BugZero | VMware BugID 56663 - Launching of DaaS resource from Workspace portal f...

VMware - Defect ID: 56663

Launching of DaaS resource from Workspace portal fails with error: Unable to complete login, single sign-on token is missing or invalid

VMware - Defect ID: 56663

Launching of DaaS resource from Workspace portal fails with error: Unable to complete login, single sign-on token is missing or invalid

Last updated on 12/11/2023

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptoms

In the browser or horizon view client, you see an error message: "Unable to complete login, single sign-on token is missing or invalid" In the desktone.log file, you see entries similar to: 2018-07-11 13:58:21,322 INFO [com.desktone.directory.activedirectory.ActiveDirectoryAccessManager]-[https-openssl-apr-4443-exec-219] Successfully authenticated user - testuser@DAAS.domain.COM 2018-07-11 13:58:21,322 INFO [com.desktone.directory.activedirectory.ActiveDirectoryAccessManager]-[https-openssl-apr-4443-exec-219] User: testuser authenticated, guid:e14702f0dc6beb4eb146c53bd9fa1a5e 2018-07-11 13:58:21,973 INFO [com.desktone.collector.swiftmq.ChangeKeyWorker]-[pool-26-thread-517] Received a CHANGEKEY request from 3c4f9c35-c187-476f-b5f7-2947ccc364f1 2018-07-11 13:58:21,974 WARN [com.desktone.collector.swiftmq.ChangeKeyWorker]-[pool-26-thread-517] Unverified CHANGEKEY message discarded, machine '3c4f9c35-c187-476f-b5f7-2947ccc364f1' does not exist 2018-07-11 13:58:25,303 WARN [com.desktone.token.util.SecurityToken]-[https-openssl-apr-4443-exec-208] Error while decrypting the token: Tag mismatch! 2018-07-11 13:58:25,433 INFO [org.opensaml.xmlsec.signature.support.SignatureSupport]-[https-openssl-apr-4443-exec-208] No KeyInfoGenerator was supplied in parameters or resolveable for credential type org.opensaml.security.x509.X509Credential, No KeyInfo will be generated for Signature 2018-07-11 13:58:27,642 ERROR [com.desktone.view.broker.ViewClientServlet]-[https-openssl-apr-4443-exec-208] Exception while looking up SSO token and building response: com.desktone.federation.common.exception.NotFoundException: Could not find domain:

Cause

This issue occurs when the SAML data does not contain the domain information of the user which is required for DaaS.

Resolution

To resolve this issue: Log in to the VMware Identity Manager/ WS1 administration console. Select the Catalog > Virtual Apps tab, and then click Virtual Apps Configuration. Select the Horizon cloud resource name from the list.Go to Custom ID Mapping.Under Name ID value, click on Select from suggestions and choose ${user.userPrincipalName}

Related Information

Page last reviewed: 12 December 2023Next review due: 12 December 2025

Original Vendor Announcement

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

VMware - Defect ID: 56663

Launching of DaaS resource from Workspace portal fails with error: Unable to complete login, single sign-on token is missing or invalid

VMware - Defect ID: 56663

Launching of DaaS resource from Workspace portal fails with error: Unable to complete login, single sign-on token is missing or invalid

Last updated on 12/11/2023

Vendor details

Vendor details

Description

Symptoms

Cause

Resolution

Related Information

Links

Top VMware defects by risk score

Ready to prevent the next vendor outage?