Invalid credentials when log in into /ipcon if Webaccess 2018 is on the same server

  • Document ID:7023766
  • Creation Date:12-Mar-2019
  • Modified Date:27-Sep-2019
    • Micro Focus Products:
      iPrint

Environment

iPrint for OES 2018
iPrint for OES 2018 SP1

Situation

"Invalid Credentials" is returned when attempting to authenticate to the /ipcon console when GroupWise Webaccess 2018 is installed.

Resolution

They're two solution to this issue:

Resolution A:

1. Rename the /etc/apache2/conf.d/rewrite.conf to have an extension other than.conf, or edit the file by adding a comment (#) in front of every line except the first line (in case you need the Rewrite Engine turned on).  If you add comments to the file, it would look like this:

RewriteEngine On
##RewriteCond %{REQUEST_URI} !wpad\.dat$
##nach iprint für OES2018 Installation entfernt Siehe TID 7022588
##RewriteCond %{HTTPS} !=on
##RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

2. If the /etc/apache2/conf.d/userdir.conf file is present (it is present only if it was manually created), add comment marks (#) at the beginning of the following lines:

## Keine Umlenkung auf https fuer WPAD (3.5.2015)
##RewriteCond %{REQUEST_URI} !wpad\.dat$
## Sonstigen gesamten Verkehr auf https umlenken
##RewriteCond %{HTTPS} !=on
## aber nur, wenn es sich nicht bereits um eine HTTPS-Anfrage handelt
##RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

3.  Restart Apache:
rcapache2 restart
Resolution B:
If rewrite is needed by webaccess, add the following rules (in green):

1. For /etc/apache2/conf.d/rewrite.conf:

RewriteEngine On
RewriteCond %{REQUEST_URI} !wpad\.dat$
#nach iprint für OES2018 Installation entfernt Siehe TID 7022588
RewriteCond %{HTTPS} !=on

RewriteCond %{REQUEST_URI} !^/iprint [NC]
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

2. For /etc/apache2/conf.d/userdir.conf:

# Keine Umlenkung auf https fuer WPAD (3.5.2015)

RewriteCond %{REQUEST_URI} !wpad\.dat$
# Sonstigen gesamten Verkehr auf https umlenken
RewriteCond %{HTTPS} !=on

RewriteCond %{REQUEST_URI} !^/iprint [NC]
# aber nur, wenn es sich nicht bereits um eine HTTPS-Anfrage handelt
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

3. Restart Apache and license server:
rcnovell-iprint-license restart:rcapache2 restart
If webaccess is updated, that may modify the conf settings back to original.  Therefore, this procedure must be repeated.

Cause

Webaccess 2018 is installed on same server.  Webaccess 2018 installs a rewrite rule which rewrites all HTTP calls to HTTPS. This causes mod_ipp to fail to communicate to the license service, which results in the error.

Additional Information

The Apache2 error_log shows an error when trying to log into /ipcon console:
[DATE] [:error] [pid 51626] Unexpected response to rest call /license/features.
[DATE] [:error] [pid 51626] REST call failed. HTTP Status Code: 302
[DATE] [:error] [pid 51626] Fetching license info failed.
[DATE] [:error] [pid 51626] Http Code : 302
[DATE] [:error] [pid 51626] Curl Code : 0
[DATE] [:error] [pid 51626] Error occurred while fetching licensing information.
HTTP 302 message is a redirection information code

If a 503 error is returned instead of the ipcon authentication page, see KB 7022852.