'There was a problem processing your request' error when attempting to delete expired tokens in RSA Authentication Manager 8.x
Originally Published: 2017-07-13
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
Unexpected error during command com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand execution." error when trying to delete expired tokens from Security Console.
System Activity Monitor (Reporting > Real Time Activity Monitor > System Activity Monitor or Reporting > Reports > Add New > System Activity) shows the following error:
com.rsa.common.UnexpectedDataStoreException: org.springframework.dao.DataIntegrityViolationException:
could not delete: [com.rsa.authmgr.internal.admin.tokenmgt.dal.Token#937abd321500f70a147e58a59bd04dc4];
SQL [delete from AM_TOKEN where ID=? and ROW_VERSION=?]; constraint [fk_am_replacing_tkn_id];
nested exception is org.hibernate.exception.ConstraintViolationException:
could not delete: [com.rsa.authmgr.internal.admin.tokenmgt.dal.Token#937abd321500f70a147e58a59bd04dc4],
at com.rsa.authmgr.internal.admin.common.dal.sql.DataObjectAccessSql.delete(DataObjectAccessSql.java:342),
at com.rsa.authmgr.internal.admin.tokenmgt.dal.sql.TokenAccessSQL.delete(TokenAccessSQL.java:124),
at com.rsa.authmgr.internal.admin.tokenmgt.impl.TokenAdministrationImpl.delete(TokenAdministrationImpl.java:583),
at com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand$Executive.execute(DeleteTokensCommand.java:36),
at com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand.performExecute(DeleteTokensCommand.java:113),
at com.rsa.command.LocalTarget.executeCommand(LocalTarget.java:119),
at com.rsa.ims.command.LocalTransactionalCommandTarget.access$0(LocalTransactionalCommandTarget.java:1),
at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:268),
at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:1),
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:131),
at com.rsa.ims.command.LocalTransactionalCommandTarget.executeCommand(LocalTransactionalCommandTarget.java:260),
at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:933),
at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:1),
at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113),
at com.rsa.security.SecurityContext.doAs(SecurityContext.java:439),
at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:445),
at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:373),
at com.rsa.command.CommandServerBean.executeCommand(CommandServerBean.java:89),
at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.__WL_invoke(Unknown Source),
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:34),
at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.executeCommand(Unknown Source),
at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl_WLSkel.invoke(Unknown Source),
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:701),
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:231),
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:527),
Resolution
- SSH to the primary using rsaadmin account.
- Navigate to utils:
cd /opt/rsa/am/utils - Type the following command to get the database password and when prompted, enter the OC Administrator username and password:
./rsautil manage-secrets -a get com.rsa.db.dba.password - Navigate to bin:
cd ../pgsql/bin - Type the following command to access the database and when prompted, enter the password that you get from step 3:
./psql -h localhost -p 7050 -d db -U rsa_dba - List the expired token serial number and its replacement using the token id in the log message:
select serial_number , replace_token_sn from am_token where id ='937abd321500f70a147e58a59bd04dc4'; - Update replacement mode value to 0 in rsa_rep.am_token table for expired token and its replacement:
db=# update rsa_rep.am_token set replacement_mode = 0, replace_token_sn = null, tokenreplace_updated_date = null where serial_number = '000341939762'; UPDATE 1 db=# update rsa_rep.am_token set replacement_mode = 0, replace_token_sn = null, tokenreplace_updated_date = null where serial_number = '000400282186'; UPDATE 1 - Delete expired token from am_token_replacement table:
db=# delete from am_token_replacement where replacing_token_id='937abd321500f70a147e58a59bd04dc4'; DELETE 1 - Delete the expired token from am_token table:
db=# delete from am_token where id ='937abd321500f70a147e58a59bd04dc4'; Delete 1 - Exit database mode:
\q
Related Articles
There was a problem processing your request error when trying to edit Date and Time Settings on RSA Authentication Manager… Number of Views There was a problem loading the page when accessing user dashboard in RSA Authentication Manager 8.4 Number of Views Clearing bad passcodes in Security Console gives: “There was a problem processing your request. Cannot have concurrent use… Number of Views Problem syncing interface error when committing network changed on the RSA SecurID Access Identity Router Number of Views RSA Authentication Manager 8.2 SDK - Error "General SSLEngine problem; No available router to destination" Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
