Sorry for the cross post, but this could either be an LBI issue or a Lawson Security issue, not sure:

We've installed DSSO on our LBI server and everything seems to be set up correctly. All of the smoke tests pass fine and all of the config tests pass. However, when we try to log in to framework services we are getting a 404 page not found error. Lawson has not been able to solve this either - and becuase lawson service did not install this they are balking at helping resolve this. My arguement was this I could understand that with LBI itself, but for DSSO?

Has anyone seen this issue before? We are running LBI 9.0.2.2 (latest) on windows/tomcat.

We haven't installed 9.0.2.2 yet, I'm starting the process of going through the upgrade manual today.

But ...

We had an identical issue with DSSO with 9.0.1.8.45 ... since the Security service is independent of the other services, what follows is probably applicable ...

To start with, we're using WebSphere 6.1, in a totally Lawson 9 Apps/LSF9 networked layout - UNIX servers but LBI on Windows. WebSphere all around. (How come you're using Tomcat? I thought that you can't use Tomcat any more.)

We were going nuts with the failure to authenticate. Couldn't log in to nohow nowhere. Finally my compadre on the other side of the cube wall went through the installation one...line...at...a...time... and found an incorrect setting.

2 things. 1st, we had to do a remove-and-install on the service. No way around it. The WebSphere Update function doesn't work right. 2nd (and this may be your problem) -- URLs have to be fully-qualified. Support & documentation may say, use "short" URL (say, mycompany.com), but we had to fill in with much more. Sorry, I don't have his notes, how much more, you'll have to play around, but basically, the URL has to be LONGER and more specific than they say. If you're pointing to the authorization page, the SSO page, make sure you're pointing to it or you'll get a 404 error.

WebSphere has a particular problem, that if you don't register your new security app, it doesn't work. You're using Tomcat, you said, so supposedly that won't be an issue.

Hope this helps.

We haven't installed 9.0.2.2 yet, I'm starting the process of going through the upgrade manual today.

But ...

We had an identical issue with DSSO with 9.0.1.8.45 ... since the Security service is independent of the other services, what follows is probably applicable ...

To start with, we're using WebSphere 6.1, in a totally Lawson 9 Apps/LSF9 networked layout - UNIX servers but LBI on Windows. WebSphere all around. (How come you're using Tomcat? I thought that you can't use Tomcat any more.)

We were going nuts with the failure to authenticate. Couldn't log in to nohow nowhere. Finally my compadre on the other side of the cube wall went through the installation one...line...at...a...time... and found an incorrect setting.

2 things. 1st, we had to do a remove-and-install on the service. No way around it. The WebSphere Update function doesn't work right. 2nd (and this may be your problem) -- URLs have to be fully-qualified. Support & documentation may say, use "short" URL (say, mycompany.com), but we had to fill in with much more. Sorry, I don't have his notes, how much more, you'll have to play around, but basically, the URL has to be LONGER and more specific than they say. If you're pointing to the authorization page, the SSO page, make sure you're pointing to it or you'll get a 404 error.

WebSphere has a particular problem, that if you don't register your new security app, it doesn't work. You're using Tomcat, you said, so supposedly that won't be an issue.

Hope this helps.

Milo,

Let me clarify - the Tomcat is on the LBI server - we are just usinig the Tomcat that gets installed with LBI rather than having to install Webshpere on this server. We are ONLY using dashboards with a few published reports for now and are at least 6-12 months before thinking out smart notes, etc.... So we went the easy way. The LSF server is webshpere.

I'm not sure we are having an authentication issue - the servlet smoke tests work and authenticate properly - if I true an invalid user it does not authenticate and fails the smoke test. So it seems the problem is within the system config of framework services and how it is using the servlet somehow.

And we've tried both short and long url with the FQDN, but that does not resolve it either. But you bring to light a question. The documentation is very shortcoming on SPECIFICALLY what the url is to point to - and that is where I think my problem lies since we are getting a 404 error. We simply have it to the default web url of the LSF9 server - and I asked this of Lawson and they said that was correct. But your comment of "pointing to the authorization page, the SSO page" makes me think even more that I do not have the URL correct.

Our LSF server is xxx.domain.net so the url I have in sysconfig is http://xxx.domain.net. When we login to framework services I am seeing that the url that the login gets directed to is

http://xxx.domain.net/sso/SSOServlet?_acti...igUrl=etc.......

and it does prompt us for the login - so it seems that it is finding the SSO correctly.

BUT HERE IS WHERE I THINK THERE IS A URL SETTING THAT IS WRONG - once we login, the page that we get redirected to and that gets us a 404 error is:

http://LBISERVER/sso/SSOServlet?_action=MI...SION&etc........

Thoughts? Anyone?