Logging into Finesse Desktop when Identity Service is Down on First Node

From DocWiki

Jump to: navigation, search

Logging into Finesse Desktop when Identity Service is Down on First Node

Problem Summary Agent login flow in finesse when Identity Service is down on first node.
Error Message No error message.
Possible Cause

User is redirected to Identity Service node2 for initial authentication. Agent will be able to login successfully on the desktop. Below logs snippet can be seen in finesse log files.
==> valve.log <==
2016-08-10 14:58:52 ERROR IdSRESTClient getStatus - Error while getting status from https://autoneonode1.cisco.com:8553/ids/v1/
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:344)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:579)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:637)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264)
at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:934)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1302)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at com.cisco.ccbu.common.ids.client.util.Utils.makeRESTCall(Utils.java:379)
at com.cisco.ccbu.common.ids.client.util.Utils.invokeRESTEndpoint(Utils.java:316)
at com.cisco.ccbu.common.ids.client.IdSRESTClient.getStatus(IdSRESTClient.java:385)
at com.cisco.ccbu.common.ids.client.impl.IdSStatusMonitorImpl$IdSStatePoller.run(IdSStatusMonitorImpl.java:287)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
2016-08-10 14:58:52 INFO IdSStatusMonitorImpl evaluateIdSState - Updating IdS https://autoneonode1.cisco.com:8553/ids/v1/ to STATE_OUT_OF_SERVICE due to request failure exceeding threshold limt 5
2016-08-10 14:58:53 INFO SSOValve getAuthCode - getAuthCode - There is no auth-code. Redirect to https://autoneonode2.cisco.com:8553/ids/v1/oauth/authorize?redirect_uri=https%3A%2F%2Fautoneonode1.cisco.com%3A8445%2Fdesktop%2Fsso%2Fauthcode&client_id=b61d32715ea2c6243df9c7f4564c6277f138f166&state=aHR0cHM6Ly9hdXRvbmVvbm9kZTEuY2lzY28uY29tOjg0NDUvZGVza3RvcC9jb250YWluZXIvbGFuZGluZy5qc3A%2FbG9jYWxlPWVuX1VTCWFwcGxvZ2lu&response_type=code
2016-08-10 14:58:53 INFO SSOValve processAuthCode - processing authcode for: /desktop/sso/authcode
2016-08-10 14:58:53 INFO SSOValve getAuthCodeConsumerURL - https://autoneonode1.cisco.com:8445/desktop/sso/authcode
2016-08-10 14:58:53 INFO SSOValve authorizePrincipal - Authenticated user isdas. Proceed to authorize for request /desktop/container/landing.jsp.

==> realm.log <==
1676941: Aug 10 2016 14:58:53.516 +0530: [http-apr-8445-exec-9] INFO com.cisco.ccbu.finesse.realms.ccrealm.CCRealmConfig - CCRealmConfig.authorize : User :isdas Authorized.
1676942: Aug 10 2016 14:58:53.517 +0530: [http-apr-8445-exec-9] INFO com.cisco.ccbu.finesse.realms.CachingRealm - REALM_CACHE_ENTRY_CREATED - UserName: isdas

Recommended Action
  • Start the Identity service on first node from serviceability page or through CLI.
Release Release 11.5(1)
Associated CDETS # None


Rating: 0.0/5 (0 votes cast)

Personal tools