Product:TIBCO Spotfire Analyst
Versions:11.0 and higher
Summary:
After upgrading the Analyst to 11.0 or onwards, user gets 'Error message: Cannot log in to server. Unable to connect to the remote server (HRESULT: 80131509)' exception while logging in. This Article helps you resolve this issue.
Details:
There has been a product design change for Spotfire Analyst 11.X and higher. Whenever any user has upgraded to 11.0 or onward, there is a possibility that Public Address URL and the URL provided during login might not be the same. This mis-configuration may result in this error stack:
Error message: Cannot log in to server.
AuthenticationException at :
Could not authenticate with server to get tokens (no response error). (HRESULT: 80131501)
Stack Trace:
WebException at System:
Unable to connect to the remote server (HRESULT: 80131509)
Stack Trace:
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.<>c__DisplayClass19_0.<TryGetTokensUsingUsernamePassword>g__RequestAction|0(HttpWebRequest tokenRequest)
at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.<>c__DisplayClass27_0.<TryExecuteTokenRequest>b__0()
at Spotfire.Dxp.Services.Http.SpotfireRequest.ExecuteNonSpotfireServerRequestWithRetry(Boolean allowRetryToCauseDuplicateRequests, Func`1 requestCreator, Int32 maxNoOfRetry, Nullable`1 retryDelay, Action checkCancel)
at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.TryExecuteTokenRequest(Action`1 requestAction, Boolean getRefreshToken, Boolean isPasswordRequest, String& authToken, String& refreshToken, String& scope, Exception& error)
SocketException at System:
No connection could be made because the target machine actively refused it X.X.X.X:X (HRESULT: 80004005)
Stack Trace:
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
Explanation on new design behavior:
Reference:
Spotfire Server Host name & IP : http://adityavm01.apacanalytics.lab:90 & http://10.97.111.115:90
The Spotfire Analyst 11.0 is embedded with OAuth2 login form which acts as authorization mechanism in login dialog. When we enter username/password, Spotfire Analyst sends Spotfire Server a request which receives Spotfire Manifest in return. This Spotfire Manifest contains various parameters where Public Address URL is one of the parameters which Spotfire Server intends to use all the time.
When Analyst initiates authentication for OAuth2 as shown below, the server responds with 2 URL's. One for authorization and one for token generation.
Analyst picks up the token endpoint URL from response header and sends request along with client id in order to obtain bearer token as shown below.
This is where Resolution 2 comes in place. Since Analyst does not know the IP of the host specified, it intends to search in the hosts file of Windows. If there is no entry for the respective Host name and IP, there is a probability that this error is thrown. Once we add the entry for respective Host Name and it's IP address, the Analyst is able to get the IP of the Host Name for which it sends request for bearer token generation and successfully sends a request to token endpoint URL.
The second possibility is due to mismatch between Spotfire Server URL in Analyst Login and the Public Address URL. As we have seen in the previous example how it extracts and uses the token endpoint URL from the Response header. If the Public Address is set to http://adityavm01.apacanalytics.lab:80 and actual server address is http://adityavm01.apacanalytics.lab:90, then it for sure that the Analyst would send a request to a wrong token endpoint URL.
Resolution:
Resolution 1 (Recommended):
To resolve this, ensure that when logging in with the TIBCO Spotfire Analyst client that you are the using Public Address URL of the TIBCO Spotfire Server. For more details see:
Resolution 2:
If the Public Address URL contains Domain Name and you are using IP of that Domain Name, then please add the IP and Domain Name in your Windows hosts file located at : C:\Windows\System32\drivers\etc as shown below.
eg: If your Public Address URL has http://adityavm01.apacanalytics.lab/
and you are using http://10.97.111.115 in you Spotfire Analyst URL, then add the IP and respective Domain Name in your hosts file.
For Resolution 1 and Resolution 2, please close and reopen your Spotfire Analyst login dialog once you have reflected changes either in Public Address URL or Hosts file.
Versions:11.0 and higher
Summary:
After upgrading the Analyst to 11.0 or onwards, user gets 'Error message: Cannot log in to server. Unable to connect to the remote server (HRESULT: 80131509)' exception while logging in. This Article helps you resolve this issue.
Details:
There has been a product design change for Spotfire Analyst 11.X and higher. Whenever any user has upgraded to 11.0 or onward, there is a possibility that Public Address URL and the URL provided during login might not be the same. This mis-configuration may result in this error stack:
Error message: Cannot log in to server.
AuthenticationException at :
Could not authenticate with server to get tokens (no response error). (HRESULT: 80131501)
Stack Trace:
WebException at System:
Unable to connect to the remote server (HRESULT: 80131509)
Stack Trace:
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.<>c__DisplayClass19_0.<TryGetTokensUsingUsernamePassword>g__RequestAction|0(HttpWebRequest tokenRequest)
at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.<>c__DisplayClass27_0.<TryExecuteTokenRequest>b__0()
at Spotfire.Dxp.Services.Http.SpotfireRequest.ExecuteNonSpotfireServerRequestWithRetry(Boolean allowRetryToCauseDuplicateRequests, Func`1 requestCreator, Int32 maxNoOfRetry, Nullable`1 retryDelay, Action checkCancel)
at Spotfire.Dxp.Framework.Login.OAuth2AuthenticationFlow.TryExecuteTokenRequest(Action`1 requestAction, Boolean getRefreshToken, Boolean isPasswordRequest, String& authToken, String& refreshToken, String& scope, Exception& error)
SocketException at System:
No connection could be made because the target machine actively refused it X.X.X.X:X (HRESULT: 80004005)
Stack Trace:
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
Explanation on new design behavior:
Reference:
Spotfire Server Host name & IP : http://adityavm01.apacanalytics.lab:90 & http://10.97.111.115:90
The Spotfire Analyst 11.0 is embedded with OAuth2 login form which acts as authorization mechanism in login dialog. When we enter username/password, Spotfire Analyst sends Spotfire Server a request which receives Spotfire Manifest in return. This Spotfire Manifest contains various parameters where Public Address URL is one of the parameters which Spotfire Server intends to use all the time.
When Analyst initiates authentication for OAuth2 as shown below, the server responds with 2 URL's. One for authorization and one for token generation.
Analyst picks up the token endpoint URL from response header and sends request along with client id in order to obtain bearer token as shown below.
This is where Resolution 2 comes in place. Since Analyst does not know the IP of the host specified, it intends to search in the hosts file of Windows. If there is no entry for the respective Host name and IP, there is a probability that this error is thrown. Once we add the entry for respective Host Name and it's IP address, the Analyst is able to get the IP of the Host Name for which it sends request for bearer token generation and successfully sends a request to token endpoint URL.
The second possibility is due to mismatch between Spotfire Server URL in Analyst Login and the Public Address URL. As we have seen in the previous example how it extracts and uses the token endpoint URL from the Response header. If the Public Address is set to http://adityavm01.apacanalytics.lab:80 and actual server address is http://adityavm01.apacanalytics.lab:90, then it for sure that the Analyst would send a request to a wrong token endpoint URL.
Resolution:
Resolution 1 (Recommended):
To resolve this, ensure that when logging in with the TIBCO Spotfire Analyst client that you are the using Public Address URL of the TIBCO Spotfire Server. For more details see:
- KB 000046334 Where Tibco Spotfire Server Public Address URL is stored and Why it is not updated in configuration file while switching to older configuration?
- Documentation: set-public-address
Resolution 2:
If the Public Address URL contains Domain Name and you are using IP of that Domain Name, then please add the IP and Domain Name in your Windows hosts file located at : C:\Windows\System32\drivers\etc as shown below.
eg: If your Public Address URL has http://adityavm01.apacanalytics.lab/
and you are using http://10.97.111.115 in you Spotfire Analyst URL, then add the IP and respective Domain Name in your hosts file.
For Resolution 1 and Resolution 2, please close and reopen your Spotfire Analyst login dialog once you have reflected changes either in Public Address URL or Hosts file.