cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Syclo WorkManager 7.5 Authentication Error

Former Member

on ‎09-30-2014 2:06 PM

0 Kudos

Hello.  I have run into a connection issue with Syclo that I was hoping one of you may have seen before.  When attempting to connect the Agentry Server to WebSphere either through the ATE or using the connectTest.bat function, I get the errors listed below.  We are using Syclo WorkManager 7.5 and connecting to WebSphere 8.5.0.3 using LDAP authentication and the WebSphere 7 Client is installed on the Syclo WM Server.  Everything works fine when using native mode via RMI connection. I found an article from IBM outlining an issue with WebSphere 8.5 and running a WAS client which recommended changing the server side CSIv2 Transport Layer to SSL-Supported.  The link is below.  We changed these settings, restarted, but the error is still there. IBM Link: http://www-01.ibm.com/support/docview.wss?uid=swg21614221 I have confirmed the javaBE.ini and sas.client.props settings from the install guide for Websphere authentication (listed below). Any assistance/ideas would be greatly appreciated. Thanks, Pete javaBE.ini: appServerType=websphere security.auth.login.config=D:/syclo/WorkManager/ServerDev/jaas_client.conf naming.provider.url=corbaloc:iiop::naming.factory.initial=com.ibm.websphere.naming.WsnInitialContextFactory maximo.jndi.rootContext=cell/clusters/mxdev_syclo_cluster maximo.jndi.ejb.accesstoken=ejb/maximo/remote/accesstokenprovider com.ibm.CORBA.ConfigURL=file:D:/IBM/WebSphere/AppClient/properties/sas.client.props jdbc.connectionURL=jdbc:oracle:thin:@: From the sas.client.props file in D:\IBM\WebSphere\AppClient\properties : com.ibm.CORBA.validateBasicAuth=false com.ibm.CSI.performClientAuthenticationRequired=true com.ibm.CSI.performTransportAssocSSLTLSSupported=false Error: D:\syclo\WorkManager\ServerDev>connectTest.bat username password 'serverClass' is not recognized as an internal or external command, operable program or batch file. com.syclo.maximomobile.Server::::log level = 5 com.syclo.maximomobile.Server::::com.syclo.maximomobile.Server:: beg in TestServer::readAgentryINIProperties::log level = 5 TestServer::readAgentryINIProperties::TestServer::readAgentryINIProperties begin TestServer::setComponentManagers::log level = 5 TestServer::setComponentManagers::TestServer::setComponentManagers begin TestServer::setComponentManagers::TestServer::setComponentManagers end TestServer::createTestUser TestUser::TestUser() 1 TestServer::login::log level = 5 TestServer::login::TestServer::login begin TestServer::login:: loginid = username TestUser::initMxSession::log level = 5 TestUser::initMxSession::TestUser::initMxSession begin Sep 30, 2014 8:37:16 AM com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnecti onInterceptor AUDIT: security.LoadSCI Sep 30, 2014 8:37:17 AM com.ibm.ISecurityUtilityImpl.ServiceInit AUDIT: security.GettingConfig Sep 30, 2014 8:37:17 AM com.ibm.ws.ssl.config.SSLConfigManager INFO: ssl.disable.url.hostname.verification.CWPKI0027I Sep 30, 2014 8:37:17 AM com.ibm.ISecurityUtilityImpl.ServiceInit AUDIT: security.AuthTarget Sep 30, 2014 8:37:17 AM com.ibm.ISecurityLocalObjectBaseL13Impl.CSIClientRI AUDIT: security.ClientCSI Sep 30, 2014 8:37:17 AM com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2Effect ivePerformPolicy WARNING: JSAS1477W: SECURITY CLIENT/SERVER CONFIG MISMATCH:  The client security configur ation (sas.client.props or outbound settings in GUI) does not support the server security configuration for the following reasons:     ERROR 1: JSAS0809E:  The current OID is RSA but this is not an Admin reques t.     ERROR 2: JSAS0608E: The server requires SSL Confidentiality but the client does not support it.     ERROR 3: JSAS0606E: The server requires SSL client certificate authenticati on but the client does not support it. Sep 30, 2014 8:37:17 AM com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2Effect ivePerformPolicy WARNING: JSAS1477W: SECURITY CLIENT/SERVER CONFIG MISMATCH:  The client security configur ation (sas.client.props or outbound settings in GUI) does not support the server security configuration for the following reasons:     ERROR 1: JSAS0809E:  The current OID is RSA but this is not an Admin reques t.     ERROR 2: JSAS0608E: The server requires SSL Confidentiality but the client does not support it.     ERROR 3: JSAS0606E: The server requires SSL client certificate authenticati on but the client does not support it. Sep 30, 2014 8:37:17 AM com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2Effect ivePerformPolicy WARNING: JSAS1477W: SECURITY CLIENT/SERVER CONFIG MISMATCH:  The client security configur ation (sas.client.props or outbound settings in GUI) does not support the server security configuration for the following reasons:     ERROR 1: JSAS0809E:  The current OID is RSA but this is not an Admin reques t.     ERROR 2: JSAS0608E: The server requires SSL Confidentiality but the client does not support it.     ERROR 3: JSAS0606E: The server requires SSL client certificate authenticati on but the client does not support it. Sep 30, 2014 8:37:17 AM com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2Effect ivePerformPolicy WARNING: JSAS1477W: SECURITY CLIENT/SERVER CONFIG MISMATCH:  The client security configur ation (sas.client.props or outbound settings in GUI) does not support the server security configuration for the following reasons:     ERROR 1: JSAS0809E:  The current OID is RSA but this is not an Admin reques t.     ERROR 2: JSAS0608E: The server requires SSL Confidentiality but the client does not support it.     ERROR 3: JSAS0606E: The server requires SSL client certificate authenticati on but the client does not support it. Sep 30, 2014 8:37:17 AM com.ibm.ws.naming.util.WsnInitCtxFactory WARNING: jndiUnavailCommErr javax.naming.NamingException: Error getting WsnNameService properties [Root exce ption is org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessible  vmcid: IBM  minor code: E07  completed: No]         at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnNSProperties(WsnInit CtxFactory.java:1439)         at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootContextFromServer(Wsn InitCtxFactory.java:946)         at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootJndiContext(WsnInitCt xFactory.java:865)         at com.ibm.ws.naming.util.WsnInitCtxFactory.getInitialContextInternal(Ws nInitCtxFactory.java:545)         at com.ibm.ws.naming.util.WsnInitCtx.getContext(WsnInitCtx.java:123)         at com.ibm.ws.naming.util.WsnInitCtx.getContextIfNull(WsnInitCtx.java:79 😎         at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:164)         at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:179)         at javax.naming.InitialContext.lookup(Unknown Source)         at com.ibm.tivoli.maximo.thinclient.MXThinClientSession.getRemoteAccessT oken(MXThinClientSession.java:129)         at com.ibm.tivoli.maximo.thinclient.MXAbstractClientSession.getMXServer( MXAbstractClientSession.java:64)         at psdi.util.RMISession.connect(RMISession.java:56)         at com.syclo.maximomobile.ldap.WebSphereThinClient.launch(WebSphereThinC lient.java:84)         at com.syclo.maximomobile.MXSessionFactory.getMXSession(MXSessionFactory .java:48)         at com.syclo.maximomobile.User.doAppServerAuthentication(User.java:336)         at com.syclo.maximomobile.User.initMxSession(User.java:275)         at com.syclo.maximomobile.Server.login(Server.java:144)         at com.syclo.maximomobile.ConnectTest.main(ConnectTest.java:35) Caused by: org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessible  vmci d: IBM  minor code: E07  completed: No         at com.ibm.rmi.corba.ClientDelegate.createRequest(ClientDelegate.java:12 50)         at com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1 321)         at com.ibm.rmi.corba.ClientDelegate.createRequest(ClientDelegate.java:11 46)         at com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1 287)         at com.ibm.rmi.corba.ClientDelegate.request(ClientDelegate.java:1853)         at com.ibm.CORBA.iiop.ClientDelegate.request(ClientDelegate.java:1243)         at org.omg.CORBA.portable.ObjectImpl._request(ObjectImpl.java:458)         at com.ibm.WsnBootstrap._WsnNameServiceStub.getProperties(_WsnNameServic eStub.java:38)         at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnNSProperties(WsnInit CtxFactory.java:1436)         ... 17 more TestUser::initMxSession::system#notboundexception TestServer::login:: for pfrost caught AgentryException logging in user username- system#notboundexception TestServer::logStackTrace::log level = 5 TestServer::logStackTrace::TestServer::logStackTrace begin TestServer::logStackTrace::psdi.util.MXSystemException: system#notboundexception         at com.ibm.tivoli.maximo.thinclient.MXThinClientSession.getRemoteAccessT oken(MXThinClientSession.java:198)         at com.ibm.tivoli.maximo.thinclient.MXAbstractClientSession.getMXServer( MXAbstractClientSession.java:64)         at psdi.util.RMISession.connect(RMISession.java:56)         at com.syclo.maximomobile.ldap.WebSphereThinClient.launch(WebSphereThinC lient.java:84)         at com.syclo.maximomobile.MXSessionFactory.getMXSession(MXSessionFactory .java:48)         at com.syclo.maximomobile.User.doAppServerAuthentication(User.java:336)         at com.syclo.maximomobile.User.initMxSession(User.java:275)         at com.syclo.maximomobile.Server.login(Server.java:144)         at com.syclo.maximomobile.ConnectTest.main(ConnectTest.java:35) Caused by: javax.naming.NamingException: Error getting WsnNameService properties [Root exception is org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessi ble  vmcid: IBM  minor code: E07  completed: No]         at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnNSProperties(WsnInit CtxFactory.java:1439)         at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootContextFromServer(Wsn InitCtxFactory.java:946)         at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootJndiContext(WsnInitCt xFactory.java:865)         at com.ibm.ws.naming.util.WsnInitCtxFactory.getInitialContextInternal(Ws nInitCtxFactory.java:545)         at com.ibm.ws.naming.util.WsnInitCtx.getContext(WsnInitCtx.java:123)         at com.ibm.ws.naming.util.WsnInitCtx.getContextIfNull(WsnInitCtx.java:79 😎         at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:164)         at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:179)         at javax.naming.InitialContext.lookup(Unknown Source)         at com.ibm.tivoli.maximo.thinclient.MXThinClientSession.getRemoteAccessT oken(MXThinClientSession.java:129)         ... 8 more Caused by: org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessible  vmci d: IBM  minor code: E07  completed: No         at com.ibm.rmi.corba.ClientDelegate.createRequest(ClientDelegate.java:12 50)         at com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1 321)         at com.ibm.rmi.corba.ClientDelegate.createRequest(ClientDelegate.java:11 46)         at com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1 287)         at com.ibm.rmi.corba.ClientDelegate.request(ClientDelegate.java:1853)         at com.ibm.CORBA.iiop.ClientDelegate.request(ClientDelegate.java:1243)         at org.omg.CORBA.portable.ObjectImpl._request(ObjectImpl.java:458)         at com.ibm.WsnBootstrap._WsnNameServiceStub.getProperties(_WsnNameServic eStub.java:38)         at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnNSProperties(WsnInit CtxFactory.java:1436)         ... 17 more *********************************************************************** Connection failed - com.syclo.agentry.PasswordInvalidException: system#notbounde xception *********************************************************************** com.syclo.agentry.PasswordInvalidException: system#notboundexception         at com.syclo.maximomobile.Server.login(Server.java:161)         at com.syclo.maximomobile.ConnectTest.main(ConnectTest.java:35) TestUser::disconnect::log level = 5 TestUser::disconnect::TestUser::disconnect begin TestUser::disconnect::did not call _mxSession.disconnect()! TestUser::disconnect::TestUser::disconnect end

Tags edited by: Michael Appleby

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎06-16-2015 3:12 PM
0 Kudos

Hi,

We are also struggling with WAS8.5 and Work manager with ldap auth. Any updates, solution? *kinda desperate here

G

Show replies
Show replies
nancy_burke
Advisor
Advisor
‎06-16-2015 4:30 PM
0 Kudos

Did you bring over the .jar files from the Webshere server (ear file) location?

bill_froelich
Product and Topic Expert
Product and Topic Expert
‎06-16-2015 4:55 PM
0 Kudos

Gergo,

Please create a Discussion marked as a Question.  Not only so others may benefit from your solution once it is found, but also because you will have more folks looking to provide a solution when your issue has the greater visibility of a Discussion.  Also suggest that you visit the Getting Started link at the top right of each SCN page for help with creating a good Discussion.

Thanks,

--Bill

Former Member
‎06-18-2015 8:31 AM
0 Kudos

@Nancy,

Yes, I've updated.

@Bill,

Opened a new discussion with more details!

Regards,


G

nancy_burke
Advisor
Advisor
‎09-30-2014 9:48 PM
0 Kudos

Hello Peter,

Have you also configured the Agentry.ini file to include the required changes to the classPath and to the non-standard Java options?  Please refer to the WM implementation guide under the security features and specifications (Websphere section):.  Can you post those entries?

Nancy Burke 

Show replies
Show replies
Former Member
‎09-30-2014 2:12 PM
0 Kudos

I don't believe Websphere 8.5 has been tested with Work Manager 7.5.2.  I do know Websphere 8.0 was.

I would recommend opening a ticket with support under MOB-SYC-IBM to have then check with development if there are any other changes that would be needed to support Websphere 8.5 with LDAP.

Stephen

Show replies
Show replies
Ask a Question