Skip to Content

For a while, I have been seeing people are having issues connecting their HANA Studio to the servers in CloudShare. You have setup your connection, all the icons are green

Screen Shot 2012-09-26 at 2.11.38 PM.png

everything is working and looking good. Next day, you log back in to your account and suddenly it gets invalidated and turns red 😕 😡

So this is the story, HANA Studio has a feature that basically stores all your connection credentials inside a storage. This storage is secured by a master password that the studio auto generates during the first time you enter your server credentials. You must be already familiar with the following dialog box:

Screen Shot 2012-09-26 at 2.27.35 PM.png

This is when your credentials are “encrypted” inside the secure storage.

However, as much as the encryption goes, when they key got corrupted, you won’t be able to decrypt the original information. And this is exactly what happens. For an unknown reason, the key sometimes got corrupted and your login got invalidated. You get “invalid user name / password”. This is not because your backend profile was changed, you got a wrong user name / password, you didn’t type it correctly, etc, it simply because your decrypt key got corrupted. The corrupted key makes the Studio logs you in with the incorrect information.

So here is the solution:

  1. Open the Studio properties. File > Properties
  2. On the Database User Logon, click on Secure Storage

Screen Shot 2012-09-26 at 5.05.59 PM.png

3. Click change password. It might give you a pop up saying that decryption key is corrupted. Just say yes to it.

4. You got a new key and you’re good to go 😉 !!

If it still fails, my colleague Ferry Lianto put together a nice document on how to delete your secure storage entirely and basically reset the whole Studio here.

UPDATE: You can go to Eclipse doc page here for more info about the secure storage itself. Maybe you can find what the root cause is? Easter egg challenge? 😀

Have fun!

Rocky

To report this post you need to login first.

14 Comments

You must be Logged on to comment or reply to a post.

  1. Lars Breddemann

    Hi Rocky!

    This is an interesting and somewhat disturbing sentence:

    “…simply because your decrypt key got corrupted…”

    I have never seen such problems yet, so I would like to know what exactly causes the corruption. Did you have a support message opened for this?

    Apart from that, I don’t quite get your concern about the security.

    HANA Studio stores password files encrypted.

         OK.

    If all is well and good, it uses these information to automatically log in to the HANA instances – if and only if you’re running HANA studio with the same user on the same machine (roaming profiles don’t work).

         OK.

    Now, when the file is corrupted or anything else doesn’t fit in, the connection to the HANA instances can’t be made.

         That’s exactly what we want!

    The only way to get the connection to work again is to actually know and provide the correct logon data.

         GREAT.

    So, how exactly is this insecure?

    – Lars

    (0) 
    1. Rocky Ongkowidjojo Post author

      Hi Lars,

      First of all, I never mentioned the Studio being insecure :). While most of the definitions about “secure” system is always not being able to get information without the owner’s permission, I want to take that definition a little bit further. Particularly, in this context, my definition of secure system is also the owner should be able to retrieve his/her data at anytime 

      This particular issue happens in the Cloudshare’s desktop where Dev Center users are working on. It happens usually after the environment gets suspended. With the desktop being deployed in the cloud and everything is virtualized, I do not know what exactly is going on under the hood when the environment is created, suspended and later on is resumed. Maybe some key or ID gets regenerated or something like that happens and it invalidates the key pair that is used to store the credential? Who knows.

      I do not have any support ticket opened yet for this as I’m yet to figure out how to reproduce it. To me this still seems to be a random occurence. I just happened to know how to do “first-aid” 🙂

      Best,

      Rocky

      (0) 
      1. Lars Breddemann

        Rocky,

        what does a title like “The “not quite” secure storage HANA Studio, Reconnect your Studio to HANA Servers!” say, if not “HANA secure storage is not secure” ?

        I think I get your point that you want to have access to system state information at any given time.

        And that is the case already.

        All you’ve got to do is to provide the correct logon data for either your DBA user or the <sid>adm user of the HANA box.

        That’s it.

        For the issue at hand I recommend to have a support message opened, even if you cannot reproduce the behavior at will. Maybe others have faced a similar situation already or maybe development can have a look at the secure storage files to figure out what caused the corruption.

        Cheers, Lars

        (0) 
        1. Rocky Ongkowidjojo Post author

          Hi Lars,

          I would not go to far in terms of language issue as I’m not the expert 😀 . In my understanding the terms “not quite” does not really negate the adjective, e.g. “not quite good” does not necessarily mean bad. Anyway, we can discuss the language issue aside if you don’t mind.

          I will test whether the latest revision still has the same issue or not. The current version on the Cloudshare desktop is still at rev. 38 which is already outdated today.

          Best,

          Rocky

          (0) 
      2. Liang Wang

        Hi, Rocky,

        I met the similar issue after I reset SAP Citrix in APJ, the HANA instance refuse to add instance due to locked secure storage.

        I follow your guide by reset passwords. After that, it works. Thanks.

        (0) 
  2. Rama Shankar

    Hi Guys,

    Since I upgraded to SP5 in my AWS cloud server few months ago, I
    am getting intermittent connection issues. The HANA Studio crashes erratically
    with error ” Save Failed: – 708 Data Receive failed (Software caused
    connection abort: recev failed].

    I also check the AWS instance security group info and it looks
    good.

    I am on SP5 rev 48 both in the backend and front-end studio
    version.

    Any inputs would be greatly appreciated.

    Thanks,

    Rama

    (0) 
  3. Chinmay Vyas

    Hi, I am not even able to open the Property page.  My SAP HANA Systems tab does not show my system.  It is having a message “Secure Storage is Locked” and then there is an unlock button.  If I click on the unlock button nothing happens. Please help.

    (0) 
  4. Marcus Krug

    I have been facing the same issue. Go to hdbstudio->Preferences->General->Security->Secure Storage and de-select Master-Key Providers. This worked for me.

    Regards,

    Marcus

    (0) 
    1. Gregory Misiorek

      Marcus,

      good tip, but it didn’t work when i had to restore windows7x64 to a prior state (before modifying of hosts file). what i did was to delete the windows64 encrypted password after reinstalling hana studio and client. i also had to go into secure storage to “manage” my SYSTEM password and re-enter the challenge questions. now, i only have to deal with “Server Not compatible” warning in my Content folder, but i’m not sure how.

      thx,

      greg

      (0) 
      1. Gregory Misiorek

        seems like i have to do it now every time that i want to use the studio :-<

        1 delete system

        2 go to secure storage

        3 clear passwords

        4 in contents tab delete eclipse/windows64 password

        5 restart

        6 add system

        7 redo secure storage and challenge questions

        8 repeat at the next login

        (0) 
        1. Rocky Ongkowidjojo Post author

          @Gregory: does this “locked” secure storage only happens in the newer revision of SAP HANA? I seem to always opt out for this secure storage thus I never had this issue 🙂

          (0) 
  5. Sachin Lala

    This is what worked for me:

    • Preferences -> General -> Security -> Secure Storage
    • go to ‘Contents’ tab
    • delete the ‘org.eclipse.equinox.secure.storage’ entry
    • restart Hana studio
    • it’ll ask you if you’d like to add a paraphrase to recover your password – this is discretionary (I did not add any paraphrase)
    • in my studio setup, the ‘Master password providers’ are selected in the ‘Password’ tab (I didn’t have to change anything in this tab)

     

    (0) 

Leave a Reply