Unable to authenticate to Identity Apps after upgrading to Identity Apps 4.7.2 or newer

  • 7024305
  • 02-Dec-2019
  • 02-Dec-2019

Environment

Identity Manager 4.7.2 or newer
Identity Apps 4.7.2 or newer
OSP 6.3.1 or newer


Situation

Unable to authenticate to Identity Apps after upgrading to Identity Apps 4.7.2 or newer
Multiple host-names are assigned to the server hosting OSP.

The following error message: "ERROR [com.netiq.idm.auth.oauth.OAuthRestFilter] (https-jsse-nio-8543-exec-4) [RBPM] An error occurred while attempting to authenticate" is displayed in the catalina.out.

Resolution

Adding the following configuration parameter: com.netiq.idm.osp.tenant.http-interfaces=url:port/osp  to the ism-configuration.properties file
For example:
com.netiq.idm.osp.tenant.http-interfaces= https://idmapp.domain.lab:8543/osp
com.netiq.idm.osp.tenant.http-interfaces= https://idmapp.domain.lab/osp in case port 443 is used.

Cause

By default OSP uses the longest hostname to bind.
Adding the following configuration parameter: com.netiq.idm.osp.tenant.http-interfaces=  to the ism-configuration.properties file can be used to specify which fqdn should be used.