCallerV2.checkWebServiceV2Response(WebServiceOtdsCallerV2.java:684) at com.opentext.otds.client.WebServiceOtdsCallerV2.validateTicket(WebServiceOtdsCallerV2.java:479) at com.opentext.otds.client.OtdsClient.parseTicket(OtdsClient.java:289) at com.opentext.otds.client.OtdsClient.validateTicket(OtdsClient.java:260) at com.cordys.security.otds.ticketclient.OTDSTicketClientImpl.validateTicket(OTDSTicketClientImpl.java:253) at com.cordys.sso.otds.identity.OTDSTicketIdentity.getOSIdentityFromOTDSTicket(OTDSTicketIdentity.java:19) at com.cordys.sso.otds.identity.OTDSTicketIdentity.<init>(OTDSTicketIdentity.java:15) at com.cordys.sso.otds.identity.OTDSTicketIdentityFactory.createIdentity(OTDSTicketIdentityFactory.java:42) at com.cordys.sso.otds.identity.OTDSTicketIdentityFactory.createIdentity(OTDSTicketIdentityFactory.java:24) at com.eibus.security.identity.UserIdentityFactory.getIdentity(UserIdentityFactory.java:139) at com.eibus.security.identity.UserIdentityFactory.determineIdentity(UserIdentityFactory.java:106) at com.eibus.soap.Processor._determineIdentity(Processor.java:1829) at com.eibus.soap.SOAPTransaction.getValidatedUserIdentity(SOAPTransaction.java:600) at com.eibus.soap.SOAPTransaction.execute(SOAPTransaction.java:336) at com.eibus.soap.SOAPTransaction.lambda$new$0(SOAPTransaction.java:252) at com.eibus.soap.SOAPTransaction.executeWithSOAPTransactionContext(SOAPTransaction.java:564) at com.eibus.soap.SOAPTransaction.<init>(SOAPTransaction.java:252) at com.eibus.soap.SOAPTransaction.<init>(SOAPTransaction.java:231) at com.eibus.soap.Processor.onReceive(Processor.java:1446) at com.eibus.soap.Processor.onReceive(Processor.java:1427) at com.eibus.connector.nom.Connector.onReceive(Connector.java:493) at com.eibus.transport.Middleware.lambda$sendMessageInThisVM$11(Middleware.java:957) at com.cordys.transaction.TransactionProvider.callInExistingTransaction(TransactionProvider.java:152) at com.cordys.transaction.TransactionProvider.createTransactionAndExecuteWork(TransactionProvider.java:133) at com.cordys.transaction.TransactionProvider.callInTransaction(TransactionProvider.java:55) at com.eibus.transport.Middleware.sendMessageInThisVM(Middleware.java:956) at com.eibus.transport.Middleware.sendMessageToRegisteredTargetOrThrowException(Middleware.java:929) at com.eibus.transport.Middleware.residesInThisVM(Middleware.java:880) at com.eibus.transport.Middleware.send(Middleware.java:689) at com.eibus.web.gateway.BusGateway.send(BusGateway.java:412) at com.eibus.web.gateway.SOAPTransaction.execute(SOAPTransaction.java:420) at com.eibus.web.gateway.SOAPTransaction.<init>(SOAPTransaction.java:254) at com.eibus.web.gateway.SOAPTransaction.<init>(SOAPTransaction.java:218) at com.eibus.web.soap.Gateway.service(Gateway.java:86) at com.eibus.web.isapi.WebApplication.handleExtensionControlBlock(WebApplication.java:101) at com.eibus.web.isapi.ServletExtensionControlBlock.handleExtensionControlBlock(ServletExtensionControlBlock.java:89) at com.eibus.web.isapi.ExtensionControlBlock.handleMethod(ExtensionControlBlock.java:156) at com.eibus.web.isapi.ExtensionControlBlock.execute(ExtensionControlBlock.java:112) at com.eibus.web.isapi.Engine$SynchronousRequestHandler.run(Engine.java:121) at com.eibus.web.isapi.Engine.processAndLog(Engine.java:94) at com.eibus.web.isapi.Engine.handleSynchronousExtensionControlBlock(Engine.java:109) at com.cordys.applicationserver.servlet.GatewayServlet.service(GatewayServlet.java:38) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.openejb.server.httpd.EEFilter.doFilter(EEFilter.java:65) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.opentext.dev.CwsDevFilter.doFilter(CwsDevFilter.java:43) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.PreemptiveAuthenticationFilter.doFilter(PreemptiveAuthenticationFilter.java:57) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.OpenEJBSecurityContextFilter.lambda$doFilter$1(OpenEJBSecurityContextFilter.java:41) at com.cordys.applicationserver.EJBContextProvider.invokeWithPlatformContext(EJBContextProvider.java:107) at com.cordys.applicationserver.EJBContextProvider.lambda$invokeWithPlatformInformation$2(EJBContextProvider.java:99) at com.cordys.applicationserver.EJBContextProviderInternal.lambda$invokeWithEJBContext$0(EJBContextProviderInternal.java:52) at com.cordys.applicationserver.PlatformContextBean.invoke(PlatformContextBean.java:20) at jdk.internal.reflect.GeneratedMethodAccessor203.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.apache.openejb.core.interceptor.ReflectionInvocationContext$Invocation.invoke(ReflectionInvocationContext.java:205) at org.apache.openejb.core.interceptor.ReflectionInvocationContext.proceed(ReflectionInvocationContext.java:186) at org.apache.openejb.monitoring.StatsInterceptor.record(StatsInterceptor.java:191) at org.apache.openejb.monitoring.StatsInterceptor.invoke(StatsInterceptor.java:102) at jdk.internal.reflect.GeneratedMethodAccessor202.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.apache.openejb.core.interceptor.ReflectionInvocationContext$Invocation.invoke(ReflectionInvocationContext.java:205) at org.apache.openejb.core.interceptor.ReflectionInvocationContext.proceed(ReflectionInvocationContext.java:186) at org.apache.openejb.core.interceptor.InterceptorStack.invoke(InterceptorStack.java:85) at org.apache.openejb.core.stateless.StatelessContainer._invoke(StatelessContainer.java:252) at org.apache.openejb.core.stateless.StatelessContainer.invoke(StatelessContainer.java:212) at org.apache.openejb.core.ivm.EjbObjectProxyHandler.synchronizedBusinessMethod(EjbObjectProxyHandler.java:265) at org.apache.openejb.core.ivm.EjbObjectProxyHandler.businessMethod(EjbObjectProxyHandler.java:260) at org.apache.openejb.core.ivm.EjbObjectProxyHandler._invoke(EjbObjectProxyHandler.java:89) at org.apache.openejb.core.ivm.BaseEjbProxyHandler.invoke(BaseEjbProxyHandler.java:349) at com.cordys.applicationserver.PlatformContextBean$$LocalBeanProxy.invoke(com/cordys/applicationserver/PlatformContextBean.java) at com.cordys.applicationserver.PlatformContextBean.invoke(PlatformContextBean.java:12) at com.cordys.applicationserver.EJBContextProviderInternal.invokeWithEJBContext(EJBContextProviderInternal.java:50) at com.cordys.applicationserver.EJBContextProvider.invokeWithPlatformInformation(EJBContextProvider.java:99) at com.cordys.applicationserver.filter.OpenEJBSecurityContextFilter.doFilter(OpenEJBSecurityContextFilter.java:39) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.IsUserInRoleFilter.doFilter(IsUserInRoleFilter.java:44) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.AuthenticationFilter.doFilter(AuthenticationFilter.java:93) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.OrganizationFallbackFilter.doFilter(OrganizationFallbackFilter.java:61) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.CrossContextRewriteFilter.doFilter(CrossContextRewriteFilter.java:61) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.ContentExpiryFilter.doFilter(ContentExpiryFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.ProcessExperienceFilter.doFilter(ProcessExperienceFilter.java:55) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.OrganizationContextFilter.doFilter(OrganizationContextFilter.java:59) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.LicenseFilter.doFilter(LicenseFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.LocaleFilter.doFilter(LocaleFilter.java:58) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.XUACompatibleFilter.doFilter(XUACompatibleFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.cordys.applicationserver.filter.VerifyPlatformIsInitializedFilter.doFilter(VerifyPlatformIsInitializedFilter.java:30) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.opentext.otdsauth.OTDSOAuthFilter.doFilter(OTDSOAuthFilter.java:87) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.opentext.otdsauth.OTDSOAuthFilter.doFilter(OTDSOAuthFilter.java:87) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:45) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke(OpenEJBSecurityListener.java:97) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1589) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) ]]></log4j:throwable> <log4j:locationInfo class="com.cordys.security.otds.ticketclient.OTDSTicketClientImpl" method="logAndCreateException" file="OTDSTicketClientImpl.java" line="260"/> </log4j:event>
Tagged:
0
Comments
-
@d_farouk, I expect you're using an OTDS resource bound ticket, maybe starting with '*VER2*'. Such a ticket can only be validated once. It is typically used to get an AppWorks specific authentication with (called SAMLart).
AppWorks Platform also supports OTDSSSO tickets, from version AWP 16.5. These tickets can be used multiple time, where above mentioned OTDS resource-bound tickets only can be validated once.
To request an OTDSSSO ticket from OTDS just send a similar request as to get an OTDS ticket, so with username and password, but don't provide the targetResourceId in the request. The returned ticket will start with '*OTDSSSO*'. It also is possible to use this ticket to get an AppWorks authentication token / SAMLart, just provide it in the same wat as an OTDS ticket.
See https://knowledge.opentext.com/knowledge/cs.dll/kcs/kbarticle/view/KB11932091
2
Categories
- All Categories
- 123 Developer Announcements
- 54 Articles
- 150 General Questions
- 148 Thrust Services
- 57 OpenText Hackathon
- 37 Developer Tools
- 20.6K Analytics
- 4.2K AppWorks
- 9K Extended ECM
- 918 Core Messaging
- 84 Digital Asset Management
- 9.4K Documentum
- 32 eDOCS
- 186 Exstream
- 39.8K TeamSite
- 1.7K Web Experience Management
- 8 XM Fax
- Follow Categories
