Custom eSig Module Error

John_T · ‎03-26-2018

We have an intermittent 403 Forbidden Error that occurs randomly for some users during the eSignature sign-off/verify process. We had the custom eSig module implemented recently. According to SF support, one other customer has reported the same issue. We have a high priority ticket openeed with SF to find a solution. The services team is working with ops and engineering to find a resolution. Has anyone else experienced this random error? The mystery here is that we're using a similar custom eSig module as most other customers that integrate with Active Directory-LDAP. The PIN is essentially replaced with the users network password.

We think it could be due to the BizX integration too which we did simulateously during the project. An early theory was that it could be due to Session Management but we haven't been able to verify that in the logs.

The error message is attached.

Thanks.

Eric_Thayer · ‎03-26-2018

We have a custom e-sig extension that uses Windows name and password vs SF User id and pin. It is working through LDAP. I am not sure if your customization is the same as ours. Our issue was resolved prior to golive and implemented in Prod.

Eric_Thayer · ‎03-26-2018

The Issue was an expired SSL cvertificate on SF side need for the VPN tunnel to function. It was discovered during UAT and resolved prior to go live. It was included in our Vsaas upgrade. Tell them to check the SSL certificate.

John_T · ‎03-26-2018

@Eric ThayerThanks Eric. Did you get the 403 error too?

Eric_Thayer · ‎03-26-2018

We are using stand alone LMS not BizX. Are you on BizX?

I did not get a specific 403 error. I got the following displayed in the UI:

Validation Error

You must correct the following error(s) before proceeding:

The user name and/or the electronic signature you entered are not correct.

John_T · ‎03-26-2018

We're integrated with BizX now. The intermittent error started after the integration and custom eSig module were implemented.

Eric_Thayer · ‎03-26-2018

Hi John,

Your attached error message is all about failed API calls. You are not getting access to the end point (403 error forbidden). It is being blocked for some reason? It could be an expired SSL certificate, a bad token or what Har1shrv experienced. This sould be realitivly easy for SF to trouble shoot and figure out.

John_T · ‎03-26-2018

Thanks for the input guys.

Har1shrv · ‎03-26-2018

We have a custom eSig module too and an integrated bizx environment.

We have two types of users 1-->SSO users : users logon to Bizx via a SAML based SSO. these users are obviously setup as SSO type .

2--> PWD users: these users use a native Bizx username and password to logon.

Out eSig module is custom, bypasses the default PIN authentication and based on the user type it authenticates the credentials invoking a AD webservice for SSO users and a BIZX webservice for PWD users.

Post upgrade to 1708, we had issues with PWD based users eSig verification while invoking the BIZX webservice. ooked like the API-Method used was either not supported/available anymore. SAP custom development team had to fix the module and re-deploy the solution.

we also had issue with BIZX-LMS session management which was fixed after updating the configuration under System Admin->System Config->Bizx -> "NewSessionForEachDeepLinkFromBizx" attribute value to true.

we did not notice a 403 error as such post SAP's fix on the eSig.