Authentication failed with OpenID connect

Hello All,

We have integrated One Identity Manger with Forgerock AM . Once we enter the URL of the Web portal it redirects back to AM for authentication, after authentication it redirect back to the portal with the below error

The authentication process could not be completed. Contact your system administrator if the problem persists.

Failed to authenticate user.

Cannot find the requested object.

Got the below error message in the job queue

Login failed (Module: OAuth 2.0 / OpenID Connect (role based), Properties: , Identity: -, Client Machine: 10.11.46.133, Errors: [System.Security.Cryptography.CryptographicException] Cannot find the requested object.

If anybody have any idea, please let us know.

Thanks,

Pranav

Top Replies

pprathapgirija over 4 years ago in reply to pprathapgirija +1 suggested

Hello , The login issue has been resolved, Thank you for all your suuport

the config param is set to off

QBM\DebugMode\OAuth2\LogPersonalInfoOnException

and we removed all the references of certificates…

Parents

0 Troy Grandy over 4 years ago

You need to check the web portal logs
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 Troy Grandy over 4 years ago in reply to Troy Grandy

support.oneidentity.com/.../how-to-enable-and-collect-it-shop-logs
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Reply

0 Troy Grandy over 4 years ago in reply to Troy Grandy

support.oneidentity.com/.../how-to-enable-and-collect-it-shop-logs
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Children

0 pprathapgirija over 4 years ago in reply to Troy Grandy

Thank you Tony ,

I could only find the below error in the logs

2020-09-21 15:24:32.0741 ERROR ( ObjectLog 0ig1bmkkmr3nnjhkiru2ggp1) : Failed to authenticate user using OAuth2/Open ID Connect. System.Security.Cryptography.CryptographicException: Cannot find the requested object.

at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName)
at QER.OAuthAuthentifier.OAuth.<_GetSigningCertificatesFromServerAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetClaimsAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetPersonDataAsync>d__24.MoveNext() at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName)
at QER.OAuthAuthentifier.OAuth.<_GetSigningCertificatesFromServerAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetClaimsAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetPersonDataAsync>d__24.MoveNext()
2020-09-21 15:24:33.0898 WARN ( WebLog 0ig1bmkkmr3nnjhkiru2ggp1) : One or more errors occurred. System.AggregateException: One or more errors occurred. ---> VI.Base.ViException: Failed to authenticate user. ---> System.Security.Cryptography.CryptographicException: Cannot find the requested object.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 pprathapgirija over 4 years ago in reply to Troy Grandy

Thanks Tony,

i found the below error message in logs

2020-09-21 15:24:32.0741 ERROR ( ObjectLog 0ig1bmkkmr3nnjhkiru2ggp1) : Failed to authenticate user using OAuth2/Open ID Connect. System.Security.Cryptography.CryptographicException: Cannot find the requested object.

at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName)
at QER.OAuthAuthentifier.OAuth.<_GetSigningCertificatesFromServerAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetClaimsAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetPersonDataAsync>d__24.MoveNext() at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName)
at QER.OAuthAuthentifier.OAuth.<_GetSigningCertificatesFromServerAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetClaimsAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at QER.OAuthAuthentifier.OAuth.<GetPersonDataAsync>d__24.MoveNext()
2020-09-21 15:24:33.0898 WARN ( WebLog 0ig1bmkkmr3nnjhkiru2ggp1) : One or more errors occurred. System.AggregateException: One or more errors occurred. ---> VI.Base.ViException: Failed to authenticate user. ---> System.Security.Cryptography.CryptographicException: Cannot find the requested object.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel