Access denied for user SAMLart on port 25011 -> 'soap/rpc' from 172.16.4.37

Hi All,

I’m getting the below error in IS as well as MWS. Could you please some one help me, what could be the reason of the below error.

Even, i have added the below settings to extended settings tab in IS page…

watt.server.auth.samlResolver=:/services/SAML

76]2012-03-22 08:59:33 GMT [ISS.0053.0002C] Access denied for user SAMLart on port 25011 → ‘soap/rpc’ from 172.16.4.37.
[75]2012-03-22 08:59:26 GMT [ISS.0012.0011W] Resolution of SAML artifact “AAFtd3MgICAgICAgICAgICAgICAgIDAxNjI0NjgxMTYzOTQzNzU2OTg0” failed with exception: org.opensaml.SAMLException: com.webmethods.portal.PortalException: [POP.012.0002.wm_xt_samlsecurityservice] The SAML artifact is invalid or has expired…
[74]2012-03-22 08:59:26 GMT [ISS.0053.0002C] Access denied for user administrator on port 25011 → ‘soap/rpc’ from 172.16.4.37.
[73]2012-03-22 08:59:19 GMT [ISS.0053.0002C] Access denied for user SAMLart on port 25011 → ‘soap/rpc’ from 172.16.4.37.

Your help is most appriciated.

Regards
Karthik

Karthik, Are you still facing this issue ? What are you trying to do? What are you trying to Access?

Hi Karthik/Sridhar,

Did you guys resolve this issue? I am also getting the same error. Please let us know steps taken.

Thanks and Regards,
Ninad Patil

The IS Server was throwing an error 500 for the SAML URL.

We tried to access the SAML resolver URL and it did not return response.

We checked the MWS/server/default/portal.war/WEB-INF/server-config.wsdd

And it was missing the saml service

We added the same and restarted MWS.

Also, the ACL mapping was not configured for the TN ACL’s and we reconfigured them.

After configuring the ACL’s and adding the SAML service, issue is resolved for the Customer.The IS Server was throwing an error 500 for the SAML URL. We tried to access the SAML resolver URL and it did not return response. We checked the MWS/server/default/portal.war/WEB-INF/server-config.wsdd And it was missing the saml service We added the same and restarted MWS. Also, the ACL mapping was not configured for the TN ACL’s and we reconfigured them. After configuring the ACL’s and adding the SAML service, issue is resolved for the Customer.

Hi Sridhar and all,

This issue has been resolved. The issue was related to central users not being configured.

But central user wasnot configured because it was showing as MWS upgrade not yet complete even though we had done all steps.

The issue was that a XML stored in MWS database: buildVersion.xml was still shwong verson 7.1.3. We fetched this xml by using getconfig command and updated the version, restarted the servers and it started working.

Thanks all for your help,
Ninad

Hi Ninand,

Where did you get this buildVersion.xml file? I don’t find it in MWS DB when I connected this with SQL Developer.

Thanks,
Karthik

Hi Karthik,

the config-files are not stored in clear text in the database.

Use “mws.sh -s default getconfig buildversion.xml” to rertrieve it.

The file is then located under MWS/server/default/config.

After making the change you can put it back to the database by using putconfig instead of getconfig.
Remember to remove the file stored in the file system if you wish the MWS to use the version from the database.

Regards,
Holger