on 04-11-2015 8:32 AM
Hi Experts,
I am installing IDM 8.0. According to the Installation Guide in SAP Identity Management Installation Guide - SAP Library . I have reached to the Adding the Initial Identity store phase. I have created the user as Idmadmin in the NWA/Identity portal. The issue is, I find the Identity store option disabled in the IDM developer studio and when I try to Login into the Identity management Developer studio with the same user Idmadmin and the required password. Even though the username and password entries are correct I'm unable to login, instead I'm getting a error message stating "Login Failed" . I cannot proceed further with the addition of the identity store without logging in. Could anyone please let me know whether there are any changes need to be done or if there is any different procedure to accomplish this task.
Thanks
Madhav J
Hi Madhav,
Is the user IdmAdmin the same user that was created during the IdM 8 installation?
Check the table mc_users for available users.
Regards,
Ole K.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ole,
As per your suggestion, I checked the mc_users table but the user over there is IDMDEV and not IDMADMIN. Later, I tried adding this user IDMDEV into the NWA Portal and assigned the required roles, but there is no change. I'm still facing the same problem with logging in the Developer studio. Are there changes to be made further, if so please let me know.
Regards,
Madhav J
Hello Ole,
Thanks for you r reply. I have added the IDMDEV user in the UME database. But still facing the same issue. The procedure through which I have configured the connection in developer studio is
Logged into the portal nwa/ identity--> created the user IDMDEV and assigned the required roles saved the user.
Is this procedure correct or need to follow up some steps?
hI Madhav J
SSL configuration is very easy in AS-JAVA and IDM8
please follow these steps
1. enable ssl and create self sign certificate on nwa > configuration >Security > ssl on port 50001 or any other port you wish to use
2. then click on export entry your certificate and copy into c:\program files\java\java version\lib/security\ ( please check windows java environment for correct java path )
3. export SAPLogonKeypair.cert from TicketKeystore (/nwa) and copy into c:\program files\java\java version\lib\security\
4. then use this command to add all certificate into java cacerts
keytool -import -alias my_ssl_cert -file certificate_name .crt -keystore cacerts
then open Developer studio and configure port 50001
Regards,
Mohinder
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Mohinder,
Thanks for providing me the whole procedure to configure the SSL. Actually I didn't get how to enable SSL as you said in you first point. (1. enable ssl and create self sign certificate on nwa > configuration >Security > ssl on port 50001 or any other port you wish to use). Could you please please help me with that. I know how to proceed with rest of the part. I even tried all the steps specified in your procedure but still the issue exists. Please help me to know how to enable the SSL.
Thanks and Regards,
Madhav J
Please follow these steps :
6. Select the instance and push the Edit button and then browse the SSL Library and Ticket file.
7. In SSL Access Points section, choose the Add pushbutton.
8. Enter the number of the port (e.g. 50001)
9. Select the Protocol (e.g.HTTPS)
10.Select the keystore view (e.g. Instance Default)
11. Select the Client Authentication Mode (e.g. Request)
12. Finally push SAVE button to save the all configuration objects and restart the ICM to take effect the changes.
13. Open Web Browser and enter the below URL https://<j2ee_host_name>:<ICM_https_port>
Hi Mohinder,
I tried you steps to enable SSL and when I open the web browser and try to enter https://<j2ee_host_name>:<ICM_https_port>( In my example it is https://localhost:50001). I'm getting an error message stating that "There is a problem with this website's security certificate." What does this mean? Has the SSL no been configured correctly?
Thanks and Regards,
Madhav J
Error is fine for you. this certificate is self sign certificate thats why this error is coming but you can bypass it there is no harm or functionality issue. both ports will work 50000 and 500001 , for dev studio connection with server configuration you should use 50001 for other work you can use 50000.
don't forget to add ssl certificate in javatool it is must otherwise you will get different SSL error again.
But if you need to fix this error you need to purchase ssl certificate from SSL providers like . Godaddy ,versign etc.
Hi Madhav,
sorry for late reply
Please verify these settings.
1. Check Java Environment set in path.
2. Verify Which Java Version you are using
3. Keytool must be used in current working java there is one file called cacerts in Security Folder. password of javatool is changeit
4. have you imported ssl SAPLogonKeypair.cert
Please
Hi Mohinder,
I have verified all the settings specified by you.
1. Java Environment path is set and it is C:\Program Files\Java\jre7\bin
2. The Java Version is Java Runtime 7
3. Keytool command is giving error stating that Access id Denied
4. I have only imported ssl-credentials-cert.crt and placed it in the required directory as you have specified but not imported SAPLogonKeypair.cert.
From where should I import SAPLogonKeypair.cert? I think this might be only the issue.
Please help me to proceed further.
Thanks,
Madhav J
Hi,
Please enable SSL on AS-JAVA and then configure Eclipse hostname should be same as ssl certificate and then export this certificate and add into java security with the help of keytool.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Madhav,
Have a look at this:
Configuring the Use of SSL on the AS Java - Network and Transport Layer Security - SAP Library
Regards,
Ole K.
Hello,
Looks like you are using port 50001 which is for SSL connection. And the error is HTTP not HTTPS. That menans that the SSL is not configured.
You have three options:
1) Try connecting on port 50000
2) configure SSL
3) Disable SSL with adding the option IS_HTTPS=false located here:
C:\Users\Administrator\workspace\.metadata\.plugins\org.eclipse.core.runtime\.settings\com.sap.idm-dev-studio-userinterface.prefs
Other issues that might be the root cause:
1) Make sure you follow the naming convention for the DevStudio Data Source. I think yours is different than the one described in the documentation.
2) Check the settings of the Data Source - Have in mind that in 8.0 we are using 2 data sources one for the UI and one for the Studio - double check the documentation for that.
3) User must be in UME and user must have IDM authenticated role assigned - check this again in the docu
Regards
Todor
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This message was moderated.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Chenyang,
Thanks for your reply. I have checked the logviewer of the AS JAVA for error messages but I couldn't find any error related with the Login of the developer studio. But, I have found some Java exceptions in developer studio's error logs. The error message is as follows.
Error
java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.0 403 Forbidden"
Please help me to proceed further.
Regards,
Madhav J
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.