RSA SecurID Access Cloud Authentication Service authentication fails with HTTP 500 Internal Server error
Originally Published: 2018-04-05
Article Number
Applies To
RSA Product/Service Type: Identity Router
RSA Version/Condition: all
Issue
It is very important to capture this type of problem happening while the Identity Routers (IDRs) are set to Debug level logging.
Cause
- An HTTP 500 Internal Server Error is defined as part of the HTTP protocol standard and is returned by an HTTP server to the HTTP client (usually, a web browser) when "...the [HTTP] server encountered an unexpected condition that prevented it from fulfilling the request." (RFC 7231). HTTP 500 is a generic error code that requires further investigation to try to determine what the condition actually was that triggered it.
- If HTTP 500 is encountered during an authentication with the RSA Cloud Authentication Service, it may have originated from either the RSA Identity Router, or the application that the user is attempting to access, or another server that is participating in the authentication process.
- This article focuses on investigating the RSA Identity Routers as the possible source of an HTTP 500 error. Additional steps outside the scope of this article may be required to check for possible issues with the application and other non-RSA servers.
Workaround
- Set all RSA Identity Routers (IDRs) in the deployment into Debug logging mode. See the RSA Cloud Administration Console online help for instructions to Set the Identity Router Logging Level.
- Reproduce the problem one or more times while the IDRs are in Debug logging mode. Note the date and time this was done.
- Capture a screenshot of the HTTP 500 error shown in the end user's web browser, and be sure that the screenshot includes both the page content and the URL shown at the top of the browser page.
- reboot / restart any or all of the IDRs, to see if that fixes the issue
- backout any recent configuration changes made in the RSA Cloud Administration Console, and publish
Don't forget to set the IDRs back to Standard logging mode when you have finished gathering data.
For further assistance, contact RSA Support and provide bundle logs from all IDRs in the deployment; date, time and timezone the issue was reproduced; screenshots of the HTTP 500 error in the web browser; plus other items as advised by the RSA Knowledgebase article Troubleshooting end user authentication failures with the RSA SecurID Access Cloud Authentication Service .
Related Articles
Internal Server Error displays when logging in to the RSA SecurID Access portal Number of Views Entering login credentials into Entitlement Manager (admingui) returns a 500 internal server error Number of Views Data purging fails with "ORA-20001: No jobs were found to delete" in RSA Identity Governance & Lifecycle 7.1.1 Number of Views How to hide deleted users from the Users Section of the UI in RSA Via Lifecycle and Governance Number of Views How to define a Request Button in RSA Identity Governance & Lifecycle to allow single or multiple user selection based on … Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
