This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SecurID® Governance & Lifecycle Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.

Generic REST Collector fails with 'Access token has expired' error in RSA Identity Governance & Lifecycle

Article Number

000038765

Applies To

RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.2.0

Issue

A working Generic REST Collector fails (Collectors > Collector Type > Collector Name > Collect button.)

The following errors are seen in the aveksaServer.log file ($AVEKSA_HOME/wildfly/standalone/log/aveksaServer.log): 
com.aveksa.server.runtime.ServerException: Test request failed with response: com.aveksa.server.runtime.ServerException: 
com.aveksa.common.DataReadException: com.aveksa.client.genericrest.GenericRestException: 
CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", 
"innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } . 
Caused by com.aveksa.client.genericrest.GenericRestException: 
CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", 
"innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } Caused By Stack 
com.aveksa.common.DataReadException: com.aveksa.client.genericrest.GenericRestException: 
CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", 
"innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } 
at com.aveksa.collector.generic.rest.adc.GenericRESTAccountDataIterator.next(GenericRESTAccountDataIterator.java:71) 
at com.aveksa.client.datacollector.collectors.accountdatacollectors.AccountDataCollector.collectData(AccountDataCollector.java:422) 
at com.aveksa.client.datacollector.collectors.accountdatacollectors.AccountDataCollector.collect(AccountDataCollector.java:302) 
at com.aveksa.client.datacollector.collectors.accountdatacollectors.AccountDataCollector.
collectTestData(AccountDataCollector.java:277) 
at com.aveksa.client.datacollector.framework.DataCollectorManager.collect(DataCollectorManager.java:481) 
at com.aveksa.client.component.collector.DefaultCollectorManager.actUpon(DefaultCollectorManager.java:204) 
at com.aveksa.client.component.collector.DefaultCollectorManager.handle(DefaultCollectorManager.java:102) 
at com.aveksa.client.component.event.DefaultEventManager.handle(DefaultEventManager.java:75) 
at com.aveksa.client.datacollector.framework.SimpleEventSource.notifyListeners(SimpleEventSource.java:67) 
at com.aveksa.client.component.communication.DefaultCommunicationManager.notifyEvent(DefaultCommunicationManager.java:377) 
at com.aveksa.client.component.communication.ChangeListHandler.applyChanges(ChangeListHandler.java:364) 
at com.aveksa.client.component.communication.ChangeListHandler.access$300(ChangeListHandler.java:58) 
at com.aveksa.client.component.communication.ChangeListHandler$ChangeApplyingRunnable.run(ChangeListHandler.java:275) 
at java.lang.Thread.run(Thread.java:748) Caused by: com.aveksa.client.genericrest.GenericRestException: 
CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", 
"innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } 
at com.aveksa.client.genericrest.GenericRestException.connectionError(GenericRestException.java:108) 
at com.aveksa.client.genericrest.postprocessor.impl.GenericRESTPostprocessorImpl.
validateResponse(GenericRESTPostprocessorImpl.java:204) 
at com.aveksa.client.genericrest.postprocessor.impl.GenericRESTPostprocessorImpl.
getParsedData(GenericRESTPostprocessorImpl.java:89) 
at com.aveksa.client.genericrest.GenericRESTClient.executeTestCollection(GenericRESTClient.java:173) 
at com.aveksa.collector.generic.rest.adc.GenericRESTAccountDataIterator.collectAccountData(GenericRESTAccountDataIterator.java:155) 
at com.aveksa.collector.generic.rest.adc.GenericRESTAccountDataIterator.next(GenericRESTAccountDataIterator.java:68) ... 13 more 
End Stack

Please refer to RSA Knowledge Base Article 000030327 -- Artifacts to gather in RSA Identity Governance & Lifecycle to find the location of the aveksaServer.log for your specific deployment if you are on a WildFly cluster or a non-WildFly platform. The aveksaServer.log may also be downloaded from the RSA Identity Governance & Lifecycle user interface (Admin > System > Server Nodes tab > under Logs.)
 

Cause

The collector fails to refresh the OAuth token after the previous token has expired due to the Response Timeout setting defined in:
 
(Collectors > {Collector Type} > {Collector Name} > Edit > Next > Connection Details > Response Timeout (milliseconds)

This is a known issue reported in engineering ticket ACM-104939.

Resolution

This issue is being investigated by the Engineering team in order to provide a permanent resolution in a future release. 
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 10:52 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.