cancel
Showing results for 
Search instead for 
Did you mean: 

rest service authenticatoin issue after upgrade from BP6.4.3 to BP.610.2

marco.pogliaghi
Level 3
Hi, I ran in this issue after updating from BP6.4 to 6.10: I usually made some calls to rest services, something of this type:
      https://ROBOT:PORT/user name USER&password PWD&status
after the 6.10 upgrade this call did not worked anymore: I had an "AUTHENTICATION FAILED" response on the password step (and then a  "USER NOT SET"), also if I postposed to the USER, my company's domain, like:
            https://ROBOT:PORT/user name USER@COMPANY.COM&password PWD
I obtained a:
Could not find active password for user USER@COMPANY.COM
(and SOAP web services, restartyed to work using the new  USER@COMPANY.COM user)
Do someone of you encountered (and hopefully solved) this same problem?
Thank you,
     marco

------------------------------
Marco Oreste Pogliaghi
------------------------------
4 REPLIES 4

John__Carter
Staff
Staff
Hi Marco - is it related to this setting that was introduced between 6.4 and 6.10, and is enabled by default.
34282.png
This is from the Help:

Session management enforces permissions of controlling user

Enabled by default. When enabled, when session control actions are requested the permissions of the controlling user will be validated. If disabled, the session control actions validate the permissions of the account used to authenticate the runtime resource against the environment.

It is recommended that this setting is enabled. When enabled, the create, start and delete resource pc commands are no longer valid. They are replaced by the commands: createas, startas, deleteas



------------------------------
John Carter
Professional Services
Blue Prism
------------------------------

Hi John, thank you for your reply, I'm not sure it applies to my case: I've the error just on authentication, far before asking for any other action.
I've tried without the flag, and the issue remains unaltered:
    https://ROBOT:PORT/user name USER&password PWD
returns
    USER SET
    AUTHENTICATION FAILED
while 
    https://ROBOT:PORT/user name USER@COMPANY.COM&password PWD
returns:
    USER SET
    Could not find active password for user svc_svc_aurora_uat@db.com
The issue seems more related to some default use of domain suffix or user type, also, it is strange that "getCredential" authenticates the "USER@COMPANY.COM" (and no more the "USER" as in 6.4).
Is there some other default changed? Which different authentication steps do the rest service and the getCredential action?
Maybe the rest service does not authenticate no more system users?
Or there is some defaults changed or that have to be considered in managing of users (I see BPAUser table is a bit different from 6.4 to 6.10)
Thank you,
     marco


------------------------------
Marco Oreste Pogliaghi
------------------------------

Hi Marco - without knowing how your environment is set up it's hard for me to help, and it might be more productive to raise a Support ticket. But if your environment is set up for native authentication (and not SSO) then I guess the first thing is to confirm that you are using the correct user name and password, and that you can manually log into the BP UI. I know this sounds obvious but it is a necessary 'sanity' check.

------------------------------
John Carter
Professional Services
Blue Prism
------------------------------

Hi John. just for a report it seems that the error was due to a misconfiguration that permitted dual authentication (both SSO and native), after being returned to the 6.4 image and redone the promotion with only SSO authentication, it worked.
Thanks,
      marco

------------------------------
Marco Oreste Pogliaghi
------------------------------