Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000035368 - 'There was a problem processing your request' error when attempting to delete expired tokens in RSA Authentication Manager 8.x

Document created by RSA Customer Support

on Sep 4, 2017

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000035368
Applies To	RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager RSA Version/Condition: 8.x
Issue	"There was a problem processing your request. Unexpected error during command com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand execution." error when trying to delete expired tokens from Security Console. System Activity Monitor (Reporting > Real Time Activity Monitor > System Activity Monitor or Reporting > Reports > Add New > System Activity) shows the following error: com.rsa.common.UnexpectedDataStoreException: org.springframework.dao.DataIntegrityViolationException: could not delete: [com.rsa.authmgr.internal.admin.tokenmgt.dal.Token#937abd321500f70a147e58a59bd04dc4]; SQL [delete from AM_TOKEN where ID=? and ROW_VERSION=?]; constraint [fk_am_replacing_tkn_id]; nested exception is org.hibernate.exception.ConstraintViolationException: could not delete: [com.rsa.authmgr.internal.admin.tokenmgt.dal.Token#937abd321500f70a147e58a59bd04dc4], at com.rsa.authmgr.internal.admin.common.dal.sql.DataObjectAccessSql.delete(DataObjectAccessSql.java:342), at com.rsa.authmgr.internal.admin.tokenmgt.dal.sql.TokenAccessSQL.delete(TokenAccessSQL.java:124), at com.rsa.authmgr.internal.admin.tokenmgt.impl.TokenAdministrationImpl.delete(TokenAdministrationImpl.java:583), at com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand$Executive.execute(DeleteTokensCommand.java:36), at com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand.performExecute(DeleteTokensCommand.java:113), at com.rsa.command.LocalTarget.executeCommand(LocalTarget.java:119), at com.rsa.ims.command.LocalTransactionalCommandTarget.access$0(LocalTransactionalCommandTarget.java:1), at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:268), at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:1), at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:131), at com.rsa.ims.command.LocalTransactionalCommandTarget.executeCommand(LocalTransactionalCommandTarget.java:260), at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:933), at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:1), at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113), at com.rsa.security.SecurityContext.doAs(SecurityContext.java:439), at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:445), at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:373), at com.rsa.command.CommandServerBean.executeCommand(CommandServerBean.java:89), at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.__WL_invoke(Unknown Source), at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:34), at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.executeCommand(Unknown Source), at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl_WLSkel.invoke(Unknown Source), at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:701), at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:231), at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:527),
Resolution	SSH to the primary using rsaadmin account. Navigate to utils: cd /opt/rsa/am/utils Type the following command to get the database password and when prompted, enter the OC Administrator username and password: ./rsautil manage-secrets -a get com.rsa.db.dba.password Navigate to bin: cd ../pgsql/bin Type the following command to access the database and when prompted, enter the password that you get from step 3: ./psql -h localhost -p 7050 -d db -U rsa_dba List the expired token serial number and its replacement using the token id in the log message: select serial_number , replace_token_sn from am_token where id ='937abd321500f70a147e58a59bd04dc4'; Update replacement mode value to 0 in rsa_rep.am_token table for expired token and its replacement: db=# update rsa_rep.am_token set replacement_mode = 0, replace_token_sn = null, tokenreplace_updated_date = null where serial_number = '000341939762'; UPDATE 1 db=# update rsa_rep.am_token set replacement_mode = 0, replace_token_sn = null, tokenreplace_updated_date = null where serial_number = '000400282186'; UPDATE 1 Delete expired token from am_token_replacement table: db=# delete from am_token_replacement where replacing_token_id='937abd321500f70a147e58a59bd04dc4'; DELETE 1 Delete the expired token from am_token table: db=# delete from am_token where id ='937abd321500f70a147e58a59bd04dc4'; Delete 1 Exit database mode: \q

Attachments

Outcomes

0 Comments

Recommended Content