BMC Helix Single Sign On ITOM OnPrem 24.2 : Unable to login on RSSO Admin console with default Admin credentials

Knowledge Article

Article Number

000428396

Old Article Number

Article Type

Solutions to a Product Problem

Title

BMC Helix Single Sign On ITOM OnPrem 24.2 : Unable to login on RSSO Admin console with default Admin credentials

Summary

Unable to log in on RSSO Admin console with default Admin credentials after new ITOM deployment

Product

BMC Helix Single Sign On

Component

Helix SSO

Applies to

New ITOM 24. x deployment

Problem

Unable to log in to the RSSO Admin console with Admin default credentials after fresh deployment of ITOM. It redirects to login page with an incorrect HEADER URL in the browser.

Cause

System policies on end-user VM which cuts off unknown headers

Solution

As per the rsso.log, Admin user login happens successfully in the UI.

It fails during the next call for /auth-info as one may see in the network log.

It fails because csrf-rsso-admin-token value is empty in the /auth-info call. For some reason, the browser cuts it off.

[TID:SAAS_TENANT][80-exec-15] WARN .s.rest.filters.FilterHelper.getAdminCookieValue(): The 'CSRF-RSSO-ADMIN-TOKEN' header is missing

To resolve the issue, please involve the system administrator to clarify why the header is not being sent. It is possible that some local system policies on end-user VM cuts off unknown headers

Attachment(s):