Your sasauth methods should just be pam, not pw pam, as pam can perform local authentication.

If you just go to http://server:port/SASLogon and authenticate does it spin or say you've logged in successfully (this should let us know if the spin is coming from SAS Logon or SAS Stored Process Web Application).

The logs for SASLogon and SASStoredProcess can be found in Lev1/Web/Logs/SASServer1_1, these may have additional detail on any failures. You can also look at the browser's network trace to see if any requests aren't being returned.

Usage Note 60268: Using the web browser developer tools to investigate issues in SAS® Web Applications
https://support.sas.com/kb/60/268.html

Hi Greg:

Thanks for the suggestions.  Any insights into what is going on is appreciated.

 

Q: when changing sasauth.conf does the whole stack have to be restarted? Or, can I restart pieces of the stack, like just Metadata Server, or Object Spawner or Web App Server (takes the longest)

 

Switched sasauth.conf to just methods=pam and recreated the pam.d/sasauth (set it 644 like all the others there).

Q: Is there any root level daemon or process that needs to be restarted after this?

 

Restarted the full SAS stack (sas.servers restart) and ...

• A Logon page left Spinning showed (what I suppose is good because the server disappeared for restart)

  Proxy Error
  The proxy server received an invalid response from an upstream server.
  The proxy server could not handle the request

  Reason: Error reading from remote server

• After servers reset, did a Ctrl-F5 refresh for <server>:<port>/SASLogon and tried the following User ID logins
  • "sasadm@saspw" (result: signed in, visited stp and it ran - cautiously optimistic)
  • Log out and log in "sasadm@saspw" again (result: spinning - disappointed)
  • Login with <xyzzy> / <xyzzy-network-pw> (result: spinning)
  • Login with <xyzzy@company.com> / <xyzzy-network-pw> (result: spinning)
    
    • <xyzzy> is defined in management console with Name:<xyzzy> and Accounts Domain: DefaultAuth User ID: <xyzzy>@<company.com>
    • Note: I can log into server with SSH as <xyzzy> and <xyzzy>@<company.com> using network password
      (var/log/secure clearly shows PAM going on with the SSH login)
      <server> sshd[###]: Authorized to <xyzzy>, krb5 principal <xyzzy<@<company.com> (ssh_gssapi_krb5_cmdok)
      <server> sshd[###]: Accepted gssapi-with-mic for <xyzzy> from <desktop-ip-addr> port <###> ssh2
      <server> sshd[###]: pam_unix(sshd:session): session opened for user <xyzzy> by (uid=0)
      
      

I have used browser network tools to view the Logon Network traffic, and the spinning always corresponds to login service response pending.

 

The Lev1/Web/WebAppServer/SASServer1_1/logs/server.log has lines such as

2022-03-02 08:40:44,946 ERROR (localhost-startStop-9) [org.apache.catalina.loader.WebappClassLoaderBase] Found RMI Target with stub class class [org.apache.jackrabbit.rmi.server.ServerPropertyDefinition_Stub] and value [ServerPropertyDefinition_Stub[UnicastRef [liveRef: [endpoint:[<server>:41814](local),objID:[-6123eb5e:17f4b026755:-44f8, -4381670130249457555]]]]]. This RMI Target has been forcibly removed to prevent a memory leak.

for many 'stubs'

 

I think the stopping part of doing a stack restart caused the lines above and below such as 

2022-03-02 08:40:45,576 WARN (localhost-startStop-6) [org.apache.catalina.loader.WebappClassLoaderBase] The web application [SASWIPServices] appears to have started a thread named [Atomikos:6] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:

java.lang.Object.wait(Native Method)
com.atomikos.timing.PooledAlarmTimer.doWait(PooledAlarmTimer.java:126)

...

followed by  

2022-03-02 08:40:45,577 WARN (localhost-startStop-6) [org.apache.catalina.loader.WebappClassLoaderBase] The web application [SASWIPServices] appears to have started a thread named [ActiveMQ Transport: tcp:
//<server>/<ipaddres>:61616@41792] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.net.SocketInputStream.socketRead0(Native Method)
java.net.SocketInputStream.socketRead(SocketInputStream.java:116)

...

for a number of ActiveMQ and additional [SASWIPServices] threads.

Followed by some 

2022-03-02 08:40:45,620 WARN (localhost-startStop-6) [org.apache.catalina.loader.WebappClassLoaderBase] The web application [SASWIPServices] appears to have started a thread named [Lock Grantor for sas.svcs.wip.DistributedLockService] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.lang.Object.wait(Native Method)
java.lang.Object.wait(Object.java:502)
com.gemstone.gemfire.distributed.internal.locks.DLockGrantor$DLockGrantorThread.run(DLockGrantor.java:3585)
2022-03-02 08:40:45,620 ERROR (localhost-startStop-6) [org.apache.catalina.loader.WebappClassLoaderBase] The web application [SASWIPServices] created a ThreadLocal with key of type [java.lang.InheritableThreadLocal] (value [java.lang.InheritableThreadLocal@3396d97f]) and a value of type [com.sas.svcs.authentication.helper.LazySpringSecurityContext] (value [com.sas.svcs.authentication.helper.LazySpringSecurity
Context@677b7df1]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.

 

and

 

java.lang.IllegalStateException: Illegal access: this web application instance has been stopped already. Could not load [org.jasig.cas.adaptors.trusted.authentication.principal.PrincipalBearingCredentials]. The following stack trace is thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access.

 

The startup portion (of restart) has log lines as follows and does mention LDAP configuration (strange)

2022-03-02 08:42:10,954 WARN (main) [com.springsource.tcserver.serviceability.rmi.JmxSocketListener] The 'bind' attribute has been deprecated on the JMXSocketListener, use the 'address' attribute.
2022-03-02 08:42:12,004 WARN (main) [com.springsource.tcserver.serviceability.rmi.JmxSocketListener] Detected LDAP configuration '<Lev1>/Web/WebAppServer/SASServer1_1/conf/jaas.config', but there is no ldap configuration entry specified.
2022-03-02 08:42:12,046 INFO (main) [org.apache.catalina.startup.Catalina] Initialization processed in 1280 ms
2022-03-02 08:42:12,550 INFO (main) [org.apache.catalina.core.StandardService] Starting service [Catalina]
2022-03-02 08:42:12,550 INFO (main) [org.apache.catalina.core.StandardEngine] Starting Servlet Engine: VMware tc Runtime 3.2.22.RELEASE/8.5.54.B.RELEASE

...... INFO lines about deployment and some WARN lines about unable to add resource regarding themes-source ......

2022-03-02 08:44:50,099 INFO (localhost-startStop-5) [org.apache.catalina.startup.HostConfig] Deployment of web application directory [<Lev1>/Web/WebAppServer/SASServer1_1/webapps/ROOT] has finished in [896] ms
2022-03-02 08:44:50,114 INFO (main) [org.apache.tomcat.util.net.NioSelectorPool] Using a shared selector for servlet write/read
2022-03-02 08:44:50,122 INFO (main) [org.apache.catalina.startup.Catalina] Server startup in 158075 ms
2022-03-02 08:45:08,983 INFO (tomcat-http--32) [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/SASWIPServices]] Initializing Spring FrameworkServlet 'welcome'

 

SASServer1_1 localhost_access_log..<datestamp> shows things like

<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASLogon/v1/tickets HTTP/1.1" 201 -
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASLogon/v1/tickets/TGT-302-y0qzdKYf3Kbz0pXfUeeAiy1BuRMzbZYhSkBfrgtfnsRCRPvMWN-cas HTTP/1.1" 200 31
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/serviceValidate?pgtUrl=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_proxyreceptor&ticket=ST-261-3R6IoUml0Y3eNyEbiqh7-cas&service=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_check HTTP/1.1" 200 611
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/proxy?pgt=TGT-303-2j7feo1kCf6YZCgiVClbw5fXh6dIcLdTvE5X70jg71pLybpyD3-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-250-dcZYhdolrAffoRLHFKqh-cas&pgtId=TGT-304-wsN5AvKFQbfSLUuAnycZCHSGRYMjhdIXoSLIlkWMEY12fbRWUL-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-262-trpPMFbDAwqZgE9M4bVC-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/rest/?ticket=ST-262-trpPMFbDAwqZgE9M4bVC-cas HTTP/1.1" 200 1059
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/proxy?pgt=TGT-303-2j7feo1kCf6YZCgiVClbw5fXh6dIcLdTvE5X70jg71pLybpyD3-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-251-IfP7l7Kr3ElffIObP4y7-cas&pgtId=TGT-305-5ZkdzXqWMPYPuAVUd0x6pbEAXAM7VIp6cDiSewCQJtLcdi7Kz7-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-263-a6NxvzKVkwnIGLM7P6ue-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/rest/users/sasevs?ticket=ST-263-a6NxvzKVkwnIGLM7P6ue-cas HTTP/1.1" 200 1743
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/proxy?pgt=TGT-303-2j7feo1kCf6YZCgiVClbw5fXh6dIcLdTvE5X70jg71pLybpyD3-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-252-S0smBmDvWjcoTOOKb4xB-cas&pgtId=TGT-306-Qsk9HOPF5aaFkWnfjKaZtyhQPG3PPIJiihkiFeawryaPSelMAe-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-264-A7JBkAyGspULFpvObvK6-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:33 -0600] "GET /SASIdentityServices/rest/users/sasevs/memberships?ticket=ST-264-A7JBkAyGspULFpvObvK6-cas HTTP/1.1" 200 2116
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxy?pgt=TGT-303-2j7feo1kCf6YZCgiVClbw5fXh6dIcLdTvE5X70jg71pLybpyD3-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-253-kgB6exy0GdxYjPeE3gly-cas&pgtId=TGT-307-mmmlDk0o4F7wYOclPYKksdluECv3BZecl0uf5OKFfGbxLaU2Zf-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-265-1TzflgAKB4QfhJwnJA9J-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/rest/groups/SASAdministrators/memberships?ticket=ST-265-1TzflgAKB4QfhJwnJA9J-cas HTTP/1.1" 200 50
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "DELETE /SASLogon/v1/tickets/TGT-302-y0qzdKYf3Kbz0pXfUeeAiy1BuRMzbZYhSkBfrgtfnsRCRPvMWN-cas HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASLogon/v1/tickets HTTP/1.1" 201 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASLogon/v1/tickets/TGT-308-djdOKN2RMjbcqxire9a0vwucLv2csOkcosv2E5bS75CN9g63SQ-cas HTTP/1.1" 200 31
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/serviceValidate?pgtUrl=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_proxyreceptor&ticket=ST-266-OvEyWg0uNcb1yKGGpKEg-cas&service=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_check HTTP/1.1" 200 611
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxy?pgt=TGT-309-6XYYyEw1ebT5HNrbZPAfQfUtcNGsn1dRiGlcD0fVJDOSADZ53d-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-255-WoET2IGs4b1WXaOeHmnk-cas&pgtId=TGT-310-MncFBDBARXnbp2qUUCmAR5cDFpI4dkADqwTcftmKR4Lxy7fWBS-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-267-Hj2auoBkHzpcsFBBda9B-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/rest/?ticket=ST-267-Hj2auoBkHzpcsFBBda9B-cas HTTP/1.1" 200 1059
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxy?pgt=TGT-309-6XYYyEw1ebT5HNrbZPAfQfUtcNGsn1dRiGlcD0fVJDOSADZ53d-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-256-bUIoTatce5tOtalfSGbz-cas&pgtId=TGT-311-uFlMU7AAT6lE573cjvTS46ocBdbncdcAqWzcrRmdVRcMxgE0Ac-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-268-0L0LpmhTTbgqzft3Rou3-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/rest/users/sasevs?ticket=ST-268-0L0LpmhTTbgqzft3Rou3-cas HTTP/1.1" 200 1743
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxy?pgt=TGT-309-6XYYyEw1ebT5HNrbZPAfQfUtcNGsn1dRiGlcD0fVJDOSADZ53d-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-257-GASfeklrkejH7a9DeP3c-cas&pgtId=TGT-312-Yi5cRqbx4rQJjfbYaeCFGb3EpdGYJ9JRG0IsOPv90gqLHmydT3-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-269-wMcjNZfGa3poJ5dIZbaJ-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/rest/users/sasevs/memberships?ticket=ST-269-wMcjNZfGa3poJ5dIZbaJ-cas HTTP/1.1" 200 2116
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxy?pgt=TGT-309-6XYYyEw1ebT5HNrbZPAfQfUtcNGsn1dRiGlcD0fVJDOSADZ53d-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-258-31UWquXJ17fT2frc5YM6-cas&pgtId=TGT-313-W5u3Z0i2uW03AF5HeTX4Ejc2JZVL5qmeVFg0TnF4R9BPJZizey-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-270-pF5fxMupCwrN5sBGhtHJ-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "GET /SASIdentityServices/rest/groups/SASAdministrators/memberships?ticket=ST-270-pF5fxMupCwrN5sBGhtHJ-cas HTTP/1.1" 200 50
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "DELETE /SASLogon/v1/tickets/TGT-308-djdOKN2RMjbcqxire9a0vwucLv2csOkcosv2E5bS75CN9g63SQ-cas HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:34 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASLogon/v1/tickets HTTP/1.1" 201 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASLogon/v1/tickets/TGT-314-BDzOC47igrLRSd37rD7fpB4qJTbN1nLrvmU6gNXUbrcEHy1B1D-cas HTTP/1.1" 200 31
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/serviceValidate?pgtUrl=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_proxyreceptor&ticket=ST-271-5GLCzeTSTdYdCR60YRUD-cas&service=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_check HTTP/1.1" 200 611
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxy?pgt=TGT-315-3LmSv5DXxryrtGshlRhT0pj4TLeE2Krb7viHw7X1Ip9zgNRUUj-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-260-oWaBHvADzbyinsQdfbD3-cas&pgtId=TGT-316-6kzsrefxsgEMj7YMM92Z00Rq3gvBmhZpFZVLtFECBGthmf6sza-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-272-eiDILQr6BzhOpMmVakLy-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/rest/?ticket=ST-272-eiDILQr6BzhOpMmVakLy-cas HTTP/1.1" 200 1059
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxy?pgt=TGT-315-3LmSv5DXxryrtGshlRhT0pj4TLeE2Krb7viHw7X1Ip9zgNRUUj-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-261-nKtmisfMtx5dkkWrYQ9a-cas&pgtId=TGT-317-1OVeJ0tqwP3JsQzN0kgeSVcC1XHcd6AnglrC0UVcfZtoecCl1V-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-273-PPyqvgcVvqRlEccw0b0f-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/rest/users/sasevs?ticket=ST-273-PPyqvgcVvqRlEccw0b0f-cas HTTP/1.1" 200 1743
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxy?pgt=TGT-315-3LmSv5DXxryrtGshlRhT0pj4TLeE2Krb7viHw7X1Ip9zgNRUUj-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-262-pifmfBEbXiC9oZfjbrWL-cas&pgtId=TGT-318-ejGcyyJAdwCKafy6FdGCnS0oKcf42pU1wq3ETbx6fe2KrWLmg3-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-274-9guiMHmemUecZcXCzTcQ-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/rest/users/sasevs/memberships?ticket=ST-274-9guiMHmemUecZcXCzTcQ-cas HTTP/1.1" 200 2116
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxy?pgt=TGT-315-3LmSv5DXxryrtGshlRhT0pj4TLeE2Krb7viHw7X1Ip9zgNRUUj-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-263-FM4ITBZt5mbM2beelwcY-cas&pgtId=TGT-319-ocPikRYEJpfw4fgdTstNY2EKKnn20fecuQrfsmVxZDRxZ3jVGj-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-275-FDFcriiQc0FPGFt9MQWn-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/rest/groups/SASAdministrators/memberships?ticket=ST-275-FDFcriiQc0FPGFt9MQWn-cas HTTP/1.1" 200 50
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "DELETE /SASLogon/v1/tickets/TGT-314-BDzOC47igrLRSd37rD7fpB4qJTbN1nLrvmU6gNXUbrcEHy1B1D-cas HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASLogon/v1/tickets HTTP/1.1" 201 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASLogon/v1/tickets/TGT-320-Xkr1vJfSGfyddkUM2Boeta3EOg7WXIBUGkbwVfTgaKEsJN0vAc-cas HTTP/1.1" 200 31
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/serviceValidate?pgtUrl=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_proxyreceptor&ticket=ST-276-MZ6hSmUH2A4jkVWU35Vp-cas&service=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_check HTTP/1.1" 200 611
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxy?pgt=TGT-321-wPZ1W7lRE4SMbYL3LIZj5QoEsZvvabMOqDs6b6mqHf2O43V9fN-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-265-AExyQgpU7mXSum2rNJBG-cas&pgtId=TGT-322-uJhMehywpxjtAODXkuc1dxr4Y6doX3f6QG7wCY3qYLjdUpVxXY-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-277-flTMZ9jow3em5UiqmODc-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:35 -0600] "GET /SASIdentityServices/rest/?ticket=ST-277-flTMZ9jow3em5UiqmODc-cas HTTP/1.1" 200 1059
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-321-wPZ1W7lRE4SMbYL3LIZj5QoEsZvvabMOqDs6b6mqHf2O43V9fN-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-266-gOH4n0irxo1chWQrkIYJ-cas&pgtId=TGT-323-r6eHOCHKuRmC9Fggad9m2WNB9nyT5faFBH3sFL666mwCmP0cNa-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-278-Qcxann9nqqCUQz6jZ3wh-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/rest/users/sasevs?ticket=ST-278-Qcxann9nqqCUQz6jZ3wh-cas HTTP/1.1" 200 1743
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-321-wPZ1W7lRE4SMbYL3LIZj5QoEsZvvabMOqDs6b6mqHf2O43V9fN-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-267-bc7La4BDopb1vyNVV0Up-cas&pgtId=TGT-324-c42Wad54caGwaAyITYnT7bqBUgSlSehfeOE3QaVjAttEytfdTc-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-279-qEpcdwYqeXmssOYrdEQE-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/rest/users/sasevs/memberships?ticket=ST-279-qEpcdwYqeXmssOYrdEQE-cas HTTP/1.1" 200 2116
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-321-wPZ1W7lRE4SMbYL3LIZj5QoEsZvvabMOqDs6b6mqHf2O43V9fN-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-268-elUPhNb75tLfYmh1lpHC-cas&pgtId=TGT-325-OVoC5gnqHN3iaaRbb6EcCbmw5au7Y0spTnFuaaI1zcD5Kc35KM-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-280-wTp9cJUEswGdFtYpjlRf-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/rest/groups/SASAdministrators/memberships?ticket=ST-280-wTp9cJUEswGdFtYpjlRf-cas HTTP/1.1" 200 50
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "DELETE /SASLogon/v1/tickets/TGT-320-Xkr1vJfSGfyddkUM2Boeta3EOg7WXIBUGkbwVfTgaKEsJN0vAc-cas HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASLogon/v1/tickets HTTP/1.1" 201 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASLogon/v1/tickets/TGT-326-RMmOXL9qd3f7X7NPPdgmOHSJdEyFLQGovMAftcmuwbzkfJHkFK-cas HTTP/1.1" 200 31
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/serviceValidate?pgtUrl=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_proxyreceptor&ticket=ST-281-jx3astW0MUFelzSZYaSi-cas&service=http%3A%2F%2F<server>%3A7080%2Fj_spring_cas_security_check HTTP/1.1" 200 611
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-327-fOKgn2GMHYVqqIyQdk0UPihauqecEgcjGjOk6rz7Lvy9aYFOM9-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-270-tsmbzlouFhUi5U1owtU3-cas&pgtId=TGT-328-ejdXgwdLcRmHNGNvLiwVjfhs5jSdt9MBJ3RdwvL77xlvcKfKe4-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-282-QrNQCbqfMtpO4S2MEhKN-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2F HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/rest/?ticket=ST-282-QrNQCbqfMtpO4S2MEhKN-cas HTTP/1.1" 200 1059
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-327-fOKgn2GMHYVqqIyQdk0UPihauqecEgcjGjOk6rz7Lvy9aYFOM9-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-271-qSKnlPAOXaD6uN9yUKPo-cas&pgtId=TGT-329-RJooDJeAmmbZlJGx5iMRp6sZUgZXFq4IHYAlcyISyIduYGHSPt-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-283-JjCu0KEspNWBAJDOfPwb-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/rest/users/sasevs?ticket=ST-283-JjCu0KEspNWBAJDOfPwb-cas HTTP/1.1" 200 1743
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-327-fOKgn2GMHYVqqIyQdk0UPihauqecEgcjGjOk6rz7Lvy9aYFOM9-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-272-3jguK3chDZeTtLHdLSyJ-cas&pgtId=TGT-330-d50AEWcy0x5btDcZr49YKU0pUYRpXgYxvXFBacGcjB69jYm57l-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-284-od5LBHEG3gt4VCJwaE0X-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fusers%2Fsasevs%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/rest/users/sasevs/memberships?ticket=ST-284-od5LBHEG3gt4VCJwaE0X-cas HTTP/1.1" 200 2116
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxy?pgt=TGT-327-fOKgn2GMHYVqqIyQdk0UPihauqecEgcjGjOk6rz7Lvy9aYFOM9-cas&targetService=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 193
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASIdentityServices/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-273-5cysU2ddEUScPBNmTTB4-cas&pgtId=TGT-331-GiXOTcnPOI5MlVr5efRdl7YwhmUsIVIcwaVrNEDIKwgxsAWTQl-cas HTTP/1.1" 200 98
<ip-addr> - - [02/Mar/2022:11:01:36 -0600] "GET /SASLogon/proxyValidate?pgtUrl=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Fj_spring_cas_security_proxyreceptor&ticket=ST-285-7dUZVs5atdfEGcwP1KZ7-cas&service=http%3A%2F%2F<server>%3A7980%2FSASIdentityServices%2Frest%2Fgroups%2FSASAdministrators%2Fmemberships HTTP/1.1" 200 750
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASAuthorizationServices/remote/org.springframework.security.core.userdetails.UserDetailsService HTTP/1.1" 200 1796
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "GET /SASIdentityServices/rest/groups/SASAdministrators/memberships?ticket=ST-285-7dUZVs5atdfEGcwP1KZ7-cas HTTP/1.1" 200 50
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "DELETE /SASLogon/v1/tickets/TGT-326-RMmOXL9qd3f7X7NPPdgmOHSJdEyFLQGovMAftcmuwbzkfJHkFK-cas HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/users/sasevs/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/groups/SASAdministrators/memberships HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/ HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASIdentityServices/rest/users/sasevs HTTP/1.1" 200 -
<ip-addr> - - [02/Mar/2022:11:01:37 -0600] "POST /SASPrincipalServices/remote/com.sas.svcs.audit.client.AuditRecorderInterface HTTP/1.1" 200 235

 

 

Another related logon issue is using EG8.3 and trying to "set active" previously working connection profiles. (mc~management console)

1. sasadm@saspw + mc-password connects but submitting a program pops up a "Credentials Required" dialog asking for User: and Password:
2. <server-local-account> set active raises SAS EG dialog "Unable to connect to the metadata server. A connection could not be established to a SAS Metadata Server running on port 8561 on host <server-machine> ... Server response: Failed to process peer request"
3. <network-account> set active raises the same dialog.
   

Note: SAS Management console run on <server-machine> does connect using sasadm@saspw

 

Random...

Q: Should I rerun PROC PERMTEST?

 

Authenticating with sasadm@saspw would not use sasauth. This is an internal account authenticated by the Metadata Server directly.

The sasauth.conf file is read by the sasauth process when it starts. This process is a subprocess of the Metadata Server, Connect Spawner and Object Spawner. So, you could just restart those processes or in the past I have even just killed the sasauth process, triggering it to be relaunched. The middle tier does not use sasauth directly, SASLogon contacts the Metadata Server to authenticate.

When you ssh to a server you are using sshd's pam file rather than sasauth, so this is not a direct comparison. PROC PERMTEST will test sasauth directly.

It is normal when stopping the Web Application Server to see a lot of messages like this, they can be ignored:

2022-03-02 08:40:44,946 ERROR (localhost-startStop-9) [org.apache.catalina.loader.WebappClassLoaderBase] Found RMI Target with stub class class [org.apache.jackrabbit.rmi.server.ServerPropertyDefinition_Stub] and value [ServerPropertyDefinition_Stub[UnicastRef [liveRef: [endpoint:[<server>:41814](local),objID:[-6123eb5e:17f4b026755:-44f8, -4381670130249457555]]]]]. This RMI Target has been forcibly removed to prevent a memory leak.
...
2022-03-02 08:40:45,576 WARN (localhost-startStop-6) [org.apache.catalina.loader.WebappClassLoaderBase] The web application [SASWIPServices] appears to have started a thread named [Atomikos:6] but has failed to stop it. This is very likely to create a memory leak.

The LDAP messages during startup are also normal and can be ignored.

Access logs show the request and response, so if a response wasn't sent it wouldn't appear in the log. You'd need to try to match the requests from the browser trace with the access log to see if a response was shown in the access log but not in the browser if you were trying to determine if SAS sent a response the browser didn't receive (i.e. network issue).

Did you look at the logs for SASLogon in Lev1/Web/Logs/SASServer1_1 I mentioned?

You should not use sasadm@saspw to log in to Enterprise Guide, as sasadm@saspw is not a valid host account so cannot own the sas process on the server. Because if this, EG would prompt you for a valid host credential when you try to start a workspace server. This is why you are getting the prompt in scenario 1.

Scenario's 2 and 3 sound like the Metadata Server's sasauth is failing as sasadm@saspw authenticates to Metadata successfully and server users do not. PROC PERMTEST run on the Metadata host can confirm this.