When login fails in JAIST-SSO
JAIST-SSO is used for authentication when using services such as Webmail and SSL-VPN. When authentication fails in JAIST-SSO, there are various possible reasons. Let's answer the questions from the following to find out the cause.
→ STEP.0 What message was displayed when the authentication failed?
Please read the FAQ for each service if the system does not use JAIST-SSO, or if there is a problem after successful JAIST-SSO.
- Unable to access WebMail (e.g. blue screen that appears when logging out)
→Mail FAQ "I cannot access email" - Unable to connect to SSL-VPN (screen does not transition, blank screen displayed, etc.)
→"Alternatives for when you can't connect to SSL-VPN" - No transition to JAIST-SSO page
→After deleting the cookie, please access from the link on this web page.
Reference
STEP.0 What message was displayed when the authentication failed?
When authentication fails, a red text message appears at the top of the screen for a few seconds.
Please select the appropriate combination of the operation you performed before the authentication failure and the message.
- After input your password, "Authentication Failed" appears at the top of the screen.
→ STEP1. About user name and password
- After input your password, "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." appears at the top of the screen.
→ STEP2. About authentication factors
- After input the one-time password, "Authentication Failed" appears at the top of the screen.
(When "INVALID OTP CODE. YOU WILL BE REQUESTED TO START AGAIN AFTER 1(or 2) MORE FAILURE(S)." is displayed)
→ FAQ "After entering the OTP, "INVALID OTP CODE" will be displayed."
STEP1. About user name and password
When "Authentication Failed" appears at the top of the screen after entering the password, there is a problem with your user name or password.
Please access the inquiry form and please try to log in.
* Do not use passwords saved in your web browser.
Can you log in?
- Yes (Login Success)
→The username/password entered in the login form is correct. Please try logging in again at JAIST-SSO.
* When authenticating with a certificate from off-campus
→STEP1-3. Please check your digital certificate - No (Login Error) →STEP1-2. User name or password is wrong
STEP1-2. User name or password is wrong
If you were unable to log in to the inquiry form, your user name or password is incorrect.
The student's user name is "s+student number". (If the student number is "1234567", the user name is "s1234567")
- Are you able to enter the text as you want?
The input may not be correct due to a faulty keyboard or a different layout.
Please enter your username and password into a text editor, and check that they are entered as you expect them to be. - Is the password correct?
It is also possible that you may remember the wrong password.
* When you are unable to log in after changing your password, please try logging in with your old password.
* If the password saved in your web browser allows you to log in, the password is the correct password.
Please refer to the FAQ "How to check passwords saved in your Web browser" to confirm your password.
If you have already registered an email address for resetting your password, please try to reset your password.
→Resetting your password
If you have not registered, please come to the reception desk in person with your student/staff ID card.
→RCACI reception desk
STEP1-3. Please check your digital certificate
Please check the following:
- Is the certificate issued under your user name?
Do not use someone else's digital certificate.
If you are a doctoral student, don't use the certificate that you got during your Master's course.
→Procedure for issuing a client certificate - Have you changed your e-mail address from "s+ student ID@jaist.ac.jp" since you got the digital certificate?
If yes, please revoke the certificate and issue a new one.
STEP2. About authentication factors
There is no problem with your username and password.
Please go to the appropriate link below.
- Accessing from on-campus network
→STEP2-1. Accessing from campus - Accessing from off-campus using a one-time password
→STEP2-2. When accessing with a one-time password - Accessing from off-campus using a digital certificate
→STEP2-3. When accessing with a digital certificate - Access from off-campus (No digital certificates or one-time passwords are set up)
→STEP2-4. When the authentication factor is not registered
STEP2-1. Accessing from campus
When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, you are not connected to the campus network.
Please check the following.
- What is your network connected to?
The "campus network" refers to the campus Wi-Fi (SSID: JAIST, eduroam, JAIST-ALL), wired LAN, and SSL-VPN.
Please make sure that you are using these networks.
- Connected to SSID:NEWCOMER
Wi-Fi service for new students is an off-campus network. A one-time password (OTP) or client certificate is required.
→STEP2-4. When the authentication factor is not registered
If you cannot login
→STEP3. Unable to log in
STEP2-2. When accessing with a one-time password
When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, one-time password authentication device is not registered.
→STEP2-4. You do not have an authentication factor
If you have a digital certificate, you can use it for JAIST-SSO authentication by importing the digital certificate into your browser.
If you cannot login
→STEP3. Unable to log in
STEP2-3. When accessing with a digital certificate
When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, either the certificate has not been imported or there is a problem with the selected certificate.
First, check to see if the digital certificate has been imported into your browser.
Access user's manuals by UPKI from the following page and refer to "Checking the Certificate (PKCS#12 file)".
→User's Manuals for Installation in Different Web Browsers
Is the digital certificate of "...@jaist.ac.jp" imported into your browser?
- Yes, the certificate was imported.
→STEP2-3-1. The digital certificate has been imported.
- No, the certificate was not imported.
If you have a digital certificate file→Procedure for importing a certificate
If you do not have a digital certificate file→Procedure for issuing a client certificate
STEP2-3-1. The digital certificate has been imported
Please check the following points about the imported digital certificate.
- Is the certificate issued after December 25, 2020?
Certificates issued on or before December 24, 2020 will not be available after January 17, 2022.
Please refer to the following announcement for details and action.
→[Important] Client certificates will be revoked (for issued before 2020/12/24) - Is the certificate valid?
Please make sure that your digital certificate has not been revoked.
→How to check the validity/revoked of the client certificate - Have you selected a valid certificate (if you have more than one certificate)?
If two or more certificates have been imported, the old certificate may be used for authentication.
→Select the certificate to be used for JAIST-SSO
If you have a One Time Password (OTP), please cancel the certificate selection and try to authenticate with OTP.
If you cannot login
→STEP3. Unable to log in
STEP2-4. You do not have an authentication factor
Authentication from off-campus requires authentication factors other than username and password (one-time password, client certificate, etc.). When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, it means that the authentication factor is missing.
Please come to the campus and get one (or both) of the following authentication factors.
- Registering a one-time password
→One Time Password authentication device registration procedure - Issuance of digital certificates
→Client certificate issuance procedure
If you are uncomfortable with any of the tasks on the above pages, help desk staff will support you.
Please come to the RCACI reception desk with the device you usually use.
STEP3. Unable to log in
If you are still unable to access the site, please check the failure information on the top page and confirm that the failure has not occurred.
→RCACI Home Page
When there is anything related to the failure JAIST-SSO, please wait until it is restored.
When you are unable to solve the problem, please contact us using the inquery form or email with the following information.
- User name
- On-campus or Off-campus
- If you are on campus, the network you are connected
- If off-campus, the authentication factor you are using
- Name and URL of the service you accessed
- Date and time of last access.
- Date and time of failed access.
- Screenshot of the failed authentication screen