SAP Knowledge Base Article - Preview

3528216 - Unable to login into Backoffice via SSO after the patch release 2211.28

Symptom

After the 2211.28 version, some users cannot log in to Backoffice via SSO. 

  • In some cases, the exception can be found in the Backend/Kibana like below:
    kubernetes.pod_name: backoffice-*****-****
    logs.level: ERROR
    logs.thrown.message: de.hybris.platform.persistence.security.***PasswordEncoder is deprecated and cannot be used anymore!
    logs. thrown.name: de.hybris.platform.persistence.security.EJBPasswordEncoderDeprecatedException
              
  • But in some cases, no exception exists in the Backend/kibana.

Note: As the SAP Official Help doc: Upgrading to 2211.47 mentioned, in the 2211.47 Commerce version, old insecure password encoders are removed from code, and there is no possibility to switch back to the legacy mode. Please make sure upgrade the password encoder from legacy methods to argon2 before upgrading to 2211.47 version. 


Read more...

Environment

  • SAP Commerce Cloud 2211.28 to 2211.46
  • SAP Commerce 2211.28 to 2211.46

Product

SAP Commerce Cloud 2211 ; SAP Commerce all versions

Keywords

SSO, Security, Password, password hashing algorithms, deprecate, MD5, salted MD5, PBKDF2, PBKDF2 with HMAC-SHA1 salted, plain text, SHA-1, SHA-256, SHA-512, re-hash, customer, employee , KBA , CEC-SCC-PLA-PL , Platform , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.