SECJ0371W: Validation of the LTPA token failed because the token expired with the following info.
hi,
i am keep getting this error in systemout.log. RTC/RRC 4.0.1, WAS 8.0.0.5 and DB2 9.7 SECJ0371W: Validation of the LTPA token failed because the token expired with the following info: Token expiration Date: Tue Feb 26 17:14:00 AST 2013, current Date: Tue Feb 26 17:14:00 AST 2013. Thanks, Qaiser |
Accepted answer
See investigate solution for excessive LTPA logging on WAS (238990) for some information on possible causes and solutions.
Qaiser Islam selected this answer as the correct answer
|
2 other answers
All,
I have the very same issue ever since we upgraded to RTC 4.x. My configuration is a WAS instance on one server and the Database on another server. I have tried the solution in http://www-01.ibm.com/support/docview.wss?uid=swg21590961 with no luck. My prior configuration was: RTC 4.0.2 (And prior 4.x releases) WAS 7.0.0.29 (And prior fixpacks) DB2 9.7 I have updated my WAS configuration to: RTC 4.0.2 WAS 8.0.0.7 DB2 9.7 It is apparent from my actions that this issue is casued by CLM/RTC and not WAS. And the log message still occurs in 8.0.0.7, but now with a little more information: [10/2/13 7:12:17:352 EDT] 00000026 LTPAServerObj W SECJ0371W: Validation of the LTPA token failed because the token expired with the following info: Token expiration Date: Wed Oct 02 01:33:00 EDT 2013, current Date: Wed Oct 02 07:12:17 EDT 2013 Token attributes: port=XXXX, username=user:<MYLDAPSERVER>:636/xx=XXXXXX,c=XX,xx=XXXXXXX,o=XXXX.com, hostname=<MY_RTC_SERVER>.. This warning might indicate expected behavior. Please refer to technote at http://www-01.ibm.com/support/docview.wss?uid=swg21594981. What I have noticed is that Build user ID that is shared among several build engines across several different servers is one of the biggest culprits. I have also noticed that this occurs with Eclipse based clients that have been up for a significant period of time, including my own. When I noticed my own user ID showing up in the log messages above, I shutdown my client and restarted it. Immediatley after that I did not see this issues until several hours had passed. I observed the same issue with the build engines' user id after shutdown and restart. However hours later, the application server will begin to log the messages again. Since both of these are Eclipse based, would it be fair to assume that the application servers handling of the eclipse client is the root cause? I have not had a significant performance hit, but this is something I would like it resolved. |
Ralph Schoon (61.8k●3●36●43)
| answered Feb 26 '13, 3:44 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
LTPA Token are used between IHS and WAS for SSO. This happened in a case where performance testing ran longer than the timeout. What is your use case? You can change the timeout. However, I guess there is another issue.
Comments no i am not running any performance tests. i deployed RTC/RRC 4.0.1 on WAS 8.0.0.5 with LDAP authentication. is it because of some issue with LDAP integration? when i look at the log, the first entry i see is related to ldap connection followed by this error. although i am not facing any LDAP integration issue, users are able to login with their AD ids and nightly sync is also working fine
[2/27/13 12:55:54:730 AST] 0000003f LdapRegistryI A SECJ0419I: The user registry is currently connected to the LDAP server ldap://LDAPSERVER:389.
|
Comments
Are all your clocks synchronized?
there is 4 min difference between App server and db..
You should switch the time synchronization on as described in the installation manual. See: http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0/topic/com.ibm.jazz.install.doc/topics/t_s_server_installation_setup_wizard.html look for NTP.
You probably see this in the diagnostics: