cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - New to the community? Learn how to post a question and get help from PTC and industry experts! X

installing and configuring Thingworx with H2 database

Go to solution
imshaikh
5-Regular Member
5-Regular Member
‎Sep 18, 2017 02:24 AM
‎Sep 18, 2017 02:24 AM

installing and configuring Thingworx with H2 database

I am using Thingworx 8.0 with H2 db and navigate framework 1.5.

I am trying out this configuration for Thingworx SSO.

Here are some more details about it,

- I am using PingFederate as an IDP

- if i am disabling SSO in platform-settings.json file then Thingworx login works fine but if we enable it in platform-settings.json file then its giving some issue and i am not even able to see PingFed login page.


I am not able to open url http://localhost:8090/Thingworx/​​.

     - here 8090 is the port configured for Apache Tomcat.

It is giving some error, you can see attached log file for more information.

Any help would be really appreciated here.

Thanks,

Imran

Labels:
SecurityLog.log.zip
0 Kudos
Notify Moderator
1 ACCEPTED SOLUTION

Accepted Solutions
posipova
20-Turquoise
20-Turquoise
(To:imshaikh)
‎Sep 18, 2017 08:59 AM
‎Sep 18, 2017 08:59 AM

Jugding by the error, it is what it is - the failed signature is causing Idp not to work. It's trying to verify trust of the signature using keys found in the configured keystore. You may try to import the public certificate of the metadata signature (or of its CA + intermediate CA's) to the keystore. It should pass then unless it's expired.

View solution in original post

0 Kudos
Notify Moderator
5 REPLIES 5
supandey
19-Tanzanite
19-Tanzanite
(To:imshaikh)
‎Sep 18, 2017 07:13 AM
‎Sep 18, 2017 07:13 AM

Hi Imran, have you checked the Application Log and the Tomcat's catalina log for detail. The zip attached to your question doesn't seem to contain any error against the authentication issue.

0 Kudos
Notify Moderator
imshaikh
5-Regular Member
5-Regular Member
(To:supandey)
‎Sep 18, 2017 07:59 AM
‎Sep 18, 2017 07:59 AM

Hi Sushant,

I have attached ApplicationLog and Catalina log with this reply.

I am getting some 'Signature trust establishment failed for metadata entry' error in ApplicationLog.

Please let me know if you need any more details.

Thanks,

Imran

ApplicationLog.log.zip
catalina.2017-09-18.log.zip
0 Kudos
Notify Moderator
posipova
20-Turquoise
20-Turquoise
(To:imshaikh)
‎Sep 18, 2017 08:59 AM
‎Sep 18, 2017 08:59 AM

Jugding by the error, it is what it is - the failed signature is causing Idp not to work. It's trying to verify trust of the signature using keys found in the configured keystore. You may try to import the public certificate of the metadata signature (or of its CA + intermediate CA's) to the keystore. It should pass then unless it's expired.

0 Kudos
Notify Moderator
imshaikh
5-Regular Member
5-Regular Member
(To:posipova)
‎Sep 20, 2017 08:04 AM
‎Sep 20, 2017 08:04 AM

Thanks Polina for your reply.

I verified the signature at both the sides Thingworx and PingFederate and it is not redirecting my Thingworx login page to PingFederate login page.

If I am keeping my Thingworx clean with Thingworx 8.0 war file then my Thingworx login page is correctly getting redirected to PingFederate login page; but I am importing some of the windchill navigate apps then its not opening up any login page and just showing busy icon without proceeding further.

0 Kudos
Notify Moderator
imshaikh
5-Regular Member
5-Regular Member
(To:imshaikh)
‎Oct 06, 2017 01:56 AM
‎Oct 06, 2017 01:56 AM

This issue is resolved now. I had configured my machine name instead of localhost in SSO configuration at PingFed side. I tried using same machine name instead of localhost in Thingworx url and it is working fine now.

Thank you all for your replies.

0 Kudos
Notify Moderator
Top Tags