on 12-13-2021 4:45 PM
Hi All,
I have built an MTA, created a HDB and a SAP HANA service connection.
When building a calculation view, and browsing for the object, I am getting "Error: Incorrect Service: Connect error: authentication failed".
I created a user provided service name and verified that the connection details are correct by using the same credentials via command line (hdbsql).
I cannot figure out what is causing this authentication issue. The user which I am using is a domain user created in Active Directory and provisioned automatically in SAP HANA DB via LDAP Provider.
But the user exists in the tenant db now and I can log into the database. Why is this not working via WebIDE??
So as a quick test, I created a new SAP HANA service connection this time using a regular db user (i.e. SYSTEM), and I am able to build the calculation view. So I know that the issue is with my LDAP assigned db user. The puzzling thing is that I can connect to the HANA DB directly and also through the Database Explorer in WebIDE (using the LDAP user).
Has anyone connected their WebIDE to SAP HANA DB using sap hana service connection using an LDAP-enabled user?? I can't see any reason why this would not be supported.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Asif,
I know it's been a long time.
But since we are facing a similar situation and want to use LDAP for USER provisioning, I was wondering how you were able to assign the XS roles to the user for using the WebIDE.
As far as I know, only the "old" catalogue roles are supported for LDAP and not the XS roles.
Or maybe that was the cause of your problem?
Best regards
Dirk
Thanks Michael,
I have the following information from the trace:
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.802777 d Authentication AuthenticationInfo.cpp(00039) : ENTER getAuthenticationInfo (userName=asifarif)
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.802955 d Authentication MethodGSS.cpp(00050) : GSS isApplicableToken with input length 79
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.802984 d Authentication ManagerAcceptor.cpp(00322) : Method is applicable: SCRAMSHA256
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.802987 d Authentication ManagerAcceptor.cpp(00324) : Injecting logon name into method: asifarif
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.802990 d Authentication Method.cpp(00059) : set logon name=asifarif
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.803073 d Authentication ManagerAcceptor.cpp(00346) : evaluate was (fake) successful for method: SCRAMSHA256
[221951]{-1}[-1/-1] 2021-12-13 21:40:02.803077 d Authentication ManagerAcceptor.cpp(00408) : follow up request needed
[201785]{-1}[-1/-1] 2021-12-13 21:40:02.804114 d Authentication ManagerAcceptor.cpp(00434) : Method is applicable: SCRAMSHA256
[201785]{-1}[-1/-1] 2021-12-13 21:40:02.804125 d Authentication ManagerAcceptor.cpp(00443) : evaluate was not successful for method: SCRAMSHA256
[201785]{-1}[91/-1] 2021-12-13 21:40:02.804327 d Authentication AuthenticationInfo.cpp(00039) : ENTER getAuthenticationInfo (userName=asifarif)
[201785]{-1}[91/-1] 2021-12-13 21:40:02.804388 d Authentication Authenticate.cc(00075) : [AUTHENTICATION] logon name: asifarif, external name: isldapenabled: 1
[201785]{-1}[91/-1] 2021-12-13 21:40:02.804395 d Authentication Authenticate.cc(00975) : [PRE AUTHENTICATION] logon name: asifarif
[201785]{-1}[-1/-1] 2021-12-13 21:40:02.805985 d Authentication Authenticate.cc(00148) : exception during authentication: ERROR [SQL-10] authentication failed at ptime/query/catalog/catalog_authmgr.cc:889
exception 1: no.71000010 (ptime/query/catalog/catalog_authmgr.cc:889) TID: 201785
ptime::PtimeException
NO exception throw location recorded. Stack generation suppressed.
exception type information:
- 0: public ptime::SQLException@0x7f6bd72de5a0 SI
- 0: public ptime::SQLExceptionBase@0x7f6bd72dde40 SI
- 0: public ltt_adp::exception@0x7f6bd72dd780 SI
- 0: public ltt::exception@0x7f6bc8123960
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
you may try to perform an authentication trace to know the reason of the failed authentication.
run the following statement
ALTER SYSTEM ALTER CONFIGURATION ('indexserver.ini', 'SYSTEM') set ('trace', 'authentication') = 'debug' with reconfigure;
reproduce the issue
then switch off the trace
ALTER SYSTEM ALTER CONFIGURATION ('indexserver.ini', 'SYSTEM') UNSET ('trace', 'authentication');
Finally look at indexserver trace.
Regards,
Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
11 | |
8 | |
8 | |
6 | |
6 | |
6 | |
6 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.