Getting Intermittent Access denied Error for one of the client

Hi

We are receiving below error in our Internal Server Security log intermittently for one of the client communicating with us via RI server.

2009-10-28 08:19:58 CET Access Denied. User Default does not have permissions to invoke service:wm.tn:receive sr00210.ad.yara.com:5555 192.168.8.14 local/Default AUTHORIZATION

This is happening only with some calls from the client, while other calls go fine. This client is communicating with us over an Https ports and authenticates itself by a certificate.
We checked for the content of the request from this client in both the cases i.e. When the call from client failed and when it was successful. The content is identical in both the cases.

Please help us in resolution of this issue if anyone has faces similar issue before.

Thanks in Advance,

Ashish

Please check the certificate mapping for the client on IS. Whether it is mapped to partner id or to user as ‘default’.

Hi ,

The user mapping for certificate is done properly at internal server , it is assigned to the clients user at internal server.

Since this issue is not impacting all the transactions , I actually not see it as issue with user mapping issue at internal server.

Ashish

Ashish,
Can you tell the configuration of HTTPS port on IS and RI?

Hi ,

Sorry I was away from work for few days !:frowning:
The ports are https ports with request client certificate as authentication setting.
The ports are using server certificates defined in the certificate TAB of IS.
All other settings are default settings.

Thanks ,
Ashish

Install latest SrvPrtcl fixes plus its requirements, but also latest TN ones.
I recall there was a known issue fixed in one of them (I think in the TN one).

On the other side, if your Internal Servers are clustered, ensure both have same ACL’s.

I once had this error because not having same ACL’s in both cluster nodes.