We are running a virtualised environment, and getting a warning in the configure automatically single sign on step. The following error occurs:
SSO setup failed : a problem occured while attempting to add login modules for ticket authentication
Details
Found SID for SSO ACL entry : SOL
Found login.ticket_client for SSO ACL entry : 000
The Read entry permission on TicketKeystore/SAPLogonTicketKeypair-cert was given to sap.com/tc~webadministrator~solmandiag/servlet_jsp/smd/root/WEB-INF/lib/SetupLib.jar
The TicketKeystore/SAPLogonTicketKeypair-cert was succesfully read (619 bytes)
The SSO ticket Certificate <OU=J2EE,CN=SOL> has been successfully imported into ticket Keystore
WARNING : domain of ourphsicalhostname.companyid.com does not match the domain of monitoring host (and is not a subdomain of) ourvirtualhostame.sap.companyid.com. SSO will not work across such domains
SSO setup failed : a problem occured while attempting to add login modules for ticket authentication
SSO setup failed : error while updating login modules : java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!; nested exception is:
java.lang.SecurityException: java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!
The SSO ticket Certificate <CN=SOL> has been successfully imported into ticket Keystore
WARNING : domain of phsicalhostname.companyid.com does not match the domain of monitoring host (and is not a subdomain of) cisol.sap.ebrd.com. SSO will not work across such domains
SSO setup failed : a problem occured while attempting to add login modules for ticket authentication
SSO setup failed : error while updating login modules : java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!; nested exception is:
java.lang.SecurityException: java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!
Exception
java.rmi.RemoteException: java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!; nested exception is:
java.lang.SecurityException: java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:81)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:71)
at com.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:266)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:466)
at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:69)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:72)
at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:43)
at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:999)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:59)
at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:55)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328)
Caused by: java.lang.SecurityException: java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:109)
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:86)
at com.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:79)
... 12 more
Caused by: java.lang.SecurityException: User 'SM_ADMIN_SOL' does not have permission for the security operation!
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:105)
... 14 more
In Check Configuration Step the warning is further detail as follows:
Warning
Activity 'Single Sign On Setup' has been executed with warnings
Action
Please check the warning details and take action if necessary
Details
Message.SSOsetupfailed:aproblemoccuredwhileattemptingtoaddloginmodulesforticketauthentication(Message.java:1)
Details
Details.FoundSIDforSSOACLentry:SOL
Foundlogin.ticket_clientforSSOACLentry:000
TheReadentrypermissiononTicketKeystore/SAPLogonTicketKeypair-certwasgiventosap.com/tc~webadministrator~solmandiag/servlet_jsp/smd/root/WEB-INF/lib/SetupLib.jar
TheTicketKeystore/SAPLogonTicketKeypair-certwassuccesfullyread(619bytes)
TheSSOticketCertificate<OU=J2EE,CN=SOL>hasbeensuccessfullyimportedintoticketKeystore
WARNING:domainof ourphsicalhostname.companyname.comdoesnotmatchthedomainofmonitoringhost(andisnotasubdomainof) virtualhostname.sap.companyname.com.SSOwillnotworkacrosssuchdomains
SSOsetupfailed:aproblemoccuredwhileattemptingtoaddloginmodulesforticketauthentication
SSOsetupfailed:errorwhileupdatingloginmodules:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!;nestedexceptionis:
java.lang.SecurityException:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!
TheSSOticketCertificate<CN=SOL>hasbeensuccessfullyimportedintoticketKeystore
WARNING:domainofphysicalhostname.companyname.comdoesnotmatchthedomainofmonitoringhost(andisnotasubdomainof)cisol.sap.ebrd.com.SSOwillnotworkacrosssuchdomains
SSOsetupfailed:aproblemoccuredwhileattemptingtoaddloginmodulesforticketauthentication
SSOsetupfailed:errorwhileupdatingloginmodules:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!;nestedexceptionis:
java.lang.SecurityException:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!
(Details.java:2)
Details
Exception.java.rmi.RemoteException:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!;nestedexceptionis:
java.lang.SecurityException:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!
atcom.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:81)
atcom.sap.engine.services.security.remoteimpl.RemoteSecurityImpl.getPolicyConfiguration(RemoteSecurityImpl.java:71)
atcom.sap.engine.services.security.remoteimpl.RemoteSecurityImplp4_Skel.dispatch(RemoteSecurityImplp4_Skel.java:266)
atcom.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:466)
atcom.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:69)
atcom.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:72)
atcom.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:43)
atcom.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:999)
atcom.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:59)
atcom.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:55)
atcom.sap.engine.core.thread.execution.Executable.run(Executable.java:122)
atcom.sap.engine.core.thread.execution.Executable.run(Executable.java:101)
atcom.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328)
Causedby:java.lang.SecurityException:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!
atcom.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:109)
atcom.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:86)
atcom.sap.engine.services.security.restriction.Restrictions.checkPermissionRemote(Restrictions.java:79)
...12more
Causedby:java.lang.SecurityException:User'SM_ADMIN_SOL'doesnothavepermissionforthesecurityoperation!
atcom.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:105)
...14more
(Exception.java:3)
Screen shot below.
All other steps have completed successfully, (The dataextract error is know about)
The BJT system is a BI Java system linked to BWD (ABAP Stack BW System)
Any assistance or pointers will be appreciated.
Thanks
Tariq