Hi,

 

Recently I am facing an issue wherein when I update the partnership in Admin UI the change does not reflect and in turn when accessing the application url it gives 403 error. PFB the logs in FWSTrace,

 

affwebserv.log:[8612/119647088][Wed Oct 31 2018 04:29:05][SSO.java][ERROR][sm-FedClient-02890] Transaction with ID: 2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df failed. Reason: NO_PROVIDER_INFO_FOUND (, , )
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][doGet][SAML2 Single Sign-On Service received GET request.]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][FWSBase.java][doRequestLog][Requesting Host IP: 153.88.244.5 Request protocol: HTTP/1.1 Request was secure: false Authentication type: null]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][doGet][Query String: SPID=6connexstage]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][getSavedRequestDataUsingGuid][Enter getSavedRequestDataUsingGuid]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][doGet][Request is UNSOLICITED!]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][processRequest][Reading SAML 2.0 SP Configuration [CHECKPOINT = SSOSAML2_SPCONFREAD_REQ]]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAML2Base.java][getServiceProviderInfo][Trying to fetch SAML2.0 SP Configuration from cache [CHECKPOINT = SAML2_SPCONFFROMCACHE_REQ]]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAMLTunnelClient.java][getServiceProviderInfoByID][Provider ID: 6connexstage.]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAMLTunnelClient.java][getServiceProviderInfoByID][Tunnel result code: 1.]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAMLTunnelClient.java][getServiceProviderInfoByID][SAMLTunnelStatus: 5, ]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAML2Base.java][getServiceProviderInfo][SAML2.0 SP Configuration is not in cache. Requesting to get from policy server [CHECKPOINT = SSOSAML2_SPCONFFROMPS_REQ]]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAML2Base.java][getServiceProviderInfo][Could not find service provider information for sp: 6connexstage Message: .]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SAML2Base.java][getServiceProviderInfo][Could not find service provider information for idp: 6connexstage.]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][processRequest][Transaction with ID: 2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df failed. Reason: NO_PROVIDER_INFO_FOUND]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][processRequest][No SAML2 provider information found for SP 6connexstage.]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][SSO.java][processRequest][Ending SAML2 Single Sign-On Service request processing with HTTP error 400]
FWSTrace.log:[10/31/2018][04:29:05][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f274e9cc-12de7dce-df][ErrorRedirectionHandler.java][redirectToErrorPage][Sending HTTP Error 403 ]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][Entering the agent.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][Virtual Host: wamproxy]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][Using session scheme: default]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][Using default user agent]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessRequest][Start new request.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmResourceManager::ProcessResource][Calling SM_WAF_HTTP_PLUGIN->ProcessResource.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResource][Resolved HTTP_HOST: ‘wam-proxy.ericsson.net’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResource][Resolved hostname: ‘wam-proxy.ericsson.net’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResource][Resolved agentname: ‘srp-wamslo’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ResolveClientIp][Resolved Client IP address ‘::1’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResource][Resolved URL: ‘/slo_proxy/lb.html’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResource][Resolved METHOD: ‘GET’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResource][Resolved cookie domain: ‘.ericsson.net’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmResourceManager::ProcessResource][SM_WAF_HTTP_PLUGIN->ProcessResource returned SmSuccess.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmResourceManager::ProcessResource][Calling SM_WAF_SPS_PLUGIN->ProcessResource.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmResourceManager::ProcessResource][SM_WAF_SPS_PLUGIN->ProcessResource returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::EstablishSession][Calling SM_WAF_HTTP_PLUGIN->EstablishSession.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::EstablishSession][SM_WAF_HTTP_PLUGIN->EstablishSession returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::EstablishSession][Calling SM_WAF_SPS_PLUGIN->EstablishSession.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::EstablishSession][SM_WAF_SPS_PLUGIN->EstablishSession returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][IsResourceProtected][Resource is protected from cache.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][Calling SM_WAF_HTTP_PLUGIN->ProcessResponses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResponses][Processing IsProtected responses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][SM_WAF_HTTP_PLUGIN->ProcessResponses returned SmSuccess.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][Calling SM_WAF_SPS_PLUGIN->ProcessResponses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][SM_WAF_SPS_PLUGIN->ProcessResponses returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmCredentialManager::GatherCredentials][Calling SM_WAF_HTTP_PLUGIN->ProcessCredentials.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][DeleteCookie][Deleted cookie ‘SMCHALLENGE’.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpCredCore::GatherBasicCredentials][Decoded BASIC Context – User ‘ewamsvc’]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmCredentialManager::GatherCredentials][SM_WAF_HTTP_PLUGIN->ProcessCredentials returned SmSuccess.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmCredentialManager::GatherCredentials][Calling SM_WAF_SPS_PLUGIN->ProcessCredentials.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmCredentialManager::GatherCredentials][SM_WAF_SPS_PLUGIN->ProcessCredentials returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][AuthenticateUser][User ‘ewamsvc’ is authenticated by Policy Server.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][Calling SM_WAF_HTTP_PLUGIN->ProcessResponses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResponses][Processing Authentication responses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][SM_WAF_HTTP_PLUGIN->ProcessResponses returned SmSuccess.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][Calling SM_WAF_SPS_PLUGIN->ProcessResponses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][SM_WAF_SPS_PLUGIN->ProcessResponses returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::CreateSession][Calling SM_WAF_HTTP_PLUGIN->CreateSession.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::CreateSession][Generated SMSESSION cookie.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::CreateSession][SM_WAF_HTTP_PLUGIN->CreateSession returned SmSuccess.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::CreateSession][Calling SM_WAF_SPS_PLUGIN->CreateSession.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmSessionManager::CreateSession][SM_WAF_SPS_PLUGIN->CreateSession returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][AuthorizeUser][User ‘CN=ewamsvc,OU=CA,OU=User,OU=P001,OU=ID,OU=Data,DC=pegad,DC=ericsson,DC=se’ is authorized by Policy Server.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][Calling SM_WAF_HTTP_PLUGIN->ProcessResponses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResponses][Processing Authorization responses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][CSmHttpPlugin::ProcessResponses][Removing HTTP cache request headers.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][SM_WAF_HTTP_PLUGIN->ProcessResponses returned SmSuccess.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][Calling SM_WAF_SPS_PLUGIN->ProcessResponses.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessResponses][SM_WAF_SPS_PLUGIN->ProcessResponses returned SmNoAction.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessRequest][AuthorizationManager returned SmYes, end new request.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProcessRequest][End new request.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][ProxyValve.invoke() Setting HTTP status to 200 allowing this request to proceeed. Return Code from HLA = 4]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][Tomcat5serializedAgentData::setStatus()][Setting response status = 200]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][The agent finished processing the request.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][SmProxyRules.processRules][Proxy Rules Debug: Evaluating Condition: Type: null, Case: ‘wam-proxy.ericsson.net:80’ equals ‘wam-proxy.ericsson.net:80’]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][SmProxyRules.processRules][Proxy Rules Debug: Condition satisfied]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][SmProxyRules.processRules][Proxy Rules Debug: Evaluating Condition: Type: null, Case: ‘/slo_proxy/lb.html’ beginswith ‘/slo_proxy/’]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][SmProxyRules.processRules][Proxy Rules Debug: Condition satisfied]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][SmProxyRules.processRules][Dispatching to service FORWARD with url http://localhost:50170/wam-test/lb.html]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][Noodle::service][Method is: GET Content length is: 0]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][execute][Sending request to backend = localhost:50170 url = http://localhost:50170/wam-test/lb.html]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][requestConnection(): ][Get connection: HttpRoute[{}->http://localhost:50170], timeout = 180000]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][openConnection()][Connecting to localhost/127.0.0.1:50170]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][execute][Response status code from backend webserver is 200]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][Noodle::doGet][Noodle.proxyRequest succeeded. Writing out response data if available]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][releaseConnection(): ][Released connection is reusable.]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][Noodle::doGet][Returned streamed content length of 190]
sag-trace.log:[10/30/2018][09:35:47][8612][119647088][2bac3b3d-7e2e67be-986ddeec-f273eb6d-e1514870-df][ProxyValve::invoke][Leaving the agent.]

 

This is only happening after partnership is updated. Whereas existing partnerships are working as expected, but if anyone is updated that gives same error.

 

I checked the server.log on the Admin UI and there are WARN logs which state Cannot access the policy server cache updates state. There are error logs as well, Handle action failed.

 

There are warn logs stating Specified partnership object does not have a known extension class. Most operation will fail also in the server.log file.

 

There are no specific logs on the policy server for the same.

 

This issue is only in case of partnership update. No such issue is there when updating domains.

 

Any comments or resolution on the same will be highly appreciated.

 

Regards,

Pankaj Sharma


Source: New feed
{pubDate}

Leave a Reply

Your email address will not be published. Required fields are marked *