RSA Product/Service Type: Authentication Manager, java api jar rsa-authapi-java-8.1.1.jar
RSA Version/Condition: 6.x
Server Timeout
User TIME's access is denied
RSA SecurID authentication does not work. When the aserver is placed in debug mode using the options -DDEBUG=SECURID, on initial test server message the following is logged:
2013-06-28 11:18:53,765 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - e.a():? - currentServer.checkIP
2013-06-28 11:18:53,767 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - Sending 124 bytes to 10.137.127.25; contents:
67 5 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0
2013-06-28 11:18:53,768 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.b():? - Enterring getResponse
2013-06-28 11:18:53,769 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - Enterring getTimeoutValue(AceRequest AceTimeRequest[Abstrac
tAceRequest[ hdr=AcePacketHeader[Type=103 Ver=5 AppID=2 Enc=NOT-ENCRYPTED Hi-Proto=5 Opt=0 CirID=0] created=1372439933765 trailer=null] response=none])
2013-06-28 11:18:53,770 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - authRequest is an instance of AceTimeRequest
2013-06-28 11:18:53,771 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - Enterring getTimeoutValue(AceTimeRequest AceTimeRequest[Abs
tractAceRequest[ hdr=AcePacketHeader[Type=103 Ver=5 AppID=2 Enc=NOT-ENCRYPTED Hi-Proto=5 Opt=0 CirID=0] created=1372439933765 trailer=null] response=none])
2013-06-28 11:18:53,772 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - offset: 200
2013-06-28 11:18:53,772 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - increment: 100
2013-06-28 11:18:53,772 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.a():? - consecutive suspensions: 6
2013-06-28 11:18:53,773 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.b():? - Timeout is 800
2013-06-28 11:18:53,774 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - b.b():? - Current retries: 0
2013-06-28 11:18:54,444 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b - e.a():? - Server Timeout : AcmServerInfo[ serverAddress = 10.137.127
.25 addressStatus = 44 serverStatus = 17 aliases = aliasOptions = 0 consecutiveSuspensions = 6 averageNetTurnaround = 0 worstNetTurnaround = 0 lastTimeUse
d = 0 runPriority = 10 sdoptsPriority = 0 suspendTime = 1372437993250]
Additional error messages for this failure are as follows:
2013-06-28 11:21:39,749 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b - b.b():? - receive timeout: java.net.SocketTimeoutException: Receive t
imed out
2013-06-28 11:21:39,750 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b - a.b():? - Error receiving request: com.rsa.ace.techservice.udpserver.
a: Error receiving packet Timeout: java.net.SocketTimeoutException: Receive timed out
2013-06-28 11:21:39,750 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b - a.a():? - Response status is: 1
2013-06-28 11:21:39,750 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b - a.a():? - Authenticaton failed for TIME !
2013-06-28 11:21:39,750 WARN [pool-7-thread-1] com.rsa.authagent.authapi.logger.c - User TIME's access is denied.
The Access Manager server which uses the Authentication Manager api jar was on a multihomed host and the Authentication API client is unable to bind to Authentication Manager.
You must set the correct IP address from which the authentication will be sent (the IP address of the Access Manager authentication server) in either the aserver.conf or the auth api jar file's rsa_api.properties file.IP.
In the aserver.conf:
cleartrust.aserver.authn.securid_agent_host=
In rsa_api.properties file:
#RSA Authentication API Properties
#Override Host IP Address
RSA_AGENT_HOST=xxx.xxx.xxx.xxx
Related Articles
RSA SecurID Software Token Administrator's Guide Number of Views How to ignore username's NTLM or "down-level logon name" domain name prefix sent by a radius client or agent in RSA Authen… Number of Views When running the RSA SecurID Authentication Agent for PAM's acetest utility, getting error: Cannot Do AceInitialize for c… Number of Views RSA MFA Agent 3.0 for Microsoft AD FS Administrator's Guide Number of Views Microsoft’s Internet Information Server must be installed prior to starting the RSA Authentication Agent for Web for IIS i… Number of Views
Trending Articles
How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager Upgrade Process
