topic Re: sas-viya auth login in Administration and Deployment

sas-viya auth login

RexDeus9 — Sun, 19 Feb 2023 17:07:32 GMT

Hi,

I want to use the 'sas-viya' CLI tool with Viya 21-##-##. I've set the trusted certificate (copied from the sas-logon pod) and a valid sas user, I get 'Login failed. Bad userid or password'.

While trying the documented 'sas-viya --insecure auth login', which bypasses the TLS auth, I still can't connect.

Attached is the output I get using: sas-viya --insecure auth login --verbose

Any clues appreciated. Thx.

Re: sas-viya auth login

DavidHD — Sun, 19 Feb 2023 17:32:13 GMT

Hi,

do you by chance have a URL special character in your password? If so please URL encode it and try to authenticate again.

Re: sas-viya auth login

RexDeus9 — Sun, 19 Feb 2023 18:54:34 GMT

Hi David,

Thank you for such a quick reply. No, I don't have URL special character, it's the very common 'Orion123'. I don't understand why we are provided with the '-k' and '--insecure' arguments to bypass TLS, but it doesn't.

Re: sas-viya auth login

sangavis37 — Mon, 20 Feb 2023 08:34:51 GMT

This is what I normally do and it always works for me
export SSL_CERT_FILE=/opt/sas/viya/config/etc/SASSecurityCertificateFramework/cacerts/trustedcerts.pem
/opt/sas/viya/home/bin/sas-admin profile set-endpoint "<url>"
/opt/sas/viya/home/bin/sas-admin profile toggle-color off
/opt/sas/viya/home/bin/sas-admin profile set-output fulljson
/opt/sas/viya/home/bin/sas-admin auth login --user '<user>' --password '<password>'

Re: sas-viya auth login

RexDeus9 — Mon, 20 Feb 2023 13:53:47 GMT

Hi,

Please read carefully, I'm using 'sas-viya' CLI tool, not 'sas-admin', which is intended for Viya 3.x, while 'sas-viya' is for Viya 21xx-xx and above.

Thank you.

Re: sas-viya auth login

gwootton — Mon, 20 Feb 2023 13:57:26 GMT

How are you determining the --insecure, -k option is not bypassing TLS validation?

From your screenshot you've provided the URL as http not https, and --verbose should be before "auth login"

Re: sas-viya auth login

gwootton — Mon, 20 Feb 2023 14:02:00 GMT

sas-viya and sas-admin work very similarly. If you have the certificate from sas-logon-app pod you can specify it in the environment variable SSL_CERT_FILE. The other commands mentioned are also valid with the sas-viya command.

Command-Line Interface: Preliminary Instructions
https://go.documentation.sas.com/doc/en/sasadmincdc/v_037/calcli/n1e2dehluji7jon1gk69yggc6i28.htm

Re: sas-viya auth login

doug_sas — Mon, 20 Feb 2023 14:03:17 GMT

TLS/SSL is not your problem. Also, @sangavis37 's commands will work if you replace sas-admin with sas-viya.

Is the endpoint URL you are going to correct? http://sasserver.demo.sas.com does not exist according to my browser.

Re: sas-viya auth login

RexDeus9 — Mon, 20 Feb 2023 14:09:18 GMT

Hi,

Yes thank you, I corrected the '--verbose' argument afterwards (did not update the screen shot), and still no luck.

Using '-k' (or --insecure) still ask you for the userid/password.

Re: sas-viya auth login

gwootton — Mon, 20 Feb 2023 14:11:03 GMT

Are you expecting it not to ask for your user ID and password? That should happen when you run auth login.

Re: sas-viya auth login

DavidHD — Mon, 20 Feb 2023 14:34:23 GMT

The -k/--insecure mean that the certificate validation step is skipped.

I would suggest trying to ping the server (http://sasserver.demo.sas.com) from the command line and make sure that you get something in return.

Next try logging in using:

sas-viya -k auth login -u sas -p Orion123

Re: sas-viya auth login

RexDeus9 — Wed, 22 Feb 2023 14:46:46 GMT

Thank you for the replies provided. I was able resolved the issue with the following:

sas-admin profile init

Enter: http://sasserver.demo.sas.com

*** RESET TOKEN ***

sas-admin --verbose --profile Default -k auth login

Enter <UserID>/<Password>

All is good!