Generic REST Collector fails with 'Access token has expired' error in RSA Identity Governance & Lifecycle
Originally Published: 2020-04-22
Article Number
Applies To
RSA Version/Condition: 7.2.0
Issue
The following errors are seen in the aveksaServer.log file ($AVEKSA_HOME/wildfly/standalone/log/aveksaServer.log):
com.aveksa.server.runtime.ServerException: Test request failed with response: com.aveksa.server.runtime.ServerException: com.aveksa.common.DataReadException: com.aveksa.client.genericrest.GenericRestException: CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", "innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } . Caused by com.aveksa.client.genericrest.GenericRestException: CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", "innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } Caused By Stack com.aveksa.common.DataReadException: com.aveksa.client.genericrest.GenericRestException: CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", "innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } at com.aveksa.collector.generic.rest.adc.GenericRESTAccountDataIterator.next(GenericRESTAccountDataIterator.java:71) at com.aveksa.client.datacollector.collectors.accountdatacollectors.AccountDataCollector.collectData(AccountDataCollector.java:422) at com.aveksa.client.datacollector.collectors.accountdatacollectors.AccountDataCollector.collect(AccountDataCollector.java:302) at com.aveksa.client.datacollector.collectors.accountdatacollectors.AccountDataCollector. collectTestData(AccountDataCollector.java:277) at com.aveksa.client.datacollector.framework.DataCollectorManager.collect(DataCollectorManager.java:481) at com.aveksa.client.component.collector.DefaultCollectorManager.actUpon(DefaultCollectorManager.java:204) at com.aveksa.client.component.collector.DefaultCollectorManager.handle(DefaultCollectorManager.java:102) at com.aveksa.client.component.event.DefaultEventManager.handle(DefaultEventManager.java:75) at com.aveksa.client.datacollector.framework.SimpleEventSource.notifyListeners(SimpleEventSource.java:67) at com.aveksa.client.component.communication.DefaultCommunicationManager.notifyEvent(DefaultCommunicationManager.java:377) at com.aveksa.client.component.communication.ChangeListHandler.applyChanges(ChangeListHandler.java:364) at com.aveksa.client.component.communication.ChangeListHandler.access$300(ChangeListHandler.java:58) at com.aveksa.client.component.communication.ChangeListHandler$ChangeApplyingRunnable.run(ChangeListHandler.java:275) at java.lang.Thread.run(Thread.java:748) Caused by: com.aveksa.client.genericrest.GenericRestException: CONNECTION_FAILED_WITH_STATUS_CODE 401 { "error": { "code": "InvalidAuthenticationToken", "message": "Access token has expired.", "innerError": { "request-id": "b25694d1-4b31-4e1c-91f7-2c716db96bb6", "date": "2020-04-13T16:03:39" } } } at com.aveksa.client.genericrest.GenericRestException.connectionError(GenericRestException.java:108) at com.aveksa.client.genericrest.postprocessor.impl.GenericRESTPostprocessorImpl. validateResponse(GenericRESTPostprocessorImpl.java:204) at com.aveksa.client.genericrest.postprocessor.impl.GenericRESTPostprocessorImpl. getParsedData(GenericRESTPostprocessorImpl.java:89) at com.aveksa.client.genericrest.GenericRESTClient.executeTestCollection(GenericRESTClient.java:173) at com.aveksa.collector.generic.rest.adc.GenericRESTAccountDataIterator.collectAccountData(GenericRESTAccountDataIterator.java:155) at com.aveksa.collector.generic.rest.adc.GenericRESTAccountDataIterator.next(GenericRESTAccountDataIterator.java:68) ... 13 more End Stack
Please refer to RSA Knowledge Base Article 000067335 -- Artifacts to gather in RSA Identity Governance & Lifecycle to find the location of the aveksaServer.log for your specific deployment if you are on a WildFly cluster or a non-WildFly platform. The aveksaServer.log may also be downloaded from the RSA Identity Governance & Lifecycle user interface (Admin > System > Server Nodes tab > under Logs.)
Cause
(Collectors > {Collector Type} > {Collector Name} > Edit > Next > Connection Details > Response Timeout (milliseconds)
Resolution
This issue is resolved in the following versions:
- RSA Identity Governance & Lifecycle 7.2.0 P06
- RSA Identity Governance & Lifecycle 7.2.1 P02
- RSA Identity Governance & Lifecycle 7.5.0
Related Articles
Unable To Delete Unassigned Expired Token Number of Views Generic REST Collector problems with Authentication (OAuth2, Bearer Token or Basic Authentication) in RSA Governance & Lif… Number of Views RSA Authentication Manager 8.x web tier shows session expired error Number of Views Generic REST Collector ignores Proxy setting in RSA Identity Governance & Lifecycle Number of Views Generic REST Collector fails with 'com.aveksa.client.genericrest.GenericRestException: UNEVEN_JSON_PATH_CONFIGURATION' in … Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
