Authentication failed in Data Stewardship

Talend Version (Required)       6.4.1


Using the 6.4.1 Installer, TAC, IAM, and TDS were installed, but the user cannot log into Data Stewardship.
Additional Versions  
Product (Required) Data Stewardship, IAM, TAC
Component (Required)  
Problem Description

After using the 6.4.1 Installer without any errors, the user cannot log into Data Stewardship.


The TAC, IAM and Data Stewardship services are up and running.

The login/user used is Active in TAC.


In the 6.4.1_installer\iam\apache-tomcat\conf folder, the file contains the line



So in this case, needs to be Active in TAC:



The customer was using a hostname similar to this format: aaaa.bbbbb.cccc.dddd.eeee.

So they would access Data Stewardship using a URL such as:

http:/ /aaaa.bbbbb.cccc.dddd.eeee:19999


Looking at the different log files under /iam/logs, this error was found in the idp.log:

2017-09-05 16:41:16.815 -ERROR [http-apr-9080-exec-3] o.a.c.f.s.i.b.EndpointAddressValidator : The endpointAddress value of http:/ / does not match any of the passive requestor values


Looking at the \6.4.1_installer\tds\apache-tomcat\conf\ file, these values for oidc.url and oidc.userauth.url were seen:



Problem root cause  
Solution or Workaround

These values were changed to use the hostname:

oidc.url=http:/ /aaaa.bbbbb.cccc.dddd.eeee:9080/oidc
oidc.userauth.url=http:/ /aaaa.bbbbb.cccc.dddd.eeee:9080/oidc


After restarting the IAM and TDS services, the error was still there but in the idp.log file a different error appeared:

2017-09-06 14:25:00.230 [31m- WARN[0;39m [http-apr-9080-exec-5] o.a.c.f.s.idp.beans.CommonsURLValidator : The given endpointAddress parameter http:/ /aaaa.bbbbb.cccc.dddd.eeee:9080/oidc/idp/authorize is not a valid URL

In this case, the error is related to the validity of the hostname. IAM uses Fediz, but when a new OIDC client is registered, the redirect URL is validated. This means that non-standard TLD names cannot be used.


To resolve this, one line was added to the file:

- restart iam and tds services;

The login was then successful.

JIRA ticket number TPSVC-2981
Version history
Revision #:
8 of 8
Last update:
‎04-14-2019 02:22 PM
Updated by: