This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA® Access Manager Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by RSA Access Manager experts.

Errors 'Server Timeout' and 'User TIME's access is denied' with RSA Access Manager and RSA SecurID

Article Number

000016941

Applies To

RSA Product: Access Manager 
RSA Product/Service Type: Authentication Manager, java api jar rsa-authapi-java-8.1.1.jar
RSA Version/Condition: 6.x

 

Issue

The following errors are seen in RSA Access Manager with RSA SecurID:

Server Timeout
User TIME's access is denied

RSA SecurID authentication does not work. When the aserver is placed in debug mode using the options -DDEBUG=SECURID, on initial test server message the following is logged:

2013-06-28 11:18:53,765 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - e.a():? - currentServer.checkIP
2013-06-28 11:18:53,767 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - Sending 124 bytes to 10.137.127.25; contents:
67 5 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 
0
2013-06-28 11:18:53,768 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.b():? - Enterring getResponse
2013-06-28 11:18:53,769 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - Enterring getTimeoutValue(AceRequest AceTimeRequest[Abstrac
tAceRequest[ hdr=AcePacketHeader[Type=103 Ver=5 AppID=2 Enc=NOT-ENCRYPTED Hi-Proto=5 Opt=0 CirID=0] created=1372439933765 trailer=null] response=none])
2013-06-28 11:18:53,770 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - authRequest is an instance of AceTimeRequest
2013-06-28 11:18:53,771 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - Enterring getTimeoutValue(AceTimeRequest AceTimeRequest[Abs
tractAceRequest[ hdr=AcePacketHeader[Type=103 Ver=5 AppID=2 Enc=NOT-ENCRYPTED Hi-Proto=5 Opt=0 CirID=0] created=1372439933765 trailer=null] response=none])

2013-06-28 11:18:53,772 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - offset: 200
2013-06-28 11:18:53,772 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - increment: 100
2013-06-28 11:18:53,772 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.a():? - consecutive suspensions: 6
2013-06-28 11:18:53,773 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.b():? - Timeout is 800
2013-06-28 11:18:53,774 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - b.b():? - Current retries: 0
2013-06-28 11:18:54,444 DEBUG [pool-5-thread-1] com.rsa.authagent.authapi.logger.b  - e.a():? -  Server Timeout : AcmServerInfo[ serverAddress = 10.137.127
.25 addressStatus = 44 serverStatus = 17 aliases =  aliasOptions = 0 consecutiveSuspensions = 6 averageNetTurnaround = 0 worstNetTurnaround = 0 lastTimeUse
d = 0 runPriority = 10 sdoptsPriority = 0 suspendTime = 1372437993250]

 

Additional error messages for this failure are as follows:

2013-06-28 11:21:39,749 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b  - b.b():? - receive timeout: java.net.SocketTimeoutException: Receive t
imed out
2013-06-28 11:21:39,750 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b  - a.b():? - Error receiving request: com.rsa.ace.techservice.udpserver.
a: Error receiving packet Timeout: java.net.SocketTimeoutException: Receive timed out
2013-06-28 11:21:39,750 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b  - a.a():? - Response status is: 1
2013-06-28 11:21:39,750 DEBUG [pool-7-thread-1] com.rsa.authagent.authapi.logger.b  - a.a():? - Authenticaton failed for TIME !
2013-06-28 11:21:39,750 WARN  [pool-7-thread-1] com.rsa.authagent.authapi.logger.c  - User TIME's access is denied.

Cause

 The Access Manager server which uses the Authentication Manager api jar was on a multihomed host and the Authentication API client is unable to bind to Authentication Manager.

Resolution

You must set the correct IP address from which the authentication will be sent (the IP address of the Access Manager authentication server) in either the aserver.conf or the auth api jar file's rsa_api.properties file.IP.

In the aserver.conf:

cleartrust.aserver.authn.securid_agent_host=

In rsa_api.properties file:

#RSA Authentication API Properties
#Override Host IP Address
RSA_AGENT_HOST=xxx.xxx.xxx.xxx

Notes

 In the context mentioned in this solution, the User TIME is not a real user or the user that tried to authenticate. It is indicating a timeout on the test server message.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 04:23 PM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.