Support Article

Authentication error causes broken queue items

SA-22057

Summary



User has faced the error "Authentication modification permitted via privileged path only - invalid caller" which results in Service queue items acquiring a Broken-Queue status.

Error Messages



** Authentication modification permitted via privileged path only - invalid caller: RULE-OBJ-ACTIVITY @BASECLASS MSSERVICEAUTH #20141003T214237.045 GMT


Steps to Reproduce



Not Applicable.

Root Cause



An issue in the custom application code or rules.

User has their own Custom Authentication activity which actually authenticates the credential for the incoming service request.

This issue was happening due to their own custom Activity. 


Resolution



Apply HFix-26130. 


Changes needs to be done post installing the hotfix:

User is informed to remove the call to setusersecurityprofile API in their custom authentication Activity being used by them. 

Reason for post installation changes:

User was using a single hardcoded userid to authenticate the service, and had to specify Authentication Service data record on their service package.

The AUTH service instance would refer to an Activity which constructs an operator page with the hardcoded operator ID.

The service would then run as authenticated, and there would be no need to call setusersecurityprofile API to authenticate.

 

Suggest Edit

Published April 15, 2016 - Updated October 8, 2020

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.