SAP Knowledge Base Article - Public

2204915 - After configuring SSO cannot access BI launchpad on the server error "HTTP status 500 bad tag encountered: 78

Symptom

  • Full error "HTTP Status 500 - com.wedgetail.idm.sso.ProtocolException: com.wedgetail.idm.spnego.server.SpnegoException: com.dstc.security.util.asn1.Asn1Exception: Bad tag encountered: 78" after enablign SSO on BI 4.x
  • BI launchpad worked fine before enabling SSO
  • SSO works from client machine.

Environment

SAP BusinessObjects Business Intelligence Platform 4.x 4.0 4.1 all SP's 

 

Reproducing the Issue

follow KBA 1631734 and enable SSO in BI

Cause

  • kerberos SSO cannot be performed with the vintela libraries on the BI server, sometimes a work around of using the IP address will get past this, but it should be assumed SSO must be bypassed on the BI server with web/app installed
  • Microsoft by default will not allow kerberos SSO when there are no network hops (basically if SSO is not attempted from client to server it reverts to NTLM which faile on BI)

Resolution

use the logonnosso option http://biserver:port/BOE/BI/logonNoSso.jsp on the server and login manually

Keywords

zie single sign on sign-on automatic logon  , KBA , BI-BIP-AUT , Authentication, ActiveDirectory, LDAP, SSO, Vintela , Problem

Product

SAP Crystal Server 2013