Maximo

Hi,

I have 1 server and 5 cluster each with one jvm. I have SSL configured. I have SAML configured with Azure AD as the IDP.  Once we login to Maximo, instead of redirecting to Maximo Welcome page, It redirects to Maximo loginerror page.
https://hostname:443/maximo/webclient/login/loginerror.jsp?group=system&key=NoLogin
you cannot login at this time. Contact the system administrator.
 There are no error in System out and SystemErr logs. 
The system property mxe.enableConcurrentCheck is also set to 0.

Any leads to fix the issue will be helpful.

Regards,
Chhavi

SAML is similar to LDAP where you need to have the security constraints enabled in the various web.xml files. Can you confirm that you have these configured? One of the causes of the nologin is a misconfiguration where you haven't set those up. We document it here: https://www.ibm.com/docs/en/mfci/7.6.2?topic=security-configuring-assertion-markup-language-saml

Normally with SAML your login will be an email address. I would confirm on the MAXUSER table that the loginid matches what will be coming from the Identity Provider. 

Hi,

I have 1 server and 5 cluster each with one jvm. I have SSL configured. I have SAML configured with Azure AD as the IDP.  Once we login to Maximo, instead of redirecting to Maximo Welcome page, It redirects to Maximo loginerror page.
https://hostname:443/maximo/webclient/login/loginerror.jsp?group=system&key=NoLogin
you cannot login at this time. Contact the system administrator.
 There are no error in System out and SystemErr logs. 
The system property mxe.enableConcurrentCheck is also set to 0.

Any leads to fix the issue will be helpful.

Regards,
Chhavi

Hi Steven,

Thanks for your reply!
I have configured AppServersecurity as 1 in all the web.xml files as per the link and also the other steps mentioned in the below link.
https://www.ibm.com/docs/en/mfci/7.6.2?topic=security-configuring-assertion-markup-language-saml

I have also updated the loginid in MAXUSER table as the email address which is coming from IDP but still I am getting the error .
You cannot login at this time. Contact the system administrator.

Regards,
Chhavi

SAML is similar to LDAP where you need to have the security constraints enabled in the various web.xml files. Can you confirm that you have these configured? One of the causes of the nologin is a misconfiguration where you haven't set those up. We document it here: https://www.ibm.com/docs/en/mfci/7.6.2?topic=security-configuring-assertion-markup-language-saml

Normally with SAML your login will be an email address. I would confirm on the MAXUSER table that the loginid matches what will be coming from the Identity Provider. 

Hi,

I have 1 server and 5 cluster each with one jvm. I have SSL configured. I have SAML configured with Azure AD as the IDP.  Once we login to Maximo, instead of redirecting to Maximo Welcome page, It redirects to Maximo loginerror page.
https://hostname:443/maximo/webclient/login/loginerror.jsp?group=system&key=NoLogin
you cannot login at this time. Contact the system administrator.
 There are no error in System out and SystemErr logs. 
The system property mxe.enableConcurrentCheck is also set to 0.

Any leads to fix the issue will be helpful.

Regards,
Chhavi

Hi,

I have 1 server and 5 cluster each with one jvm. I have SSL configured. I have SAML configured with Azure AD as the IDP.  Once we login to Maximo, instead of redirecting to Maximo Welcome page, It redirects to Maximo loginerror page.
https://hostname:443/maximo/webclient/login/loginerror.jsp?group=system&key=NoLogin
you cannot login at this time. Contact the system administrator.
 There are no error in System out and SystemErr logs. 
The system property mxe.enableConcurrentCheck is also set to 0.

Any leads to fix the issue will be helpful.

Regards,
Chhavi

Hi,

I have 1 server and 5 cluster each with one jvm. I have SSL configured. I have SAML configured with Azure AD as the IDP.  Once we login to Maximo, instead of redirecting to Maximo Welcome page, It redirects to Maximo loginerror page.
https://hostname:443/maximo/webclient/login/loginerror.jsp?group=system&key=NoLogin
you cannot login at this time. Contact the system administrator.
 There are no error in System out and SystemErr logs. 
The system property mxe.enableConcurrentCheck is also set to 0.

Any leads to fix the issue will be helpful.

Regards,
Chhavi

------------------------------
Chhavi Poddar
------------------------------

#MaximoEAM
#Maximo