11 Replies Latest reply on Feb 19, 2015 2:09 AM by Vinayak Dhok

    SecurID authentication stopped working: "Authentication service may have closed the connection.."

    Sami Halonen

      We've been using SecurID authentication happily for a few months now with little to no problems.. until this morning. I did some fiddling with NSH proxy settings in blasadmin and restarted BSA services on our two conf/NSH proxy servers. After this, no-one can authenticate using SecurID. Error message says "A network error has occurred. The authentication service may have closed the connection due to a long period of inactivity." Funny thing is, dumping the network traffic on the BL server, there are no connection attempts towards the RSA servers whatsoever. Also, in test environment (which uses the exact same RSA servers) authentication works fine.

       

      The environment is BSA 8.3 SP2 on Windows 2008 R2. Test environment is 8.5 SP1.

       

      App server log looks like this:

       

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [WARN] [::81.22.166.42] [Appserver] User TIME's access is denied.

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [WARN] [::81.22.166.42] [Appserver] No Server available

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [WARN] [::81.22.166.42] [Appserver] Error ocurred during SecurID authentication while in the IDLE state.

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [WARN] [::81.22.166.42] [Appserver] Few things to check. 1-is the sdconf.rec valid and configured in blasadmin

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [WARN] [::81.22.166.42] [Appserver]                      2-is the server registered as an agent with RSA security manager and enabled?

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [WARN] [::81.22.166.42] [Appserver] com.rsa.authagent.authapi.AuthAgentException: No Server available

      com.bladelogic.om.infra.mfw.util.BlException: com.rsa.authagent.authapi.AuthAgentException: No Server available

        at com.bladelogic.sso.protocol.securid.SecurIdServiceStateMachine.consume(SecurIdServiceStateMachine.java:216)

        at com.bladelogic.om.infra.auth.service.AuthSvcConnection.handleAuthRequest(AuthSvcConnection.java:173)

        at com.bladelogic.om.infra.auth.service.AuthSvcWorkerThread.execute(AuthSvcWorkerThread.java:63)

        at com.bladelogic.om.infra.auth.service.AuthSvcWorkerThread.execute(AuthSvcWorkerThread.java:17)

        at com.bladelogic.om.infra.app.service.thread.BlBlockingThread.run(BlBlockingThread.java:95)

      Caused by: com.rsa.authagent.authapi.AuthAgentException: No Server available

        at com.rsa.authagent.authapi.authmsg.AUTHa2.a(Unknown Source)

        at com.rsa.authagent.authapi.AUTHaz.<init>(Unknown Source)

        at com.rsa.authagent.authapi.AuthSessionFactory.createUserSession(Unknown Source)

        at com.bladelogic.sso.protocol.securid.SecurIdServiceStateMachine.consume(SecurIdServiceStateMachine.java:153)

        ... 4 more

      [03 Sep 2014 13:45:03,514] [Authentication-Service-Thread-1] [INFO] [::81.22.166.42] [Appserver] Authentication Connection closed

       

      And SecurID log looks like this:

       

      2014-09-03 11:34:47,901] WARN Authentication-Service-Thread-2 - User TIME's access is denied.

      [2014-09-03 11:36:17,510] WARN Authentication-Service-Thread-1 - User TIME's access is denied.

      [2014-09-03 11:36:21,853] WARN Authentication-Service-Thread-2 - User TIME's access is denied.

      [2014-09-03 11:36:25,494] WARN Authentication-Service-Thread-0 - User TIME's access is denied.

      [2014-09-03 13:45:03,514] WARN Authentication-Service-Thread-1 - User TIME's access is denied.

       

      and so on..

       

      Sdconf.rec file still exists, although I haven't verified the file contents. Would be almost impossible for the file to get corrupted on both servers at the same time. Secondly, who is this "TIME" user? I'm totally confused and have pretty much no idea where to start troubleshooting this. Any help would be greatly appreciated.