I'm trying to set the principal and credentials in my lookup.
However, I don't know where to set the corresponding security in WAS5.
I tried adding a user/pass to my user registry. I also tried adding
a J2C entry. Neither worked for me.
Any pointers?
I'm running WAS 5.1 Trial on AIX 5.2. I'm using the
FileRegistrySample custom user registry.
Below is the JNDI lookup code and the exception that I receive.
The code is:
String appInitialContextFactory =
com.ibm.websphere.naming.WsnInitialContextFactory";
String appProviderURL = "iiop://myhost:2809";
String appSecurityPrincipal = "user";
String appSecurityCredential = "pass";
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
appInitialContextFactory);
env.put(Context.PROVIDER_URL, appProviderURL);
env.put(Context.SECURITY_PRINCIPAL, appSecurityPrincipal);
env.put(Context.SECURITY_CREDENTIALS, appSecurityCredential);
Context ctx = new InitialContext(env);
Object obj = ctx.lookup("batch-ds");
The exception is:
com.ibm.websphere.naming.CannotInstantiateObjectException: Exception
occurred while the JNDI NamingManager was processing a
javax.naming.Reference object. Root exception is java.lang.Exception:
Failed security check. Client is not permitted to create connection
factory batch-ds
at com.ibm.ejs.j2c.J2CXAResourceFactory.createMCFEntry(J2CXAResourceFactory.java:463)
at com.ibm.ejs.j2c.ConnectionFactoryBuilderImpl.createMCFandPM(ConnectionFactoryBuilderImpl.java:1414)
at com.ibm.ejs.j2c.ConnectionFactoryBuilderImpl.getObjectInstance(ConnectionFactoryBuilderImpl.java:1201)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:313)
at com.ibm.ws.naming.util.Helpers.processSerializedObjectForLookupExt(Helpers.java:873)
at com.ibm.ws.naming.util.Helpers.processSerializedObjectForLookup(Helpers.java:680)
at com.ibm.ws.naming.jndicos.CNContextImpl.processResolveResults(CNContextImpl.java:1712)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1567)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1480)
at com.ibm.ws.naming.jndicos.CNContextImpl.lookupExt(CNContextImpl.java:1187)
at com.ibm.ws.naming.jndicos.CNContextImpl.lookup(CNContextImpl.java:1067)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:132)
at javax.naming.InitialContext.lookup(InitialContext.java:360)
at ICTest.main(ICTest.java:38)
Thanks.
Phil.
Try running your java client using the IBM's JRE, ie.{WAS_INSTALL_ROOT}/java/jre
Regards
Mayur
mugw...@asdf.com (Philip Tom) wrote in message news:<98d991d.04042...@posting.google.com>...
${WAS_INSTALL_ROOT}/java/jre/bin/java -cp
.:${WAS_INSTALL_ROOT}/lib/naming.jar:${WAS_INSTALL_ROOT}/lib/namingclient.jar:${WAS_INSTALL_ROOT}/properties/:${WAS_INSTALL_ROOT}/lib/j2cImpl.jar:${WAS_INSTALL_ROOT}/lib/rsadapterspi.jar:${WAS_INSTALL_ROOT}/lib/rsaexternal.jar:${WAS_INSTALL_ROOT}/lib/rsadaptercci.jar:/home/ptom/wasport/ojdbc14.jar
ICTest
Phil.
mdh...@hotmail.com (Mayur Dhanji) wrote in message news:<11280fb4.0404...@posting.google.com>...
Many thanks!
JLS
thanks in advance.
Is there a question in there somewhere? I have no idea what your problem
is.
If the datasource is configured to use J2C authentication alias, clients outside the applciation can obtain the datasource by lookup but need to provide username and password while getting connection as below:
Hashtable ht = new Hashtable();
ht.put(Context.INITIAL_CONTEXT_FACTORY, "com.ibm.websphere.naming.WsnInitialContextFactory");
ht.put(Context.PROVIDER_URL, "iiop://localhost:2809");
String dbUser = "user";
String dbPwd = "pwd";
Context ctx = new InitialContext(ht);
Object objds = ctx.lookup("jdbc/claimsDS");
System.out.println("Oobj is ::"+objds.getClass());
DataSource ds = (DataSource)objds;
Connection con = ds.getConnection(dbUser,dbPwd );
Statement stmt = con.createStatement();
Getting the following error:
Exception in thread "P=80820:O=0:CT" com.ibm.websphere.ce.cm.StaleConnectionException: [IBM][CLI Driver] SQL30082N Security processing failed with reason "3" ("PASSWORD MISSING"). SQLSTATE=08001
DSRA0010E: SQL State = 08001, Error Code = -30,082
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:67)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:521)
at com.ibm.websphere.rsadapter.GenericDataStoreHelper.mapExceptionHelper(GenericDataStoreHelper.java:523)
at com.ibm.websphere.rsadapter.GenericDataStoreHelper.mapException(GenericDataStoreHelper.java:578)
at com.ibm.ws.rsadapter.AdapterUtil.mapException(AdapterUtil.java:2124)
at com.ibm.ws.rsadapter.AdapterUtil.translateSQLException(AdapterUtil.java:1212)
at com.ibm.ws.rsadapter.spi.WSRdbDataSource.getConnection(WSRdbDataSource.java:1597)
at com.ibm.ws.rsadapter.spi.WSManagedConnectionFactoryImpl.createManagedConnection(WSManagedConnectionFactoryImpl.java:1100)
at com.ibm.ws.rsadapter.spi.WSDefaultConnectionManagerImpl.allocateConnection(WSDefaultConnectionManagerImpl.java:81)
at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:439)
at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:408)
Here is the code:
Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.ibm.websphere.naming.WsnInitialContextFactory");
env.put(Context.PROVIDER_URL, "corbaloc:iiop:localhost:2000");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.ibm.websphere.naming.WsnInitialContextFactory");
InitialContext ctx = new InitialContext(env);
// Call to get ds is successful
DataSource ds = (DataSource) ctx.lookup("jdbc/datasourcename");
// Can't get the connection. It needs password??????????????????
return ds.getConnection();