SAP Knowledge Base Article - Preview

3251221 - SSO from Analytic Office to HANA failed with error: Unable to verify XML signature(StatusCode: , StatusMessage: )

Symptom

You have followed SAP Documents to configure SSO from AO to HANA.
The SSO failed with error: Unable to verify XML signature(StatusCode: , StatusMessage: )

Review the HANA SSO debug traces (Note 2083682 and KBA 2434356), found below error messages:

[000000]\{00000\}[0/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00276) : libxmlsec ERROR
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00277) : file: /data/jenkins_prod/workspace/awduyghiom/s/Authentication/extern/libxmlsec/xmlsec_hdb/impl/x509vfy.cc
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00278) : line: 208
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00279) : func: xmlSecHDBX509StoreVerify
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00280) : errorObject: x509-store
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00281) : errorSubject: 
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   SAMLAuthenticator.cpp(00282) : reason: 71
......
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS i Authentication   SAMLAuthenticator.cpp(00398) : Unable to verify XML signature
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS i Authentication   MethodSAML.cpp(00103) : unsuccessful login attempt with SAML ticket!
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   ManagerAcceptor.cpp(00339) : evaluate failed for method: SAML
[000000]\{00000\}[00/-1] YYYY-MM-DD HH:MM:SS d Authentication   Authenticate.cc(00489) : exception during authentication: ERROR [CODE-4230] Invalid assertion: Unable to verify XML signature(StatusCode: , StatusMessage: )

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.


Read more...

Environment

  • Analysis Office
  • SAP HANA Database

Product

SAP HANA 1.0, platform edition ; SAP HANA, platform edition 2.0

Keywords

AO, SSO, SAML, CMC, authentication failed, XML signature, , KBA , HAN-DB-SEC , SAP HANA Security & User Management , BI-BIP-AUT , Authentication, ActiveDirectory, LDAP, SSO, Vintela , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.