Skip to Content

Hi Guys,

I have seen many notes and documents on this error that did not assist me with solution. I am hoping we can build on this and in future provide quicker solution maybe anyone with this error also the notes and sdn links I found were very old.

Java system error: Call of FM RSRD_X_PRODUCE_PROXY to ProgId HOST_PORTAL_SID on host host.com with SSO not authorized: Missing Password

 

Message no. RSBOLAP018

Diagnosis

An error occurred in the BI components on the SAP J2EE Engine.

Procedure

Contact your system administrator to have the error analyzed in detail.

Procedure for System Administration

 

Start the Visual Administrator, log on to the SAP J2EE Engine and choose “<J2EE_SID>” ->”Server” -> “Services” -> “Log Viewer”.

The file “defaultTrace.trc” includes detailed information about the error that occurred. In Windows, you can find this file in the Log Viewer under “Cluster <computer name>” -> “Server <server number>” -> “<drive>:\usr\sap\<SID>\JC<INSTANCE>\j2ee\cluster\server<NUMBER>\log”. “. In Unix, the file is located under “/usr/sap/<SID>/JC<INSTANCE>/j2ee/cluster/server<NUMBER>/log”.

If the file does not include enough detail about the error, you can increase the log level to obtain more information. To do this, choose “<J2EE_SID>” -> “Server” -> “Services” -> “Log Configurator”. On the “Locations” tab page, choose “com” -> “sap” -> “ip” -> “bi” -> “webapplications”. Using the selection list on the right side of the screen, you can increase the log level, whereby “DEBUG” represents the log level with the most information. You can save your settings by choosing the “Save” icon. The change to the log level is active immediately. Once you have successfully analyzed the error, you should set the log level back to its default value using the appropriate pushbutton; continuous writing to the log file negatively affects the overall performance of the system

_____________________________________________________________________________________________________________________________________

First things first you always get pointed to this knowledge base article.

1575891 – After executing a USER setting you receive the Java error: call FM RSRD_X_PRODUCE_PROXY to ProgId ‘abc’ on host ‘xyz’ with SSO not authorized

Which hosts these suggestions:

  1. 1.Apply each of these steps sequentially. After each step please re-test the issue to see if the error persists. Only if the issue is not resolved move to the next step:
    1. 1.   Execute the Support Desk Tool as per Note 937697. Download the latest version of the tool attached to the note. Ensure that all items are Green by following the solutions provided in the generated supportdesk.zip file. Ensure all configuration checks are GREEN as per Note 1177154.
    2. 2. 2. Recreate the certificates on Java side (J2EE Visual Administrator) & import them to ABAP to redefine the trust relationship between the systems. Refer to Note 912229 for the whole procedure.
    3. 3. 3. Apply SAP Note 1388694 – ‘Hanging connections to JCo’.

What I did

1. Checked my support desk tool from from note 937697 all was green

2. Reconfigured ABAP+JAVA trust – error persisted

3. Note 1388694 was not applicable to me.

4. I checked the J2EE_GUEST use and related configurations as the error I received was as follows in J2EE default trace file insufficient information for me.

#1.#F4CE46A87E27007B0000003E0000D95F0004DDAE4DDB6F45#1369640607117#com.sap.engine.services.rfcengine##com.sap.engine.services.rfcengine.handleRequest#J2EE_GUEST#0##n/a##0b03272ec6a111e2c49200000050d26e#SAPEngine_Application_Thread[impl:3]_0##0#0#Error##Plain###java.lang.RuntimeException:Call of FM RSRD_X_PRODUCE_PROXY to ProgId HOST_PORTAL_SID on host host.com with SSO not authorized: Missing Password

5. I checked the dev_rfc* files directly after reproducing the error error was insufficient to me.

Exception thrown [Mon May 27 16:31:05,285]:Exception thrown by application running in JCo Server

  1. java.lang.RuntimeException: Call of FM RSRD_X_PRODUCE_PROXY to ProgId HOST_PORTAL_SID on host host.com with SSO not authorized: Missing Password

at com.sap.engine.services.rfcengine.RFCDefaultRequestHandler.handleRequest(RFCDefaultRequestHandler.java:80)

at com.sap.engine.services.rfcengine.RFCJCOServer$J2EEApplicationRunnable.run(RFCJCOServer.java:254)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

6. Download the diagtool from sap Note 957666 – Diagtool for Troubleshooting Security Configuration unzip and copy to saphost j2ee directory ,take not of conf directory in subfolder of diagtool.

wssec.conf

traces_snapshot.conf

sso2.conf

ssl.conf

spnego.conf

secstore.conf

remote_traces_snapshot.conf

keytabgen.conf

authentication.conf

agent.conf

7. Start the tool as per note 982127 – Troubleshooting authentication problems since this is SSO error use the SSO conf

i.e. sidadm@suse9> ./go.sh  /usr/sap/SID/DVEBMGS99/j2ee/diagtool/conf/sso2.conf /usr/sap/SID/DVEBMGS99/j2ee/configtool

This will run for almost a minute before it reaches a prompt where it asks you to reproduce your action that cause the error and ENTER on the diagtool screen immediately afterward

8. This creates an output directory i.e. /usr/sap/SID/DVEBMGS99/j2ee/diagtool/output it will create the following files

 

diagtool_{timestamp}.zip

diagtool_{timestamp}.log

diagtool_(timestamp}.html

9. Check for relevant errors easiest just using the html I found the following error which pointed to user USER being error.

12:42:45:594

Path

J2EE_GUEST

~n_Thread[impl:3]_16

~

[md=getUserAccountByLogonId][cl=135873]

Entering method

12:42:45:594

Debug

J2EE_GUEST

~n_Thread[impl:3]_16

~

[md=getUserAccountByLogonId][cl=135873]

Found uniqueID for logonId

USER

12:42:45:594

Path

J2EE_GUEST

~n_Thread[impl:3]_16

~

[md=getUserAccountByLogonId][cl=135873]

Exiting method with userAccount

from cache

12:42:45:595

Path

J2EE_GUEST

~n_Thread[impl:3]_16

~engine.services.security.authentication

Exception : Missing

Password

  1. java.lang.Exception

at

10. To confirm this I set parameter rfc/signon_error_log from value -1 to 2 in RZ11 and did a dynamic switch which gave me the additional information in the dev_rfc* file

RFC SignOn> delete old Assertion-Ticket (1)

======> Call of FM RSRD_X_PRODUCE_PROXY to ProgId HOST_PORTAL_SID on host host.com with SSO not authorized: Missing Password

ABAP Programm: SAPLRSRD_X_RUNTIME (Transaction: )

Called function module: RSRD_X_PRODUCE_PROXY

User: USER (Client: 012)

Destination: HOST_HOST_ISID(Handle: 25, DtConId: 51A3DA3A696886BDE1000000AC103B5C, DtConCnt: 1, ConvId: 82594371,{51A3DA3B-6968-86BD-E100-0000AC103B5C})

EPP RootContextId: F4CE46A86F6B1EE2B1DB41DB0BF818C1, ConnectionId: 00000000000000000000000000000000, ConnectionCnt: 0

EPP TransactionId: 51A3D90D696886BDE1000000AC103B5C

11. Turns out the user is used by BW guys to do their configuration and process chain. The password had expired once it was reset the functionality worked. User is set  to DIA user and therefore password change policy  affects it.

     To avoid problem I changed type of user to SERVICE to avoid this human error factor in future hopefully by ignoring password change. Since dialog functionality is required by this user for BW related configuration SERVICE user is sufficient.

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply