Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ESB applications not start after enabling the Global security.

312 views
Skip to first unread message

balali...@gmail.com

unread,
Apr 16, 2008, 4:33:21 AM4/16/08
to
HI All,

My Server WebSphere Platform 6.0 http://BASE 6.0.2.7 cf70605.08 running with some ESB related applications in secure mode for the BUS . while i tired to enable the global security with user id from LDAP .Global security is enabled able to login to admin console with out problem .But the ESB related applications are not staring for the diagonizing removed the secure mode of the ESB then once again recycled the application server with full cridential (user & password) now the applications are started but the ESB secure mode is not enabled.ESB security authendication added the same user which had used for the ldap login.uesr also given the admin privileges in LDAP & admin console also .once again tried to enable the secure mode for the ESB but it failed . now the system running the ESB application without secure mode for esb & with global security .

can any one say what is the problem.

Regards

Balasubramanian

Stephen Cocks

unread,
Apr 16, 2008, 6:29:46 AM4/16/08
to
I'm not quite sure what your application structure is. Do you have messaging
applications, using JMS to connect to a Service Integration Bus? Or are you
using Web Services to connect to a Service Integration Bus, or do you have
the WebSphere ESB product?

If you enable Global Security and you have a Service Integration Bus which
is security enabled too, then anything connecting to the bus requires the
BusConnector role (nothing to do with Administrator or other administration
roles used to sign on to the console). By default all authenticated users
have BusConnector role permissions in 6.0.2.x, so you only need to supply a
correct userid/password that can authenticate (to LDAP in this case).

Did you create a J2C Authentication Alias for this userid/password and then
add that alias to all the JMS Connection Factory and Activation Spec objects
you are using?

You wrote: "ESB security authendication added the same user which had used
for the ldap login.uesr". Where did you add this?

Perhaps you could post the exception or other error messages you see when
the application fails to start?

--
Stephen Cocks
WESB/WPS Administration

<balali...@gmail.com> wrote in message
news:502745983.1208334832...@ltsgwas009.sby.ibm.com...

balali...@gmail.com

unread,
Apr 16, 2008, 7:36:17 AM4/16/08
to
Hi Stephen,

now i added the systemout.log for the application server .could you advise me what you find from the logs .

Thanks

Balasubramanian

sco...@uk.ibm.com

unread,
Apr 16, 2008, 9:09:22 AM4/16/08
to
[11/04/08 11:38:33:454 BST] 00000037 LdapRegistryI E SECJ0352E: Could not get the users matching the pattern WASRUN because of the following exception { 1 } .
[11/04/08 11:38:33:470 BST] 00000037 LdapRegistryI E SECJ0336E: Authentication failed for user WASRUN because of the following exception { 1 }
[11/04/08 11:38:33:470 BST] 00000037 SecurityAdmin E SECJ0297E: Error checking password for user :WASRUN. The exception is .
[11/04/08 11:38:33:485 BST] 00000037 ConnectToRunt E SECG0002E: An exception occurred in ConnectToRuntime when the server checked the password for user: WASRUN. The exception is .
[11/04/08 11:38:33:485 BST] 00000037 SecurityValid E SECG0021E: An exception occurred while validating security configuration values: com.ibm.ws.console.security.ConnectToRuntimeException: null nested exception is com.ibm.websphere.security.CustomRegistryException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0

There was a problem connecting to LDAP

javax.naming.NameNotFoundException: Context: xxxgw103Node02Cell/nodes/xxxgw103Node02/servers/server1, name: jms/Error: First component in name Error not found. Root exception is org.omg.CosNaming.NamingContextPackage.NotFound: IDL:omg.org/CosNaming/NamingContext/NotFound:1.0

You have code looking for some object using JNDI name jms/Error, but you haven't defined an object with this JNDI name

[11/04/08 11:47:17:623 BST] 0000000a SibMessage A [:] CWSII0150I: The Platform Messaging Component denied user ID access to bus E2EBus.
[11/04/08 11:47:17:669 BST] 0000000a ActivationSpe E J2CA0138E: The MessageEndpoint activation failed for ActivationSpec com.ibm.ws.sib.api.jmsra.impl.JmsJcaActivationSpecImpl and MDB Application E2ERetail#E2ERetailEJB.jar#E2EMessage, due to the following exception: javax.resource.ResourceException: CWSIV0950E: An internal error occurred. The exception com.ibm.wsspi.sib.core.exception.SINotAuthorizedException: CWSIP0303E: No user specified when creating a connection to secure messaging engine xxxgw103Node02.server1-E2EBus on bus E2EBus. was thrown while attempting to create a connection on factory com.ibm.ws.sib.processor.impl.MessageProcessor@32845b51.
Caused by: com.ibm.wsspi.sib.core.exception.SINotAuthorizedException: CWSIP0303E: No user specified when creating a connection to secure messaging engine xxxgw103Node02.server1-E2EBus on bus E2EBus.

You haven't specified a J2C Authentication Alas when defining your Activation Spec. You'll need to create the Authentication Alias with a valid user/password that can be authenticated to your LDAP server, and then put the name of that alias in you Act Spec definition. You'll need a valid alias in all the Act Specs and Connection Factories you'll use to connect to the E2EBus.

0 new messages