This documentation supports the 9.1 version of Remedy Single Sign-On.

To view the latest version, select the version from the Product version menu.

Troubleshooting Remedy SSO integration issues

This topic provides troubleshooting information about integration of Remedy Single Sign-On (Remedy SSO) with supported BMC applications.

Generic integration issues

Installer fails to stop the application's server during integration

On Linux, when the user runs the Remedy Single Sign-On (Remedy SSO) installer on a supported BMC application, the integration may fail if the installer does not stop the application's server.

Perform the following workaround to complete the integration.

Workaround:

Perform a manual stop of the BMC application's server. Then, rerun the Remedy SSO installer on the application. If the integration fails again, perform the manual integration process.

Remedy SSO installer webapp installation failure

During integration, webapp installation failure occurs due to insufficient privileges for the database user.

Workaround:

Use a database user with privileges of creating user and creating table. Refer the Access and Permissions section in the System requirements topic for relevant information.

AR 623 error during integration

The following steps help you to identify the root cause and provides a probable fix in configuration to solve the AR 623 error with a stack integrated with Remedy Single Sign-On (Remedy SSO). You may also perform the steps in case you do not see the complete application list after logging on.

  1. Check if the Remedy SSO Server is accessible from the BMC Remedy AR System Server.
    1. Check if the Remedy SSO service URL is configured correctly in the rsso.cfg file located at {AR}/Conf/rsso.cfg. For example, D:\BMCSoftware\BMCARSystem\Conf\rsso.cfg.
    2. Open the Remedy SSO service URL in a browser to check whether it is accessible from the BMC Remedy AR System Server.
  2. Check if the Remedy SSO plugin entry is set correctly in pluginsvr_config_xml.
    1. Open the pluginsvr_config.xml located at {AR}/pluginsvr/pluginsvr_config.xml i.e “D:\BMCSoftware\BMCARSystem\pluginsvr\pluginsvr_config.xml” and check for the availability of the following entry.<plugin>
      <name>ARSYS.AREA.RSSO</name>
      <classname>com.bmc.rsso.plugin.area.RSSOPlugin</classname>
      <pathelement type="location">D:/BMCSoftware/BMCARSystem/pluginsvr/rsso-area-plugin-all.jar</pathelement>
      <userDefined>
      <configFile>D:/BMCSoftware/BMCARSystem/Conf/rsso.cfg</configFile>
      </userDefined>
      </plugin>
    2. Make sure the file locations are correctly set.
    3. Make sure the rsso-area-plugin-all.jar is present in the pluginsvr folder.
    4. Comment out the ‘ARSYS.ARF.ATSSOCONFIRMPWD’ and ‘ARSYS.AREA.ATRIUMSSO’ entries as they are not needed if Remedy SSO is integrated with the stack.
  3. Make sure Plugin Server is running.
    1. From Task Manager, make sure the Plugin Server is up and running.
    2. Make sure the following Server-Plugin-Alias is present in ar.cfg.
      Server-Plugin-Alias:AREA AREA onbmc-s:9999
  4. Check if the authenticated user is present in the AR User form.
    1. The users which you authenticated against should be present in the AR User form.
    2. Make sure the transformations are set correctly on the Remedy SSO Server, i.e if authenticated user is in lowercase. Remedy SSO may transform the user to UPPERCASE and hence the same user should also be present in UPPERCASE in the User form.
  5. Check if the entries are correctly set in the EA tab of the Server Information page of in ar.cfg.
    • External-Authentication-RPC-Socket: 390695
    • Authentication-Chaining-Mode: 1
    • Use-Password-File: T
    • Crossref-Blank-Password: T
  6. If EA chaining mode in the AR server is set to ARS-AREA (1), change the EA chaining mode to AREA-ARS (2) and restart the server.

    Important

     If the above steps do not resolve the issue, enable debug logging for the Plugin Server and check the arjavaplugin.log. The arjavaplugin.log would help you in identifying any issue with the Remedy SSO Plugin and Plugin Server as a whole.

Remedy Mid Tier integration issues

Integration failure after upgrading Remedy Mid Tier

If you have integrated Remedy Single Sign-On with Remedy Mid Tier and then upgrade Mid Tier to the latest version, the integration fails with the following error message as the web.xml file that contains the Remedy SSO filter information is overwritten:

BMC Remedy Single Sign-On error

ARERR [9388] Authentication failed: An error occurred in SSO plugin.

To restore the integration, manually remove the <RemedySSO (integration) installation> directory that contains the InstalledConfiguration.xml file and perform the integration steps again.

Remedy Mid Tier authenticator configuration issue

When you are manually integrating Remedy SSO with Remedy Mid Tier and see the following error while accessing Mid Tier, it is probably a Remedy Mid Tier authenticator configuration issue.

 type Exception report 
    message java.lang.NullPointerException
 
    description The server encountered an internal error that prevented it from fulfilling this request.
 
    exception
 
    java.lang.RuntimeException: java.lang.NullPointerException
 
            com.remedy.arsys.stubs.GoatServlet.postInternal(GoatServlet.java:165)
 
            com.remedy.arsys.stubs.GoatHttpServlet.doGet(GoatHttpServlet.java:57)
 
            javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
 
            javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
 
            org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
 
            com.remedy.arsys.stubs.TenancyFilter.doFilter(TenancyFilter.java:49)
 
            com.bmc.rsso.agent.RSSOFilter.doFilter(RSSOFilter.java:135)

root cause 
java.lang.NullPointerException
        com.remedy.arsys.session.Login.establishSession(Login.java:281)
        com.remedy.arsys.stubs.GoatServlet.postInternal(GoatServlet.java:104)
        com.remedy.arsys.stubs.GoatHttpServlet.doGet(GoatHttpServlet.java:57)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        com.remedy.arsys.stubs.TenancyFilter.doFilter(TenancyFilter.java:49)
        com.bmc.rsso.agent.RSSOFilter.doFilter(RSSOFilter.java:135)
note The full stack trace of the root cause is available in the Apache Tomcat/7.0.64 logs.

Workaround:

Perform the following steps to rectify the error:

  1. Open <MT>/WEB-INF/classes/config.properties, check the value of arsystem.authenticator, and make sure that it is set to: com.bmc.rsso.plugin.authenticator.RSSOAuthenticator.
  2. Check if <MT>/WEB-INF/lib/rsso-authenticator-plugin-all.jar exists.

BMC Mid Tier Integration failure due to missing filters

While integrating Remedy SSO with Remedy Mid Tier, the integration may fail and display the following errors.

 Throwable=[com.bmc.install.product.remedysso.processing.RemedySSOPostInstallIntegrationArTask$IntegrationException:
 Coudn't deploy and configure agent
...
Throwable=[com.bmc.install.product.remedysso.installationtools.xml.Xml$XmlException:
 Couldn't add agent filter into C:\Program Files\BMC 
Software\ARSystem\midtier\WEB-INF\web.xml

The reason could be that during integration, the Remedy SSO installer parses web.xml and looks for DTD at http://java.sun.com/dtd/web-app_2_3.dtd and may not be able to access it due to a firewall policy.

Workaround:

Modification of web.xml is the last step during integration of Remedy SSO with Remedy Mid Tier. If you encounter this issue, you can continue to complete Remedy Mid Tier integration by adding the following RSSO <filter> and <filter-mapping> in <MT>/WEB-INF/web.xml. Then, restart the Remedy Mid Tier Tomcat.

Note

When adding RSSO <filter-mapping>, make sure it is added as the first <filter-mapping> element in web.xml.

 <filter>
    <filter-name>RSSOFilter</filter-name>
    <filter-class>com.bmc.rsso.agent.RSSOFilter</filter-class>
</filter>
 
<filter-mapping>
    <filter-name>RSSOFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Integration failure due to inaccessibility of Remedy SSO URL

While integrating Remedy SSO with Remedy AR System or Remedy Mid Tier, you need to provide Remedy SSO URL. If the URL is not accessible, an error is displayed and integration process does not continue.

Workaround:

Specify any accessible URL temporarily as the Remedy SSO service URL during integration. Then after the integration is complete, perform the following steps:

For Remedy AR System integration:

  1. Change 'sso-service-url' config value to the correct Remedy SSO service URL in <AR>/Conf/rsso.cfg.
  2. Restart the Remedy AR System server.

For

  1. Change 'sso-service-url' property value to the correct Remedy SSO service URL in <MT>/WEB-INF/classes/rsso-agent.properties.
  2. Restart the BMC Remedy Mid Tier Tomcat.Remedy Mid Tier Tomcat.

Installer generates uniform agent IDs during integration

In a high-availability environment, during integration with Remedy Mid Tier, Remedy SSO installer generates uniform agent IDs for all the nodes. When more than one Remedy Mid Tier apps are integrated with the same Remedy SSO and when a user logs out from one application, the user is logged out from all Remedy Mid Tier applications.

Workaround:

After all nodes are integrated with Remedy SSO, manually change the agent id to a unique id for each node in the rsso-agent.properties file.

Tomcat of Remedy MidTier hangs after integration

After integration of Remedy SSO with Remedy MidTier, the Tomcat on which Remedy MidTier is installed hangs.

Workaround:

  1. Stop the Tomcat on which BMC MidTier is installed.
  2. Add the following parameters for jvm in the JAVA_OPTS / CATALINA_OPTS variable (for example in the tomcat catalina.sh file).
    • -XX:MaxPermSize
    • -XX:-UseCompressedOops
    • -XX:+UseConcMarkSweepGC
  3. Set the number of HTTP sessions to 600 if Remedy SSO and Remedy MidTier are running on independent Tomcats and if they are running on the same Tomcat, set the number of connections to 1800. The sessions are set in the Tomcat folder conf/server.xml, maxThreads property on connector configuration. An example is as follows:

     <Connector port="18080" protocol="HTTP/1.1"
     connectionTimeout="20000"
     redirectPort="18443"
     maxThreads="1800" />
  4. Restart the Tomcat on which Remedy MidTier is installed.

BMC Smart IT or BMC MyIT 2.6 integration issues

Installer does not authenticate the user during integration

During integration with BMC Smart IT or BMC MyIT 2.6, Remedy SSO does not authenticate the admin user and prompts you with a warning message.

Perform the following workaround to complete the integration.

Workaround:

  1. After entry of user credentials, Remedy SSO installer displays a warning message ("An error occurred while checking provided user's credentials."). Ignore the error and proceed with the rest of the integration steps.
  2. After the integration, go to SmartIT database table 'SmartIT_System.TENANT' and make sure that the value of column 'SAML_AUTHENTICATION' value is True(1).

Related topics

Orientation

Troubleshooting

Was this page helpful? Yes No Submitting... Thank you

Comments