Ideagen Luminate logo Ideagen Luminate logo
Navigation
Need help?
Send feedback
Sign in
This page does not meet FedRAMP security standards. Please avoid entering sensitive or classified information. Learn more
Learn more
Learn more

Looking for help?

Common queries

View all

Send us feedback

Megaphone illustration

Before you start

This form is for Ideagen Luminate feedback only. Your submission will not receive a response.

Looking for support? Select the solution you need help with and open a ticket with us.
New article Recently updated

Ideagen Internal Audit (Aura): 'A valid user could not be found matching the identity <blank>' in Webservice.log

By Karl Newstead
  • Last updated
⌘ K
Search this article
Print this article

A user attempts to use Web application and gets an error in their browser.

In the WebService.log file at wwwroot\[Pentana instance]\WebService is the entry:

*****An exception occurred at 18 September 2019 10:58:24 using version 5.3.0.12
1. Exception of type: TngException[General] - Message: Remote response message contains errors
 at Pentana.Tng.Agent.AgentHelperInstance.ValidateResponse[T](ResponseMessage`1 response)
 at Pentana.Tng.Agent.AgentHelperInstance.RemoteCall[TResponse](ServiceMethod`1 execute, Boolean checkInitialized)
 at Pentana.Tng.Agent.AgentHelperInstance.GetUserUid()
 at Pentana.Tng.Agent.AgentHelperInstance.InitializeHelper(String instanceName, Boolean autoRetry, Version DBVersion)
 at Pentana.Tng.Web.Service.MainService.GetUser(String identity)
 at Pentana.Tng.ServiceInterface.TngWebService.GetWebUserByHttp()
 at Pentana.Tng.ServiceInterface.TngWebService.GetSettings(String culture)
1.1. Error AuthorizationError: A valid user could not be found matching the identity

No identity is specified.

There are four known causes for this problem.

Cause 1:  mismatching machinekeys

This can be a mismatch between the machinekeys specified in the following files:

  • FBA\Web.config
  • Service\Web.config
  • WebService\Web.config
  • WebUI\Web.config

In this case, the error "You are not authorized to use Pentana. Please contact your Administrator" will occur immediately on login.  Fix by ensuring that the machinekeys are consistent between the three files, and restart the application pools.

Cause 2:  mismatching validation hash algorithm

Each of the config files containing machinekeys also contains values for validation and decryption, e.g.:

mceclip0.png

In older versions of Pentana validation was set to SHA1, whereas newer versions use HMACSHA256.  If a newer config file is used to overwrite an older one, then check that the values for validation are consistent.  Ideally the later versions of config files should be used.

Cause 3:  the services have gone to sleep while the browser remains open and inactive

If a Web user opens a page and leaves their browser inactive for longer than the IIS application pool timeout (default is 20 minutes) AND no other users are in the system, then when they click a button:

  • the 'there has been an error in this application' message will occur on-screen
  • this error message will occur in the log

The problem is caused by the browser attempting to resume a session, but the services have gone to sleep.  From version 6.0, the user will be returned to the login screen rather than see an error message.

Cause 4:  the user has remained inactive for 30 minutes/the inactivity timeout period

By default, if a user logs in successfully and then remains inactive for 30 minutes they will be required to log back in.  Normally they will be returned to the error screen, but sometimes they will get the "Something has gone wrong" error screen, and this entry will be shown in the log.  

Why <blank>?

In each case, the Web service is working with a user that does not have a currently valid authentication.  It cannot retrieve the user's identity, and so no identity is shown in the error message.

What do you think about this article?

Your feedback helps us improve

More articles in this section

Looking for more help? Ask the Community

On this page