Error: You are not authorized to perform this operation

Problem

After upgrade or install of Ubisecure SSO or CustomerID, no user has access to the admin application /eidm2/wf/admin. If the admin user logs in OK with Ubisecure SSO and can access eidm2/wf/self-service with no problem but sees this error when using eidm2/wf/admin, the following error is displayed: Authorization Failure You are not authorized to perform this operation. The diag logs shows “Access denied to Org Main User page”

The diag logs shows “Access denied to Org Main User page”

Solution

This indicates that the authorizer component has not been installed correctly. Fix by installing the authorizer component. See chapter “Ubisecure SSO Adapter Installation” in the Ubisecure CustomerID Installation document. If Ubisecure SSO Adapter component has been installed and still doesn’t work, execute ubisecure-sso/ubisecure/config/tomcat/update.cmd to ensure the changes have been applied to Tomcat. This error may also indicate that permissions.properties file is set to prevent login. Refer to permissions.properties instructions in the Ubisecure CustomerID Configuration document.

Related articles

• Page:
  SAML Compatibility Flags
• Page:
  Install and start Ubisecure SSO Tomcat and Accounting Service as Windows Services gives error
• Page:
  Access to the requested resource is denied error
• Page:
  Authorization Policy Example : SHA256 hash from SSO session ID and user's email address
• Page:
  Change the hostname of a CustomerID installation