PowerProtect Data Manager: reconfiguración de OKTA SSO después de la actualización
Summary: El SSO de OKTA no funciona después de la actualización de PowerProtect Data Manager de 19.13 a 19.14. La revisión se aplica a PowerProtect Data Manager 19.13 como (PPDMESC-3304)
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
aaa.log:
./aaa.2023-08-23.0.log.gz:org.springframework.security.oauth2.jwt.JwtException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching keys found
Cause
El error en aaa.log:
2023-08-24T07:39:26.964Z ERROR [] [https-jsse-nio-9090-exec-1] [][][][TRACE_ID:97d2704ca1652f50][] [c.e.b.a.s.s.DefaultSsoService.lambda$1(71)] - SSO login issue: {}
org.springframework.security.oauth2.jwt.JwtException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching keys found
Esto significa que AAA está esperando HS256, que es su valor predeterminado, pero OKTA siempre devuelve una firma RS256.
Resolution
- Inicie sesión en el protocolo SSH de PowerProtect Data Manager
cd /usr/local/brs/lib/aaa/configvim application-sso.properties- Compruebe si la variable aaa.sso.client.alg=RS256, si no cambia, de HS256 a RS256.
- Salir de vim (:wq!)
- Reinicio AAA
Article Properties
Article Number: 000218197
Article Type: Solution
Last Modified: 18 Mar 2025
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.