This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

'There was a problem processing your request' error when attempting to delete expired tokens in RSA Authentication Manager 8.x

Article Number

000035368

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
 

Issue

"There was a problem processing your request. 
Unexpected error during command com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand execution." error when trying to delete expired tokens from Security Console.

System Activity Monitor (Reporting > Real Time Activity Monitor > System Activity Monitor or Reporting > Reports > Add New > System Activity) shows the following error: 
com.rsa.common.UnexpectedDataStoreException: org.springframework.dao.DataIntegrityViolationException: 
could not delete: [com.rsa.authmgr.internal.admin.tokenmgt.dal.Token#937abd321500f70a147e58a59bd04dc4]; 
SQL [delete from AM_TOKEN where ID=? and ROW_VERSION=?]; constraint [fk_am_replacing_tkn_id]; 
nested exception is org.hibernate.exception.ConstraintViolationException: 
could not delete: [com.rsa.authmgr.internal.admin.tokenmgt.dal.Token#937abd321500f70a147e58a59bd04dc4], 
at com.rsa.authmgr.internal.admin.common.dal.sql.DataObjectAccessSql.delete(DataObjectAccessSql.java:342), 
at com.rsa.authmgr.internal.admin.tokenmgt.dal.sql.TokenAccessSQL.delete(TokenAccessSQL.java:124), 
at com.rsa.authmgr.internal.admin.tokenmgt.impl.TokenAdministrationImpl.delete(TokenAdministrationImpl.java:583), 
at com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand$Executive.execute(DeleteTokensCommand.java:36), 
at com.rsa.authmgr.admin.tokenmgt.DeleteTokensCommand.performExecute(DeleteTokensCommand.java:113), 
at com.rsa.command.LocalTarget.executeCommand(LocalTarget.java:119), 
at com.rsa.ims.command.LocalTransactionalCommandTarget.access$0(LocalTransactionalCommandTarget.java:1), 
at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:268), 
at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:1), 
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:131), 
at com.rsa.ims.command.LocalTransactionalCommandTarget.executeCommand(LocalTransactionalCommandTarget.java:260), 
at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:933), 
at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:1), 
at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113), 
at com.rsa.security.SecurityContext.doAs(SecurityContext.java:439), 
at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:445), 
at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:373), 
at com.rsa.command.CommandServerBean.executeCommand(CommandServerBean.java:89), 
at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.__WL_invoke(Unknown Source), 
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:34), 
at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.executeCommand(Unknown Source), 
at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl_WLSkel.invoke(Unknown Source),
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:701), 
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:231), 
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:527), 


 

Resolution

  1. SSH to the primary using rsaadmin account.
  2. Navigate to utils: 
    cd /opt/rsa/am/utils
  3. Type the following command to get the database password and when prompted, enter the OC Administrator username and password: 
    ./rsautil manage-secrets -a get com.rsa.db.dba.password
  4. Navigate to bin: 
    cd ../pgsql/bin
  5. Type the following command to access the database and when prompted, enter the password that you get from step 3: 
    ./psql -h localhost -p 7050 -d db -U rsa_dba
  6. List the expired token serial number and its replacement using the token id in the log message: 
    select serial_number , replace_token_sn  from am_token where id ='937abd321500f70a147e58a59bd04dc4';
  7. Update replacement mode value to 0 in rsa_rep.am_token table for expired token and its replacement: 
    db=# update rsa_rep.am_token set replacement_mode = 0, replace_token_sn = null, tokenreplace_updated_date = null where serial_number = '000341939762'; 
UPDATE 1 

db=# update rsa_rep.am_token set replacement_mode = 0, replace_token_sn = null, tokenreplace_updated_date = null where serial_number = '000400282186'; 
UPDATE 1
  8. Delete expired token from am_token_replacement table: 
    db=# delete from am_token_replacement where replacing_token_id='937abd321500f70a147e58a59bd04dc4';
DELETE 1
  9. Delete the expired token from am_token table: 
    db=# delete from am_token where id ='937abd321500f70a147e58a59bd04dc4';
Delete 1
  10. Exit database mode: 
    \q
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 10:47 PM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.