Troubleshooting
Problem
User launches Controller Web website. User chooses database, and types in username/password.
An error appears.
Symptom
Not authorized
Close
Cause
There are several possible causes for the same error.
- See separate IBM Technote #1288582 for more examples.
This Technote specifically relates to the scenario where the cause is that all of the following are true: 
(a) The Microsoft SQL server has been configured so that the 'SQL Server Network Configuration' setting 'Force Encryption' is set to 'Yes'
(b) The Microsoft SQL client (installed on the Controller application server) has been configured so that the 'SQL Native Client Configuration' (64-bit, not 32-bit) setting 'Force Encryption' is set to 'Yes'
(c) The Controller application server does not trust the certificate that the Microsoft SQL server is using for encryption.
Diagnosing The Problem
"com.ibm.cognos.fcm.log
TIP: By default this is here: C:\Program Files\IBM\cognos\ccr_64\fcmweb\wlp\usr\servers\fcm.web\logs
You will see entries containing "Invalid login response received (empty)" similar to:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2020-03-23 08:10:36 | <?>@<?> | INFO | [com.ibm.cognos.fcm.web.ui.LoginController] Set session environment: prod (3 settings)
2020-03-23 08:10:37 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.repository.JEERepository] interface com.ibm.cognos.fcm.wmc.base.repositories.EntityManagerFactoryContext not found in JNDI. Binding new instance in JNDI context: javax.naming.InitialContext@6c6f6e16
2020-03-23 08:10:52 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.repository.CacheValidator] VDI_GLOBE_CLOUD: validateSharedCache (160 entity versions updated): 53 ms
2020-03-23 08:10:53 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Logging user ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD...
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Called CCR endpoint: LoginEndpoint [Security_LogInWeb]: 81 518 ms
2020-03-23 08:12:14 | <?>@<?> | ERROR | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Cannot login user ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD: Invalid login response received (empty).
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Logging out user ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD...
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.endpoint.DefaultLogoutEndpoint] [CCR-WS] Logging out user ADM...
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Called CCR endpoint: LogoutEndpoint [Security_LogOutWeb]: 32 ms
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.endpoint.DefaultLogoutEndpoint] [CCR-WS] Logged out user ADM: 37 ms
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] De-registered CCR WS client for ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD.
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.web.ui.infrastructure.auth.ccrnative.CustomAuthenticationProvider] Authentication rejected: 'adm' (org.springframework.security.authentication.AuthenticationServiceException: Invalid authentication credentials.)
2020-03-23 08:10:37 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.repository.JEERepository] interface com.ibm.cognos.fcm.wmc.base.repositories.EntityManagerFactoryContext not found in JNDI. Binding new instance in JNDI context: javax.naming.InitialContext@6c6f6e16
2020-03-23 08:10:52 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.repository.CacheValidator] VDI_GLOBE_CLOUD: validateSharedCache (160 entity versions updated): 53 ms
2020-03-23 08:10:53 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Logging user ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD...
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Called CCR endpoint: LoginEndpoint [Security_LogInWeb]: 81 518 ms
2020-03-23 08:12:14 | <?>@<?> | ERROR | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Cannot login user ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD: Invalid login response received (empty).
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Logging out user ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD...
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.endpoint.DefaultLogoutEndpoint] [CCR-WS] Logging out user ADM...
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] Called CCR endpoint: LogoutEndpoint [Security_LogOutWeb]: 32 ms
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.endpoint.DefaultLogoutEndpoint] [CCR-WS] Logged out user ADM: 37 ms
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.wmc.ccrws.DefaultCcrClient] [CCR-WS] De-registered CCR WS client for ADM@tegular1.castle.fyre.ibm.com\VDI_GLOBE_CLOUD.
2020-03-23 08:12:14 | <?>@<?> | INFO | [com.ibm.cognos.fcm.web.ui.infrastructure.auth.ccrnative.CustomAuthenticationProvider] Authentication rejected: 'adm' (org.springframework.security.authentication.AuthenticationServiceException: Invalid authentication credentials.)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Resolving The Problem
Fix:
Install the relevant TLS (or SSL) certificate (used by the SQL server) on the Controller application server.
- TIP: For more information, see separate IBM Technote #6113944.
Workaround:
On the Controller application server, install the relevant TLS/SSL certificate.
- TIP: For more information, see separate IBM Technote #6113944.
Related Information
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9S6B","label":"IBM Cognos Controller"},"Component":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
23 March 2020
UID
ibm16115828