PowerProtect Data Manager – Neukonfiguration von OKTA SSO nach dem Upgrade
Summary: OKTA SSO funktioniert nach dem PowerProtect Data Manager-Update von 19.13 auf 19.14 nicht. Hotfix wird auf PowerProtect Data Manager 19.13 als (PPDMESC-3304) angewendet
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
aaa.log:
./aaa.2023-08-23.0.log.gz:org.springframework.security.oauth2.jwt.JwtException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching keys found
Cause
Der Fehler in aaa.log:
2023-08-24T07:39:26.964Z ERROR [] [https-jsse-nio-9090-exec-1] [][][][TRACE_ID:97d2704ca1652f50][] [c.e.b.a.s.s.DefaultSsoService.lambda$1(71)] - SSO login issue: {}
org.springframework.security.oauth2.jwt.JwtException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching keys found
Dies bedeutet, dass AAA HS256 erwartet, was die Standardeinstellung ist, aber OKTA gibt immer eine RS256-Signatur zurück.
Resolution
- Melden Sie sich bei PowerProtect Data Manager ssh an.
cd /usr/local/brs/lib/aaa/configvim application-sso.properties- Überprüfen Sie, ob die Variable aaa.sso.client.alg=RS256 ist, wenn nicht, wechseln Sie von HS256 zu RS256.
- Beenden Sie vim (:wq!)
- AAA-Neustart
Article Properties
Article Number: 000218197
Article Type: Solution
Last Modified: 18 Mar 2025
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.