Failed to see the Edit in Docs button and the New button in Files because of SSO issue
Find out how to modify the SSO configuration that caused failure to see Edit in Docs and New button in Files.
Problem
After HCL Docs is installed, users cannot see the New button or the Edit in Docs button in Files, and SystemOut.log shows the following SSO configuration error: :
[5/18/15 16:23:33:449 CST] 000000d4 SSOValidator E com.ibm.connections.httpClient.SSOValidator getSSODomain SONATA:
hostname can not be programmatically found!
[5/18/15 16:23:33:450 CST] 000000d4 SSOValidator E com.ibm.connections.httpClient.SSOValidator getSSODomain SONATA:
please use JVM argument 'com.ibm.connections.sonata.sso.host.name' to set hostname,
[5/18/15 16:23:33:451 CST] 000000d4 SSOValidator E com.ibm.connections.httpClient.SSOValidator getSSODomain SONATA:
or set the SSO domain name via WebSphere Integrated Solutions Console.
[5/18/15 16:23:33:452 CST] 000000d4 LotusConnecti W Exception happens while searching user by directory service
according to s2s call user id
com.ibm.connections.directory.services.exception.DSException:
com.ibm.connections.directory.services.exception.DSOutOfServiceException: java.lang.NullPointerException
at com.ibm.connections.directory.services.engine.WPISearchEngine.searchProfiles(WPISearchEngine.java:74)
at com.ibm.connections.directory.services.engine.WPISearchEngine.searchProfile(WPISearchEngine.java:46)
at com.ibm.connections.directory.services.component.WPIUserServices.searchUserByExactIdMatch(WPIUserServices.java:122)
at com.ibm.connections.directory.services.provider.VMMServiceProviderWPIEx.searchDSObjectByExactIdMatch
(VMMServiceProviderWPIEx.java:77)
at com.ibm.concord.lc3.auth.LotusConnectionsAuth.doFilter(LotusConnectionsAuth.java:228)
at com.ibm.concord.lc3.auth.LotusConnectionsAuth.doFilter(LotusConnectionsAuth.java:174)
at com.ibm.concord.filters.SessionUserFilter.doFilter(SessionUserFilter.java:68)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
at com.ibm.concord.filters.HttpSettingsFilter.doFilter(HttpSettingsFilter.java:91)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
at com.ibm.concord.filters.VersionCheckFilter.doFilter(VersionCheckFilter.java:36)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:195)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:960)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1064)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3878)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:304)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:981)
at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1662)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:200)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:461)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:528)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:314)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:285)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators
(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture$1.run(AsyncChannelFuture.java:205)
Caused by: com.ibm.connections.directory.services.exception.DSOutOfServiceException: java.lang.NullPointerException
at com.ibm.connections.directory.services.engine.DSXSearchEngine.search(DSXSearchEngine.java:185)
at com.ibm.connections.directory.services.engine.WPISearchEngine.searchProfiles(WPISearchEngine.java:65)
... 31 more
Caused by: java.lang.NullPointerException
at com.ibm.connections.httpClient.WASSecurityUtil.createLTPACookie(WASSecurityUtil.java:105)
at com.ibm.connections.httpClient.DefaultAuthenticator.doCreationOfLTPACookies(DefaultAuthenticator.java:108)
at com.ibm.connections.httpClient.DefaultAuthenticator.authenticate(DefaultAuthenticator.java:63)
at com.ibm.connections.httpClient.ServerToServerHttpClient.getAuthCookie(ServerToServerHttpClient.java:253)
at com.ibm.connections.httpClient.ServerToServerHttpClient.getReady(ServerToServerHttpClient.java:350)
at com.ibm.connections.httpClient.ServerToServerHttpClient.executeMethod(ServerToServerHttpClient.java:175)
at com.ibm.connections.directory.services.engine.DSXSearchEngine.search(DSXSearchEngine.java:163)
... 32 more
Cause
SSO is not configured correctly for HCL Connections and HCL Docs, and this causes a Docs entitlement checking failure when logging in to Files.
Resolving the problem
- Configure SSO in WebSphere Integrated Solutions Console.
- Log in to the WebSphere Integrated Solutions Console.
- Click and go to applications and infrastructure.
- Under Authentication, expand Web and SIP security, and then select Single sign-on.
- Select the Enabled check box.
- Type your domain name in the Domain name field, ensuring that you add a dot (.) before the domain name, for example, .acme.com.
- Enable Interoperability mode.
- Enter LtpaToken' in the LTPA V1 cookie name field.
- Enter LtpaToken2 in the LTPA V2 cookie name field.
- Select Web inbound security attribute propagation.
- Select Set security cookies to HTTPOnly to help prevent cross-site scripting attacks.
- Click OK to save the setting.
- Restart the Deployment Manager, node agent and Docs server or cluster.