Cannot login with AveksaAdmin password after importing a database from another environment into RSA Identity Governance and Lifecycle
Originally Published: 2017-09-11
Article Number
Applies To
RSA Version/Condition: 7.0.2+
Issue
09/05/2017 12:39:56.288 ERROR (default task-16) [com.aveksa.server.authentication.AuthenticationProviderServiceImpl] Error while fetching the super admin password java.lang.IllegalStateException: An issue with handling encryption was encountered at com.aveksa.common.crypto.EncryptionMgr.decrypt(EncryptionMgr.java:507) at com.aveksa.server.authentication.AuthenticationProviderServiceImpl.loginSuperAdmin(AuthenticationProviderServiceImpl.java:615) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.checkOldPassword(ModifySystemSettingsDialogData.java:604) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.validatePassword(ModifySystemSettingsDialogData.java:445) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.validateData(ModifySystemSettingsDialogData.java:489) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.handleSubmit(ModifySystemSettingsDialogData.java:196) at com.aveksa.gui.pages.base.data.dialog.EditableDialogPageData.handleRequest(EditableDialogPageData.java:45) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.handleRequest(ModifySystemSettingsDialogData.java:179) at com.aveksa.gui.pages.PageManager.forwardRequest(PageManager.java:597) at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:340) at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:271) at com.aveksa.gui.core.MainManager.handleRequest(MainManager.java:184) at com.aveksa.gui.core.MainManager.doGet(MainManager.java:128) at com.aveksa.gui.core.MainManager.doPost(MainManager.java:420) at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) at com.aveksa.gui.core.filters.LoginFilter.doFilter(LoginFilter.java:53) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) at com.aveksa.gui.util.security.XSSFilter.doFilter(XSSFilter.java:20) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:172) at java.security.AccessController.doPrivileged(Native Method) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:169) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:748) Caused by: com.aveksa.common.crypto.EncryptionException: Value to be decrypted has no associated encryptor for its embedded key version: keyVersion[EAn]; Value[ENCAEAn(zwF...)] -- Check that the security key file is not missing at com.aveksa.common.crypto.EncryptionMgr.decrypt(EncryptionMgr.java:501) ... 53 more 09/05/2017 12:39:56.291 ERROR (default task-16) [com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData] Authentication Exception while checking for password com.aveksa.server.authentication.AuthenticationProviderServiceException: Error while doing the authentication at com.aveksa.server.authentication.AuthenticationProviderServiceImpl.loginSuperAdmin(AuthenticationProviderServiceImpl.java:667) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.checkOldPassword(ModifySystemSettingsDialogData.java:604) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.validatePassword(ModifySystemSettingsDialogData.java:445) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.validateData(ModifySystemSettingsDialogData.java:489) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.handleSubmit(ModifySystemSettingsDialogData.java:196) at com.aveksa.gui.pages.base.data.dialog.EditableDialogPageData.handleRequest(EditableDialogPageData.java:45) at com.aveksa.gui.pages.admin.system.settings.edit.ModifySystemSettingsDialogData.handleRequest(ModifySystemSettingsDialogData.java:179) at com.aveksa.gui.pages.PageManager.forwardRequest(PageManager.java:597) at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:340) at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:271) at com.aveksa.gui.core.MainManager.handleRequest(MainManager.java:184) at com.aveksa.gui.core.MainManager.doGet(MainManager.java:128) at com.aveksa.gui.core.MainManager.doPost(MainManager.java:420) at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) at com.aveksa.gui.core.filters.LoginFilter.doFilter(LoginFilter.java:53) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) at com.aveksa.gui.util.security.XSSFilter.doFilter(XSSFilter.java:20) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:172) at java.security.AccessController.doPrivileged(Native Method) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:169) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.IllegalStateException: An issue with handling encryption was encountered at com.aveksa.common.crypto.EncryptionMgr.decrypt(EncryptionMgr.java:507) at com.aveksa.server.authentication.AuthenticationProviderServiceImpl.loginSuperAdmin(AuthenticationProviderServiceImpl.java:615) ... 52 more Caused by: com.aveksa.common.crypto.EncryptionException: Value to be decrypted has no associated encryptor for its embedded key version: keyVersion[EAn]; Value[ENCAEAn(zwF...)] -- Check that the security key file is not missing at com.aveksa.common.crypto.EncryptionMgr.decrypt(EncryptionMgr.java:501) ... 53 more
Resolution
Try resetting the AveksaAdmin password from the login screen, if that option is not available on your UI login page, then please open a ticket with RSA Support.
Related Articles
Changing the Environment Name in one system causes a change in another environment in RSA Identity Governance and Lifecycle Number of Views RSA Via Lifecycle and Governance/Aveksa server will not start after environment customization Number of Views Unexpected MFA Challenge for Unchallenged Users when machines are in WORKGROUP environment Number of Views AveksaAdmin Super Account Locked or Password Lost in RSA Governance & Lifecycle Number of Views Unable to login to RSA Authentication Manager via SSH after changing operating system password to contain a backslash (\) Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
