AUTH
The next table lists all error codes related to the SessionManagementFilter and the SecurityRoleFilter.
| Major | Minor | Message | Details |
|---|---|---|---|
| AUTH | 0001 | The cleanup of the AuthFilterBase failed. | Contact support. |
| 0002 | No session available. | Check the logs for further information. Is your session management engine configured correctly? You have to configure either a dynamic session management (with the SessionManagementFilter) or a legacy one (in the servlet container). | |
| 0003 | Unhandled state. | Contact support. | |
| 0004 | Too many transitions. | The identification state of the request could not be determined. Check the logs for further information. | |
| 0005 | Received unknown status (session invalidated). | nevisAuth sent an unknown authentification status. Check your nevisAuth configuration. | |
| 0006 | parsing ch.nevis.session.inactiveInterval failed | Parsing the inactiveInterval sent by nevisAuth failed. Check your nevisAuth configuration. | |
| 0007 | parsing ch.nevis.session.reauthInterval failed | Parsing the reauthInterval sent by nevisAuth failed. Check your nevisAuth configuration. | |
| 0008 | parsing <parameter name> failed | Parsing the value sent by nevisAuth for the parameter RecheckAuthentication failed. Check the configuration for the parameter RecheckAuthentication and for nevisAuth. | |
| 0009 | supported mode=<...> | Unknown mode for the parameter RenewIdentification. Check your configuration for the parameter RenewIdentification. If it is valid, contact support. | |
| 0010 | renegotiateAfterAuthentication: failed | Error during the renew identification process. Check the logs for further information. | |
| 0011 | expected peer certificate fingerprint=<...> not found. | HINT: Set the init param CheckAlwaysClientCert of this IdentityCreationFilter or SecurityRoleFilter to "false". | |
| 0012 | wrong certificate fingerprint found, expected cert fingerprint=<...>, found fingerprint=<...> | The client presented an invalid certificate. | |
| 0013 | requesting peer certificate failed | Requesting the peer certificate failed during the SSL renegotiation. Check the logs for further information. | |
| 0014 | removeState failed | Removing the virtual session failed. Check the logs for further information. | |
| 0015 | found parent key='<...>' ownerName='<...>' but no parentKey | Contact support. | |
| 0016 | not registered by parent key='<...>' ownerName='<...>' | Contact support. | |
| 0017 | misconfiguration: registered parent key='<...>' ownerName='<...>' does not match parentKey='<...>' | Contact support. | |
| 0018 | storeState failed | Storing the state failed, due to a lack of memory.HINT: Consider increasing the value of the parameter StoreInterceptedRequest.MaxSize or setting the parameter StoreInterceptedRequest of this IdentityCreationFilter or SecurityRoleFilter to "false'". | |
| 0019 | removeSecRoles failed | Contact support. | |
| 0020 | attribute found with key='<...>' not of type SecurityRoles | Contact support. | |
| 0021 | no IdentityCreationState bound to the request | Contact support. | |
| 0022 | attribute found with key='<...>' not of type IdentityCreationState | Contact support. | |
| 0023 | No servlet name configured. check your configuration | The servlet name is missing, check your configuration. | |
| 0024 | servlet '<...>' not found. check your configuration | The servlet was referenced, but its configuration was not found. HINT: Make sure that the parameters AuthenticationServlet and LoginRendererServlet of the IdentityCreationFilter or SecurityRoleFilter refer to a servlet that is configured and available. | |
| 0025 | Probable XSS injection attack on nevis transfer mechanism | The request transfer was aborted, because a probable XSS injection attack was detected. | |
| 0026 | Cleanup of IdentityCreationFilter failed | Contact support. | |
| 0027 | BadRequestException | The IdentityCreationFilter could not handle the request because it was ill-formed. Check the logs for further information. | |
| 0028 | caught SecurityException invalidating sessionID=<...> | The IdentityCreationFilter could not handle the request because of a security exception. The session was invalidated. Check the logs for further information. | |
| 0029 | doFilter failed | The IdentityCreationFilter could not handle the request. Check the logs for further information. | |
| 0030 | received unknown status='<...>' (session invalidated) | The IdentityCreationFilter received an unknown session status from nevisAuth. The session was invalidated. Check your IdentityCreationFilter and your nevisAuth configurations. | |
| 0031 | received corrupted SecToken: changed userID,sessionID | The user was already authenticated, and the new SecToken has a different user ID and/or session ID than the previous one. | |
| 0032 | received corrupted SecToken: missing attributes | The SecToken was incomplete. Either the user ID, the session ID, the realm or the entry ID were missing. | |
| 0033 | received corrupted SecToken: wrong realm | The realm of the SecToken did not match the one of the IdentityCreationFilter. | |
| 0034 | illegal: intercepted request uri='<...>' actual request uri='<...>', ignoring intercepted request | The stored intercepted request was ignored, because its URI did not match the URI of the actual request. Check the logs for further information. | |
| 0035 | corrupted query: encoded='<...>' decoded='<...>' | The stored request could not be decoded for the redirection (which involves a client certificate). Check the logs for further information. | |
| 0036 | cloning request failed | The IdentityCreationFilter could not store the intercepted request into the session. Contact support. | |
| 0037 | limitUserLogins failed for sessionID=<...> | Limiting the number of authenticated sessions for a specific user failed. Check the logs for further information. Also note that this feature is deprecated. Refer to the Reference Guide for alternatives. | |
| 0038 | limitUserLogins failed | Limiting the number of authenticated sessions per user failed. Check the logs for further information. Also note that this feature is deprecated. Refer to the Reference Guide for alternatives. | |
| 0039 | Cleanup of the SecurityRoleFilter failed | Contact support. | |
| 0040 | no valid authentication has been done | The user must be authenticated before performing a step-up. Check the logs for further information. Also check your configuration.HINT: Check that an IdentityCreationFilter is mapped before the SecurityRoleFilter on the current path. | |
| 0041 | The SecurityRoleFilter could not handle the request. | Check the logs for further information | |
| 0042 | received unknown status (session invalidated) | The authentication failed because nevisAuth sent an unknown state. The session was invalidated. Check your nevisAuth configuration. | |
| 0043 | received no SecRoles | The SecurityRoleFilter did not receive any roles from nevisAuth. Check the logs for further information. | |
| 0044 | received none of the required SecRoles | The SecurityRoleFilter did not receive the expected roles from nevisAuth. Check the logs for further information. | |
| 0045 | no security roles bound to the request | The request does not contain any security roles. HINT: The security roles should be provided by the IdentityCreationFilter. Check if there is a IdentityCreationFilter mapped before the SecurityRoleFilter on the current path. | |
| 0046 | attribute found with key='<...>' not of type SecurityRoles | Contact support. | |
| 0047 | received a SessionState which was not for me | Contact support. | |
| 0048 | received a SessionState with an unexpected class | Contact support. | |
| 0049 | maximal number of Virtual Sessions reached | The VirtualSessionFilter could not create a new virtual session because the limit was reached and the overflow policy was set to "abort". HINT: Raise the value of the parameter MaxVirtualSessions, or change the settings of the parameter OverflowPolicy, both of the VirtualSessionFilter. You could also replace the VirtualSessionFilter with a SessionManagementFilter. | |
| 0050 | maximal number of Virtual Sessions reached (...), go on without any virtual session | The VirtualSessionFilter could not create a new virtual session because the limit was reached and the overflow policy was set to "skip". HINT: Raise the value of the parameter MaxVirtualSessions, or change the settings of the parameter OverflowPolicy, both of the VirtualSessionFilter. You could also replace the VirtualSessionFilter with a SessionManagementFilter. | |
| 0051 | maximal number of virtual session per client has been reached (...), go on without any virtual session | The VirtualSessionFilter could not create a new virtual session because the limit per client was reached and the overflow policy was set to "skip". HINT: Raise the value of the parameter MaxVirtualSessionsPerClient, or change the settings of the parameter OverflowPolicy, both of the VirtualSessionFilter. You could also replace the VirtualSessionFilter with a SessionManagementFilter. | |
| 0052 | found a VirtualSession (id=<...>) with an invalid response-session type | Contact support. | |
| 0053 | found a VirtualSession (id=<...>) with a removed response-session | Contact support. | |
| 0054 | found a VirtualSession (id=<...>) with an existing response-session | Contact support. | |
| 0055 | missing at least one required identifier which was expected to be got from the response-body | The virtual session could not be found because some required identifiers were missing in the request. Check the logs for further information. | |
| 0056 | UserInputValidationRules does not contain 'isiwebmethod' required for a logout | Contact support. | |
| 0057 | parent state with key='<...>' (request) expected key='<...>' (session) | Contact support. | |
| 0058 | parent state with key='<...>' sessionID='<...>' not found (session) | Contact support. | |
| 0059 | unregister child='<...>' from parent='<...>' failed | Contact support. | |
| 0060 | cleanSession for child key='<...>' failed | Contact support. | |
| 0061 | notify for child key='<...>' failed | Contact support. | |
| 0062 | unsupported class='<...>' child key='<...>' | Contact support. | |
| 0063 | cleanSession of IdentityCreationState failed. | Contact support. | |
| 0063 | notify failed | Contact support. | |
| 0064 | could not read the full request-body. Still " <...> " byte expected. The body will not be intercepted | The request body could not be intercepted because an error occurred when reading the body. Check the logs for further information. | |
| 0065 | no part with content-id='<...>' found. | Contact support. | |
| 0066 | could not find soap-request | Contact support. | |
| 0067 | can't buffer the body for validation. Hint: increase the attribute 'BodyReadSize' of this filter | The IdentityCreationFilter or the SecurityRoleFilter could not read the request body because it was too long. HINT: Increase the value of the filter attribute BodyReadSize. | |
| 0068 | parsing soap message failed | The IdentityCreationFilter or the SecurityRoleFilter could not parse the SOAP message in the request header. Check the logs for further information, for example, whether the SOAP message is sent in the request body. HINT: Set the filter's init param OnlySoapHeader to "false". | |
| 0069 | invalid requirement-line '<...>'. Expected: '<nameIn>:<regexp>:<nameOut>:<substitution>' (delimiter ':' must be escaped) | Check the configuration of the parameter HeaderBased.AuthResponseHeader (AuthenticationFilter). | |
| 0070 | pattern '<...>' does not match regex '<...>'. Returning an empty string | Contact support. | |
| 0071 | the headervalue '<...>'='<...>' could not substitute the rule '<...>' | The header was blocked because the header value did not match the rule. Check the logs for further information. | |
| 0072 | the headername '<...>'='<...>' could not substitute the rule '<...>' | The header was blocked because the header name did not match the rule. Check the logs for further information. | |
| 0073 | invalid requirement-line '<...>'. Expected: '<source>:<key>:<regexp>' (delimiter ':' must be escaped) | One requirement could not be parsed correctly. Check the logs for further information. HINT: Check the parameter Requirements of the AuthenticationFilter, in case you have one configured. | |
| 0074 | Cleanup of the Esauth4ConnectorServlet failed | Contact support. | |
| 0075 | removing session provider implementation name='<...>' failed | Contact support. | |
| 0076 | destroying servlet failed | Contact support. | |
| 0077 | unsupported method '<...> | Contact support. | |
| 0079 | illegal m_name='%s' providerName='<...>' | Check the log for more details and verify your configuration. | |
| 0080 | kill failed | Contact support. | |
| 0081 | calling 'authenticate' unknown Status='<...>' | Contact support. | |
| 0082 | calling 'unlock' unknown Status='<...>' | Contact support. | |
| 0083 | calling 'stepup' unknown Status='<...>' | Contact support. | |
| 0084 | serialising for '%s' failed | Check the logs for more details. | |
| 0085 | transport failed | The SOAP message could not be sent. Check the logs for more details. | |
| 0086 | Could not connect to servlet. Is the service running? | The servlet could not connect to the authentication service. Check whether this server is available. | |
| 0087 | parsing failed | The response from the authentication service could not be parsed. Check the logs for more details. | |
| 0088 | parsing cookie='<...>' failed | Check the logs for more details. | |
| 0089 | send failed | Check the logs for more details. | |
| 0090 | SOAPFault: Code='<...>' Reason='<...>' Detail='<...>' | The SOAP message is ill-formed. Check the logs for more details. | |
| 0091 | number of children must be '1', got '<...>' | The SOAP message must contain one element of type "status". Check the logs for more details. | |
| 0092 | unsupported result='<...>' | The SOAP message has an unknown status. Check the logs for more details. | |
| 0093 | received duplicated property with name='<...>' | Check the logs for more details. | |
| 0094 | missing tag '<...>' | The SOAP message lacks a mandatory element. Check the logs for more details. | |
| 0095 | setNameValue failed | Check the logs for more details. | |
| 0096 | no request attribute found (key='<...>') | Check the logs for more details. | |
| 0097 | illegal request attribute (key='%s' bc_classname='%s') | Check the logs for more details. | |
| 0098 | No servlet name configured. | Check your configuration. | |
| 0099 | servlet '<...>' not found | Check your configuration. HINT: Make sure that the init parameters AuthenticationServlet and LoginRendererServlet of the IdentityCreationFilter or SecurityRoleFilter refer to a servlet that is configured and available . | |
| 0101 | an unexpected exception occurred | Contact support. | |
| 0102 | an unknown exception occurred | Contact support. |