PowerProtect Data Manager - Riconfigurazione di SSO OKTA dopo l'aggiornamento
Summary: L SSO di OKTA non funziona dopo l'aggiornamento di PowerProtect Data Manager dalla versione 19.13 alla 19.14. L'hotfix viene applicato a PowerProtect Data Manager 19.13 come (PPDMESC-3304) ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
aaa.log:
./aaa.2023-08-23.0.log.gz:org.springframework.security.oauth2.jwt.JwtException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching keys found
Cause
L'errore in aaa.log:
2023-08-24T07:39:26.964Z ERROR [] [https-jsse-nio-9090-exec-1] [][][][TRACE_ID:97d2704ca1652f50][] [c.e.b.a.s.s.DefaultSsoService.lambda$1(71)] - SSO login issue: {}
org.springframework.security.oauth2.jwt.JwtException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching keys found
Significa che AAA si aspetta HS256, che è l'impostazione predefinita, ma OKTA restituisce sempre una firma RS256.
Resolution
- Accedere a SSH di PowerProtect Data Manager
cd /usr/local/brs/lib/aaa/configvim application-sso.properties- Verificare se la variabile aaa.sso.client.alg=RS256, in caso contrario passare da HS256 a RS256.
- Esci da vim (:wq!)
- Riavvio AAA
Article Properties
Article Number: 000218197
Article Type: Solution
Last Modified: 18 Mar 2025
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.