Tufin Error Message

Steve_Townsend · ‎2021-04-26

Does anyone know how resolve this issue from the MDSM when trying to migrate a Check Point MDS object in Tufin from R77.30 to R80.

ID: 4
Address: http://127.0.0.1:50276/web_api/v1.1/login
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[gzip,deflate], connection=[keep-alive], Content-Length=[74], content-type=[application/json], Host=[127.0.0.1:50276], User-Agent=[Apache-HttpClient/4.5.9 (Java/1.8.0_275)], X-Forwarded-For=[172.24.225.22], X-Forwarded-Host=[172.25.224.234:443], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[172.25.224.234]}
--------------------------------------
2021-04-26 23:48:30,271 INFO com.checkpoint.management.web_api_is.utils.helpers.ApiCache.<init>:2 [qtp777669030-50] - Cache created and initialized
2021-04-26 23:48:30,272 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:155 [qtp777669030-50] - Executing [login] of version 1.1
2021-04-26 23:48:34,467 ERROR com.checkpoint.management.web_api.utils.WebApiCommandExceptionUtils.getErrorReply:94 [qtp777669030-50] - Server has thrown GeneralRemoteFault exception errorCode [CP_ERR_COULD_NOT_CONNECT_FWM] errorFamily [null] message [Error: Unauthorized client 172.24.225.22.]
2021-04-26 23:48:34,468 ERROR com.checkpoint.management.web_api.utils.WebApiCommandExceptionUtils.getErrorReply:15 [qtp777669030-50] -
com.checkpoint.web_services.faults.GeneralRemoteFault: Error: Unauthorized client 172.24.225.22.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:83)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:57)
at java.lang.reflect.Constructor.newInstance(Constructor.java:437)
at org.apache.cxf.interceptor.ClientFaultConverter.processFaultDetail(ClientFaultConverter.java:182)
at org.apache.cxf.interceptor.ClientFaultConverter.handleMessage(ClientFaultConverter.java:82)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1642)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1533)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1336)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:652)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139)
at com.sun.proxy.$Proxy237.loginNew(Unknown Source)
at com.checkpoint.management.web_api_is.utils.RemoteSessionUtils.login_aroundBody0(RemoteSessionUtils.java:153)
at com.checkpoint.management.web_api_is.utils.RemoteSessionUtils$AjcClosure1.run(RemoteSessionUtils.java:1)
at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
at com.checkpoint.management.web_api_is.aspects.logging.WebApiMethodLoggerAspect.aroundMethodLoggerTest(WebApiMethodLoggerAspect.java:15)
at com.checkpoint.management.web_api_is.utils.RemoteSessionUtils.login(RemoteSessionUtils.java:33)
at com.checkpoint.management.web_api.core.handler.commands.session.login.WebApiLoginRequestHandler.doLogin(WebApiLoginRequestHandler.java:18)
at com.checkpoint.management.web_api.core.handler.commands.session.login.WebApiLoginRequestHandler.login(WebApiLoginRequestHandler.java:11)
at com.checkpoint.management.web_api.core.handler.commands.session.login.v1_1.WebApiLoginRequestHandler.login(WebApiLoginRequestHandler.java:15)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:508)
at com.checkpoint.management.web_api_is.utils.WebApiReflectionUtils.invoke(WebApiReflectionUtils.java:13)
at com.checkpoint.management.web_api.web_services.WebApiEntryPoint.postEntryPoint(WebApiEntryPoint.java:304)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:508)
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:212)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:268)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494)
at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
at com.checkpoint.management.web_api.core.filter.LogCustomDebugFieldFilter.doFilter(LogCustomDebugFieldFilter.java:4)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.IPAccessHandler.handle(IPAccessHandler.java:203)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:370)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Thread.java:820)
2021-04-26 23:48:34,470 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.postEntryPoint:241 [qtp777669030-50] - In Exception:
ex.toString(): java.lang.reflect.InvocationTargetException
ex.getCause(): com.checkpoint.web_services.faults.GeneralRemoteFault: Error: Unauthorized client 172.24.225.22.
ex.getMessage(): null
Is ex instanceof InvocationTargetException: true
2021-04-26 23:48:34,470 INFO com.checkpoint.management.web_api_is.utils.CsvFileWriterUtils.writeCsvLine:4 [qtp777669030-50] - 2021-04-26,23:48:34 -0400,Apache-HttpClient/4.5.9 (Java/,172.24.225.22,172.25.224.234:443,login,FAILED,4199
2021-04-26 23:48:34,472 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp777669030-50] - Outbound Message
---------------------------
ID: 4
Response-Code: 500
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Tue, 27 Apr 2021 03:48:34 GMT]}
Payload: {
"code" : "generic_server_initializing",
"message" : "Error: Unauthorized client 172.24.225.22."

Marcel_Gramalla · ‎2021-04-27

Hi,

maybe your are unlucky with the current Hotfix: "Unauthorized client" error on log in from IP that not defined explicitly in the Trusted Client list...

Just try to add the IP to the authorized GUI clients and see if it helps. Also the API has its own allowed IP list (Manage&Settings --> Blades --> Management API)

Are you a member of CheckMates?

Tufin Error Message