User unable to access One Click

Document ID : KB000095049
Last Modified Date : 08/05/2018
Show Technical Document Details
Issue:
User is unable to access OneClick with their LDAP authentication
Environment:
Any version of CAPM
Cause:
1. Go to the Spectrum Administration page 
2. Administration > Debugging 
3. Web Server Debug Page (Runtime) 
4. Turn on SSORB Security SP 
5. Reproduce the issue 

Examine $SPECROOT/tomcat/logs/stdout.log for the username and any variation of this username 

For example:

Apr 17, 2018 14:41:37.295 (http-bio-80-exec-36) (SecuritySP) - Getting user by search: sAMAccountName=radostaj

Apr 17, 2018 14:41:37.295 (http-bio-80-exec-36) (SecuritySP) - Username radostaj has multiple entries 

Apr 17, 2018 14:41:37.295 (http-bio-80-exec-36) (SecuritySP) - superUser: union com.aprisma.spectrum.core.idl.CsCAttribute.CsCValue { 

boolean boolValue=false 

}, allowNoUser: union com.aprisma.spectrum.core.idl.CsCAttribute.CsCValue { 

boolean boolValue=true 



Apr 17, 2018 14:41:37.295 (http-bio-80-exec-36) (SecuritySP) - Couldn't authenticate user against directory 
 
Resolution:
  1. Confirm within LDAP that multiple usernames do not exist for the user in question
  2. Delete any variation of the username that might exist in LDAP
  3. Make sure the username that remains in LDAP is the same case as the user that is in Spectrum OneClick as Spectrum is case sensitive
  4. Make sure the username as appropriate permissions to login
At this point you should be all set to log into OneCLick successfully
Additional Information:
The following steps are always good practice for troubleshooting Spectrum OneClick login problems:

1. Go to the Spectrum Administration page 
2. Administration > Debugging 
3. Web Server Debug Page (Runtime) 
4. Turn on SSORB Security SP 
5. Reproduce the issue 

Examine $SPECROOT/tomcat/logs/stdout.log for the username in question