Sean Flaherty 2 Posted January 19, 2022 Share Posted January 19, 2022 Hello, We are testing our upgrade from 10.10 to 11.4 and are getting the following error when trying to connect a Spotfire 11.4 Analyst to the new server. The user is able to log in to the web client without an issue with the same credentials. Error message: Could not log in. Please try again. Could not authenticate user 'xxx'. AuthenticationException at Spotfire.Dxp.Services: Could not authenticate user 'xxx'. (HRESULT: 80131501) Stack Trace: at Spotfire.Dxp.Services.Authenticator.Authenticate(SpotfireIdentity identity, PrincipalProvider provider, Boolean disposePrincipalOnFailedLogin) at Spotfire.Dxp.Loader.LoginHandler.TryPerformLogin(LoginInfo chosenLogin, LoginError& error) ServiceException at Spotfire.Dxp.Services: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Bearer realm="SpotfireRealm",SF-Web location="/spotfire/auth/web/initiate",BASIC realm="SpotfireRealm"'. (HRESULT: 80131509) Stack Trace: at Spotfire.Dxp.Services.WcfSoapService`2.InvokeService[T](Func`1 serviceMethod, String customMethodNameForLogging) at Spotfire.Dxp.Services.Authenticator.Authenticate(SpotfireIdentity identity, PrincipalProvider provider, Boolean disposePrincipalOnFailedLogin) MessageSecurityException at mscorlib: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Bearer realm="SpotfireRealm",SF-Web location="/spotfire/auth/web/initiate",BASIC realm="SpotfireRealm"'. (HRESULT: 80131501) Stack Trace: Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory`1 factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Spotfire.Dxp.Services.TssSoapServices.LoginService.login(login request) at Spotfire.Dxp.Services.TssSoapServices.LoginServiceClient.login() at Spotfire.Dxp.Services.WcfSoapService`2.InvokeService[T](Func`1 serviceMethod, String customMethodNameForLogging) WebException at System: The remote server returned an error: (401) Unauthorized. (HRESULT: 80131509) Stack Trace: at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) Kind regards, Sean Link to comment Share on other sites More sharing options...
Fredrik Rosell Posted January 25, 2022 Share Posted January 25, 2022 Hello, What is the public address of your Spotfire Server and does that match the server address you use to login in TIBCO Spotfire Analyst (if you are upgrading from 10.10, I assume you want your Analysts to continue using the old server address). If it doesn't match, I recommend updating the public address to match, restart the server service, then try again. How to set public address https://docs.tibco.com/pub/spotfire_server/11.4.4/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/set-public-address.html (you can also configure that using the Configuration Tool) How to check public address https://support.tibco.com/s/article/How-to-check-the-Public-Address-URL-configured-on-TIBCO-Spotfire-Server-using-a-Troubleshooting-bundle If doing this doesn't address the issue, I suggest that you open a support case on https://support.tibco.com. When doing that, it could help you include a troubleshooting bundle (recreate the issue again, then download the troubleshooting bundle): https://docs.tibco.com/pub/spotfire_server/11.4.4/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/creating_a_troubleshooting_bundle.html) Best Regards Fredrik Link to comment Share on other sites More sharing options...
Sean Flaherty 2 Posted January 27, 2022 Author Share Posted January 27, 2022 Thank you Fredrik,I did validate that the public-address was set correctly but still no success. A bit more information, I took a backup of our existing database, restored and used the upgradetool.bat. I did not copy the configuration from the previous installation as it is the same database. Upgrade completed without issue. All users are able to log in with the web client.The admin user gets the error message above. Other users get a simple password is incorrect error (even though I can login with that combination username/password on the web client).Error message: Username or password is incorrect.AuthenticationException at :Could not authenticate with server to get tokens. Error (invalid_grant): Invalid username/password. (HRESULT: 80131501)Stack Trace:WebException at System:The remote server returned an error: (400) Bad Request. (HRESULT: 80131509)Stack Trace: at System.Net.HttpWebRequest.GetResponse() at Spotfire.Dxp.Services.Http.SpotfireRequest.ExecuteNonSpotfireServerRequestWithRetry(Boolean allowRetryToCauseDuplicateRequests, Func`1 requestCreator, Int32 maxNoOfRetry, Nullable`1 retryDelay, Action checkCancel) at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.TryExecuteTokenRequest(Action`1 requestAction, Boolean getRefreshToken, Boolean isPasswordRequest, String defaultScope, String& authToken, String& refreshToken, String& scope, Exception& error) Kind regards, Sean Link to comment Share on other sites More sharing options...
Fredrik Rosell Posted January 28, 2022 Share Posted January 28, 2022 Thank you for that additional information. I would definitely recommend a support case, so this can be investigated in more detail. Best Regards Fredrik Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now