Dear Listers, Environment :
MidTier : Windows 20003 Standard Edition SP1 ---- 6.3 Patch 18 ARS Server : ARS 6.3 patch 14 Jsp Engine : Servlet Exec 5.0 ISAPI Web Server : IIS 6.0 Problem : We have a custom SSO implemented for our environment, SSO works fine and the logged in user gets authenticated via the SSO plugin, the logged in user is able to submit tickets as well, however when he tries to modify a Helpdesk ticket he gets an error message saying Invalid password or authentication string for an existing user. This happens only for the Helpdesk form, the same user can modify other non ITSM forms without any problems. On further research of the problem I found that on Modify of the Helpdesk form two API calls are made AREANeedToSyncCallback and AREAVerifyLoginCallback. During the process of calling the AREAVerifyLoginCallback function on Modify the default Auth String is being passed as empty. I would really appreciate if anybody could give their valuable insights on this problem. Appreciate all the help and support. Thanks a lot Example of the User getting authenticated with SSO. <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ +VL AREAVerifyLoginCallback -- user rvarghes <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> Username: <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> rvarghes <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> Network Address: <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> 10.30.62.131 <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> Auth String: <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> Qk1DIFJlbWVkeSBBUlN5c3RlbQ== <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> User logging in from a matching Authentication String and Mid-Tier IP: <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> 10.30.62.131 <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ <AREA.SSO> <INFO> User passed AREA SSO authentication. Login Success Example of the same User not getting authenticated with SSO On Modify of heldpesk Ticket. <PLGN> <TID: 002332> <RPC ID: 0000002568> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:42:17.5850 */ -VL OK <PLGN> <TID: 002332> <RPC ID: 0000002570> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.1940 */ +NS AREANeedToSyncCallback <PLGN> <TID: 002332> <RPC ID: 0000002570> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.1940 */ -NS OK -- 0 <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ +VL AREAVerifyLoginCallback -- user rvarghes <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> Username: <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> rvarghes <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> Network Address: <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> 10.30.62.131 <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> Auth String: <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> User did not provide a valid Authentication String. <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> User NOT logging in from Mid-Tier IP Address. <PLGN> <TID: 002332> <RPC ID: 0000002572> <Queue: AREA > <Client-RPC: 390695> /* Tue Jan 09 2007 05:44:14.3040 */ <AREA.SSO> <INFO> User did not pass AREA SSO authentication Mid Tier Log for the same user on modification of the helpdesk ticket Jan 10, 2007 1:52:31 AM - FINE (com.remedy.midtier.PERFORMANCE) : (Thread 55) Backchannel end: SetEntry: Process: 125; Send: 0; Chars: 107 Jan 10, 2007 1:52:31 AM - SEVERE (com.remedy.midtier.SERVLET) : (Thread 55) GoatException during NDXRequest: ARERR [329] Invalid password or authentication string for an existing user at com.remedy.arsys.backchannel.SetEntryAgent.process(Unknown Source) at com.remedy.arsys.backchannel.NDXRequest.<init>(Unknown Source) at com.remedy.arsys.backchannel.EntryListBase.<init>(Unknown Source) at com.remedy.arsys.backchannel.NDXSetEntry.<init>(Unknown Source) at com.remedy.arsys.backchannel.SetEntryAgent.<init>(Unknown Source) at com.remedy.arsys.backchannel.NDXFactory.handleRequest(Unknown Source) at com.remedy.arsys.stubs.BackchannelServlet.doRequest(Unknown Source) at com.remedy.arsys.stubs.GoatServlet.postInternal(Unknown Source) at com.remedy.arsys.stubs.GoatHttpServlet.doGet(Unknown Source) at javax.servlet.http.HttpServlet.service(HttpServlet.java:743) at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) at com.newatlanta.servletexec.SERequestDispatcher.forwardServlet( SERequestDispatcher.java:638) at com.newatlanta.servletexec.SERequestDispatcher.forward( SERequestDispatcher.java:236) at com.newatlanta.servletexec.SERequestDispatcher.internalForward( SERequestDispatcher.java:283) at com.newatlanta.servletexec.ApplicationInfo.processApplRequest( ApplicationInfo.java:1827) at com.newatlanta.servletexec.ServerHostInfo.processApplRequest( ServerHostInfo.java:919) at com.newatlanta.servletexec.ServletExec.ProcessRequest(ServletExec.java:1091) at com.newatlanta.servletexec.ServletExec.ProcessRequest(ServletExec.java:1002) Caused by: MessageType: 2 MessageNum: 329 MessageText: Invalid password or authentication string for an existing user AppendedText: at com.remedy.arsys.api.Proxy.ARSetEntry(Native Method) at com.remedy.arsys.api.Entry.store(Entry.java:272) ... 18 more Jan 10, 2007 1:52:31 AM - FINE (com.remedy.midtier.INTERNAL) : (Thread 55) Throw ARException - MessageType: 2 MessageNum: 329 MessageText: Invalid password or authentication string for an existing user AppendedText: Regards, Roney Samuel Varghese _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"