Important Update: Archer Community Scheduled Maintenance on November 23–24 - New Community Launching Soon! Learn More..

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Archer API: Unable to login with specified credentials

DavidFulmer
Contributor III

‎2019-03-01 07:21 AM

One of API developer team wrote the API script to execute the process in one of our applications.  From what we see first time, we received the intermittent issues.

 

Exception Stacktrace : org.springframework.ws.soap.client.SoapFaultClientException: Server was unable to process request. ---> Unable to login with specified credentials

We do not have an issue with user ID access (username, password and roles), however the issue is that Archer API is not even able to create session token.  Any reason why it is not creating session token?

 

We are unable to track this in Archer logs for API error calls.  Is there alternative logs we can locate?  Do you have any reason why this is not working?

13 REPLIES 13

DavidPetty
Archer Employee
Archer Employee

‎2019-03-01 08:13 AM

Do you see the failed login attempt in Archer Security Events report?

 Advisory Consultant

0 Kudos

DavidFulmer
Contributor III
In response to DavidPetty

‎2019-03-01 08:26 AM

Do you mean "Failed User Login" event name under Archer Security Events report?  We also checked and seeing only generic user IDs listed here, and none of the non-interactive username IDs. 

 

We only give non-interactive username to API developers to access the module.   The non-interactive username ID are already listed in 'Application Owners' to grant full rights in the records.  We also checked this username IDs that status is currently active.

0 Kudos

Arun.Prasad
Advocate II
In response to DavidFulmer

‎2019-03-01 08:37 AM

What is the User Account Status in Archer? You can check the below KB and see if you can get any insights on your issue from the "Cause" mentioned.

 

000033384 - Server was unable to process request resulting in an Invalid session token error in RSA Archer GRC 

 

Edit: Just noticed that you mentioned the account status as Active.

0 Kudos

DavidPetty
Archer Employee
Archer Employee
In response to DavidFulmer

‎2019-03-01 08:45 AM

Yep, that would be it  

 

Make sure you're passing the correct instance name and that's case sensitive.  I just did a test using Jeff Letterman‌ wonderful https://community.rsa.com/docs/DOC-81721 using CreateUserSessionFromInstance and not providing any valid information and received the same error you posted, and noting was listed in the Security Events Failed User Login report for the attempt.

 Advisory Consultant

BJJohnson
Archer Employee
Archer Employee
In response to DavidFulmer

‎2019-03-01 09:27 AM

It could be that the password needs updating.
It would result in a successful log in (should be in Security Events), but would prevent the feed from moving forward.

DavidFulmer
Contributor III
In response to BJJohnson

‎2019-03-01 10:38 AM

The password is good and non-interactive username account ID status is active. 

 

Confirmed from API developer team that there are eight nodes with multi-task connections into Archer where it is causing the issues.

 

Does that mean API does not support the multiple session for the same account username ID?

0 Kudos

Arun.Prasad
Advocate II
In response to DavidFulmer

‎2019-03-01 10:41 AM

Cause:

  • Two processes are configured to use the same user ID. 


Please refer the KB I posted above. 

0 Kudos

DavidPetty
Archer Employee
Archer Employee
In response to DavidFulmer

‎2019-03-01 10:46 AM

Archer only allows one session token per user account.  No simultaneous user logins.

 Advisory Consultant

DavidFulmer
Contributor III
In response to DavidPetty

‎2019-03-01 01:49 PM

Does the timeout session (configured through Security Parameters for specific non-interactive user ID) also cause the issue?

0 Kudos