Java.lang.SecurityException: Authentication denied: Boot identity not valid
Hi,
When I try to start up the WebLogic server by running a startup script
in the WebLogic server root directory, I am getting the following
error:
<Apr 23, 2003 1:15:11 PM EDT> <Critical> <WebLogicServer> <000364>
<Server failed during initialization.
Exception:java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
<Apr 23, 2003 1:15:11 PM EDT> <Emergency> <WebLogicServer> <000342>
<Unable to initialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
I am also pasting below the source code of the startup script that I
am using to start WebLogic server:
#!/bin/sh
# This script is used to start WebLogic Server.
# To create your own start script for your domain, simply set the
SERVER_NAME
# variable to your server name then call this script from your domain
# directory.
# This script sets the following variables before starting WebLogic
Server:
# WL_HOME - The root directory of your WebLogic installation
# JAVA_HOME - Location of the version of Java used to start
WebLogic
# Server. This variable must point to the root
directory of a
# JDK installation and will be set for you by the
installer.
# See the WebLogic platform support page
# (http://e-docs.bea.com/wls/platforms/index.html)
for an up-to-date list of
# supported JVMs on your platform.
# PATH - Adds the JDK and WebLogic directories to the system
path.
# CLASSPATH - Adds the JDK and WebLogic jars to the classpath.
# JAVA_OPTIONS - Java command-line options for running the server.
# Other variables that startWLS takes are:
# ADMIN_URL - If this variable is set, the server started will be
a
# managed server, and will look to the url specified
(i.e.
# http://localhost:7001) as the admin server.
# WLS_USER - Admin username for server startup
# WLS_PW - Cleartext password for server startup
# STARTMODE - Set to true for production mode servers, false for
# development mode
# JAVA_OPTIONS - Java command-line options for running the server.
(These
# will be tagged on to the end of the JAVA_VM and
MEM_ARGS)
# JAVA_VM - The java arg specifying the VM to run. (i.e.
-server,
# -hotspot, etc.)
# MEM_ARGS - The variable to override the standard memory
arguments
# passed to java
# PRE_CLASSPATH - Path style variable to be added to the beginning of
the
# CLASSPATH
# POST_CLASSPATH - Path style variable to be added to the end of the
# CLASSPATH
# PRE_PATH - Path style variable to be added to the beginning of
the
# PATH
# POST_PATH - Path style variable to be added to the end of the
PATH
# Alternately, this script will take the first two positional
parameters and
# set them to SERVER_NAME and ADMIN_URL. For instance, you could call
this
# script: "sh startWLS.sh myserver http://localhost:7001" to start a
# managed server named myserver, or just "sh startWLS.sh myserver"
# to start a server named myserver.
# jDriver for Oracle users: This script assumes that native libraries
required
# for jDriver for Oracle have been installed in the proper location
and that
# your os specific library path variable (i.e.
LD_LIBRARY_PATH/solaris,
# SHLIB_PATH/hpux, etc...) has been set appropriately. Also note that
this
# script defaults to the oci817_8 version of the shared libraries. If
this is
# not the version you need, please adjust the library path variable
# accordingly.
# For additional information, refer to the WebLogic Server
Administration Guide
# (http://e-docs.bea.com/wls/docs70/adminguide/startstop.html).
WL_HOME="/usr/local/bea/weblogic700"
JAVA_HOME="/usr/local/bea/jdk131_06"
. ${WL_HOME}/common/bin/commEnv.sh
# Check that the WebLogic classes are where we expect them to be
if [ ! -f "${WL_HOME}/server/lib/weblogic.jar" ]; then
echo
echo "The WebLogic Server wasn't found in directory
${WL_HOME}/server."
echo "Please edit your script so that the WL_HOME variable points"
echo "to the WebLogic installation directory."
# Check that java is where we expect it to be
elif [ ! -d "${JAVA_HOME}/bin" ]; then
echo
echo "The JDK wasn't found in directory ${JAVA_HOME}."
echo "Please edit your script so that the JAVA_HOME variable"
echo "points to the location of your JDK."
else
# Grab some file descriptors.
if [ ! -n "`uname -s |grep -i cygwin || uname -s |grep -i windows_nt`"
]; then
maxfiles=`ulimit -H -n`
if [ !$? -a "${maxfiles}" != 1024 ]; then
if [ "${maxfiles}" = "unlimited" ]; then
maxfiles=1025
fi
if [ "${maxfiles}" -lt 1024 ]; then
ulimit -n ${maxfiles}
else
ulimit -n 1024
fi
fi
fi
# Set first two positional parameters to SERVER_NAME and ADMIN_URL
if [ -n "${1}" -a "${SERVER_NAME}" = "" ]; then
SERVER_NAME="${1}"
fi
if [ -n "${2}" -a "${ADMIN_URL}" = "" ]; then
ADMIN_URL="${2}"
fi
# Figure out how to use our shared libraries
case `uname -s` in
AIX)
if [ -n "${LIBPATH}" ]; then
LIBPATH="${LIBPATH}:${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
else
LIBPATH="${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
fi
PATH="${WL_HOME}/server/lib/aix:${PATH}"
export LIBPATH PATH
export AIXTHREAD_SCOPE=S
export AIXTHREAD_MUTEX_DEBUG=OFF
export AIXTHREAD_RWLOCK_DEBUG=OFF
export AIXTHREAD_COND_DEBUG=OFF
echo "LIBPATH=${LIBPATH}"
HP-UX)
if [ -n "${SHLIB_PATH}" ]; then
SHLIB_PATH="${SHLIB_PATH}:${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
else
SHLIB_PATH="${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
fi
PATH="${WL_HOME}/server/lib/hpux11:${PATH}"
export SHLIB_PATH PATH
echo "SHLIB_PATH=${SHLIB_PATH}"
IRIX)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/irix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/irix"
fi
PATH="${WL_HOME}/server/lib/irix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
LINUX|Linux)
arch=`uname -m`
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
fi
PATH="${WL_HOME}/server/lib/linux:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
OSF1)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/tru64unix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/tru64unix"
fi
PATH="${WL_HOME}/server/lib/tru64unix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
SunOS)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
fi
PATH="${WL_HOME}/server/lib/solaris:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-server
JAVA_VM=${COMM_SERVER_VM}
fi
Windows_NT*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
PATHSEP=\;
CLASSPATHSEP=\;
CYGWIN*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
CLASSPATHSEP=\;
echo "$0: Don't know how to set the shared library path for `uname
-s`. "
esac
if [ "${MEM_ARGS}" = "" ]
then
MEM_ARGS="-Xms32m -Xmx200m"
fi
if [ "${PATHSEP}" = "" ]; then
PATHSEP=:
fi
if [ "${CLASSPATHSEP}" = "" ]; then
CLASSPATHSEP=:
fi
CLASSPATH="${JAVA_HOME}/lib/tools.jar${CLASSPATHSEP}${WL_HOME}/server${CLASSPATHSEP}${WL_HOME}/server/lib/weblogic_sp.jar${CLASSPATHSEP}${WL_H
OME}/server/lib/weblogic.jar${CLASSPATHSEP}${CLASSPATH}"
# If we are on an old version of Cygnus we need to turn <letter>:/ in
the path
# to //<letter>/
if [ `uname -s` = "CYGWIN32/NT" ]; then
WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
fi
# If we are on an new version of Cygnus we need to turn <letter>:/ in
the path
# to /cygdrive/<letter>/
if [ -n "`uname -s |grep -i cygwin_`" ]; then
WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
fi
PATH=".${PATHSEP}${WL_HOME}/server/bin${PATHSEP}${JAVA_HOME}/jre/bin${PATHSEP}${JAVA_HOME}/bin${PATHSEP}${PATH}"
# Import extended environment
if [ -f extEnv.sh ]; then
. extEnv.sh
fi
if [ ! -z "${EXT_PRE_CLASSPATH}" ]; then
CLASSPATH="${EXT_PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${EXT_POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${EXT_POST_CLASSPATH}"
fi
if [ ! -z "${EXT_PRE_PATH}" ]; then
PATH="${EXT_PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${EXT_POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${EXT_POST_PATH}"
fi
# Get PRE and POST environment
if [ ! -z "${PRE_CLASSPATH}" ]; then
CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}"
fi
if [ ! -z "${PRE_PATH}" ]; then
PATH="${PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${POST_PATH}"
fi
echo CLASSPATH=${CLASSPATH}
echo
echo PATH=${PATH}
echo
echo "***************************************************"
echo "* To start WebLogic Server, use a username and *"
echo "* password assigned to an admin-level user. For *"
echo "* server administration, use the WebLogic Server *"
echo "* console at http://<hostname>:<port>/console *"
echo "***************************************************"
if [ "$ADMIN_URL" != "" ]
then
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.management.server=${ADMIN_URL} -Dweblogic
.ProductionModeEnabled=${STARTMODE}
-Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
else
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.ProductionModeEnabled=${STARTMODE} -Djava
.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
fi
set +x
fi
--------------END OF SCRIPT----------
So can you please look at the exception and the above-pasted source
code of the startup script file and let me know what needs to be done
to fix the error?
Thanks,
Kalpana
Senthil,
What may have happened is that the boot identity (e.g., the "weblogic" user) is no longer in the realm. Or, you added a second authenticator which has a Control Flag of Required but the weblogic user cannot be found there.
If it's the first scenario, add the weblogic user (and his inclusion in the Administrators group) to the data store for your authenticator.
If it's the second scenario, you need to change the Control Flag to something less drastic such as Sufficient. In this case, you can't make the change in WebLogic Console since you can't boot your server. Have a look in config.xml and see if your newly created authenticator is listed there. If it is, change the Control Flag and try to reboot the server.
Otherwise, copy config.xml.booted to config.xml and start your server. You'll have to re-do your security realm changes, though.
HTH,
Mike
Similar Messages
-
Weblogic 10.2 :Authentication denied: Boot identity not valid
Weblogic 10.2 ,Windows xp prof
I have only one admin server (portal domain) and my application is targetted to admin server only. When I am startting my server the server is stopped forcedly with following exception.
If any have same kind of problem and solved it. please share the solutioin or reason for this :
<May 9, 2008 9:48:19 AM CEST> <Info> <WebLogicServer> <BEA-000215> <Loaded License : Y:\bea\license.bea>
<May 9, 2008 9:48:19 AM CEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<May 9, 2008 9:48:19 AM CEST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<May 9, 2008 9:48:20 AM CEST> <Notice> <Log Management> <BEA-170019> <The server log file Y:\bea\user_projects\doma
ins\merlinAJAX_domain\servers\AdminServer\logs\AdminServer.log is opened. All server side log events will be writte
n to this file.>
<May 9, 2008 9:48:23 AM CEST> <Error> <Security> <BEA-000000> <[Security:090737]An exception occurred while getting
connection to validate the configuration settings
java.sql.SQLException: [Security:090735]The DBMS connection was not usable
at weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateImpl.getManageableConnection(DBMS
SQLAuthenticatorDelegateImpl.java:911)
at weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateImpl.validateConfiguration(DBMSSQ
LAuthenticatorDelegateImpl.java:150)
at weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateImpl.<init>(DBMSSQLAuthenticatorD
elegateImpl.java:76)
at weblogic.security.providers.authentication.DBMSAuthenticatorDelegateImpl.getInstance(DBMSAuthenticatorDe
legateImpl.java:452)
at weblogic.security.providers.authentication.DBMSSQLAuthenticationProviderImpl.initialize(DBMSSQLAuthentic
ationProviderImpl.java:42)
Truncated. see log file for complete stacktrace
>
<May 9, 2008 9:48:26 AM CEST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.
>
<May 9, 2008 9:48:26 AM CEST> <Error> <Security> <BEA-000000> <[Security:090735]The DBMS connection was not usable>
<May 9, 2008 9:48:26 AM CEST> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; T
he user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have
been changed since the boot identity file was created. Please edit and update the boot identity file with the prop
er values of username and password. The first time the updated boot identity file is used to start the server, thes
e new values are encrypted.>
<May 9, 2008 9:48:26 AM CEST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.s
ecurity.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or passw
ord from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the b
oot identity file was created. Please edit and update the boot identity file with the proper values of username and
password. The first time the updated boot identity file is used to start the server, these new values are encrypte
d.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name an
d/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed s
ince the boot identity file was created. Please edit and update the boot identity file with the proper values of us
ername and password. The first time the updated boot identity file is used to start the server, these new values ar
e encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
>
<May 9, 2008 9:48:26 AM CEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<May 9, 2008 9:48:26 AM CEST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shu
t itself down>
<May 9, 2008 9:48:26 AM CEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
Stopping PointBase server...
PointBase server stopped.
Autonomy server stopped.
-Sreeram
Edited by sreeram.jonnalagadda at 05/09/2008 1:54 AMIt seems in my case I have a locked pointbase java process.
So I entered task manager and killed all running java process and MY domain started sucessfully.
Sreeram -
Authentication denied: Boot identity not valid for Managed Server
Weblogic 8.1 SP4. Solaris 2.8.
Initially, I only had the admin server in my domain. My application was targetted to the admin. Eventually, I created a new managed server so that my application would be targetted here and my admin server would just be dedicated to its admin tasks. I tried starting my managed server for the first time using the standard startManagedWeblogic.sh -
I get this:
####<Aug 22, 2005 12:38:37 PM EDT> <Critical> <Security> <md3801> <winsManagedServer> <main> <<WLS Kernel>>
<> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity
file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was create
d. Please edit and update the boot identity file with the proper values of username and password. The first time the
updated boot identity file is used to start the server, these new values are encrypted.>
bash-2.03$
Starting the admin server is fine and it uses the same boot.properties file in my root directory (user weblogic). But when I start my managed server instance (which is in the same root directory), it complains about the boot.properties ! I assume it uses the same boot.properties file. Any insights ? Thanks.Hi,
You should know the right username and password, so you have to edit boot.properties by hand.
Remove user and password entry and re-insert them.
Regards,
Antenore.
Antenore Gatta
Middleware Specialist
Hequa S.r.l
C.so Buenos Aires 77
20124 Milano
http://www.Hequa.it
Tel +39(0)267493078
Fax +39(0)267493079
Mobile +39 3481537897
______________________________________ -
Authentication denied: Boot identity not valid
Hi,
After ADF Security Configuration, I am getting following error while running jspx pages:
<Jun 25, 2010 11:34:51 AM IST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Jun 25, 2010 11:34:51 AM IST> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
(Purposefully not putting entire run log to avoid cluttering. Can provide if needed.)
Please note that before ADF Security Configuration, I was able to run my jspx pages.
I have condifured ADF security as follows:
'ADF Authentication and Authorization' model
Form-based authentication with default login and error pages
No Automatic Grants
Redirect upon successful authentication - one of my jspx page (which was rendering fine before ADF Security Config)
Also is it possible to temporarily disable ADF security?
Where is the boot.properties located?
Thanks in advanceThis error usually occurs on Weblogic server when identity store is changed. Basically the default admin user name password which is used by weblogic when u start with startWeblogic.cmd does not work.
so this is definitely not an issue of ADF Security.
You can remove ADF security from your application from the same menu which you created ADF security. Third option removed all security configuration. Before that you may want to copy your jazn-data.xml and keep it for backup.
boot.properties is to be created in domain\servers\AdminServer\security if present just edit it and
password=
username=
When you run the server it will encrypt the contents.
But as i see it is not an issue with ADF security and unless you have changed something in weblogic console realm providers not an issue with weblogic also.
Easy solution is to clode Jdev and delete defaultdomain in : C:\Documents and Settings\user\Application Data\JDeveloper\system11.1.1.2.36.55.36 and satrt Jdeveloper. Your domain will be automatically created.
Venkat -
Weblogic Server not starting up: Boot identity not valid
Hi All,
I am trying to start the weblogic server and the following error appears:
####<May 28, 2010 12:05:53 PM IST> <Notice> <Security> <CALTP8BB14> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1275028553504> <BEA-090082> <Security initializing using security realm myrealm.>
####<May 28, 2010 12:05:53 PM IST> <Critical> <Security> <CALTP8BB14> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1275028553535> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
####<May 28, 2010 12:05:53 PM IST> <Critical> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275028553535> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:959)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:243)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy16.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:91)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy34.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:347)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
####<May 28, 2010 12:05:53 PM IST> <Notice> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275028553567> <BEA-000365> <Server state changed to FAILED>
####<May 28, 2010 12:05:53 PM IST> <Error> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275028553567> <BEA-000383> <A critical service failed. The server will shut itself down>
####<May 28, 2010 12:05:53 PM IST> <Notice> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275028553567> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
####<May 28, 2010 12:05:53 PM IST> <Info> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275028553582> <BEA-000236> <Stopping execute threads.>
Kindly help me regarding
Thanks in advanceJust to add some more details here which will help in diagnosing the problem. I deleted the boot.properties file and the command prompt asked me for the username and password. I provided the correct details but still the server could not start up. Here are the details from the log file:
####<May 28, 2010 12:45:47 PM IST> <Notice> <Security> <CALTP8BB14> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1275030947053> <BEA-090082> <Security initializing using security realm myrealm.>
####<May 28, 2010 12:45:47 PM IST> <Critical> <Security> <CALTP8BB14> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1275030947084> <BEA-090403> <Authentication for user weblogic denied>
####<May 28, 2010 12:45:47 PM IST> <Critical> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275030947084> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:243)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy16.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:91)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy34.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:347)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
####<May 28, 2010 12:45:47 PM IST> <Notice> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275030947116> <BEA-000365> <Server state changed to FAILED>
####<May 28, 2010 12:45:47 PM IST> <Error> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275030947116> <BEA-000383> <A critical service failed. The server will shut itself down>
####<May 28, 2010 12:45:47 PM IST> <Notice> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275030947116> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
####<May 28, 2010 12:45:47 PM IST> <Info> <WebLogicServer> <CALTP8BB14> <AdminServer> <main> <<WLS Kernel>> <> <> <1275030947131> <BEA-000236> <Stopping execute threads.> -
Boot identity not valid.
Hi, when im trying to start one of my managed servers im getrting the error boot identity not valid.
We tried to create the boot.properties with current admin passoerd and user name. Still server is not coming up.
Few weeks before we configured the node manager for the machine. We got this error when we are trying to start through startMangedweblogic.sh. as we are no longer using nodemanager for this domain.
Plz sort out the issue.. Please refore the error log generarting
<Apr 26, 2012 11:34:20 AM BST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Apr 26, 2012 11:34:20 AM BST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<Apr 26, 2012 11:34:21 AM BST> <Notice> <Log Management> <BEA-170019> <The server log file /var/flarea/soalogs/node1/server/bpmsq_bam_ms1/logs/bpmsq_bam_ms1.log is opened. All server side log events will be written to this file.>
<Apr 26, 2012 11:34:25 AM BST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Apr 26, 2012 11:34:25 AM BST> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
<Apr 26, 2012 11:34:25 AM BST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:959)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:244)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Truncated. see log file for complete stacktrace
>
<Apr 26, 2012 11:34:25 AM BST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Apr 26, 2012 11:34:25 AM BST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Apr 26, 2012 11:34:25 AM BST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>Hi,
1: remove the boot.properties file completely from the managed server directory.
2: remove the ManagedServerDir/data/ldap directory completely.
3: Always keep backup of files before removing it.
4: Now try to start the server from the command prompt and provide the username/password used to login to the Admin Console.
Regards,
Fabian -
I am looking for some help to deploy the application in weblogic6.0.
This is what i did during the application deployment.
Create a new directory under config as a new application.
D:\bea\wlserver6.0\config\test
under test created two other directories applications and logs.
Under the applications directory copied .ear and .war files.
Under the test i copied config.xml, all the *.pem starttest.cmd, fileRealam.properties
files. Modified the config.xml with my application, domain and the server. Modified
the settest.cmd with the new domain and server name.
when i do startup, it is prompting for the password and i entered what ever i mentioned
during the installation.
And getting the following error.
Thanks alot for any suggestions.
D:\bea\wlserver6.0\config\test>startTest.cmd
D:\bea\wlserver6.0>set PATH=.\bin;D:\bea\jdk130\bin;C:\RATIONAL\RATION~1\NUTCROO
T\bin;C:\RATIONAL\RATION~1\NUTCROOT\bin\x11;C:\RATIONAL\RATION~1\NUTCROOT\mksnt;
C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\Dell\Resoluti
on Assistant\Common\bin;C:\PROGRA~1\MICROS~4\Office;C:\PROGRA~1\ULTRAE~1;C:\Rati
onal\common;C:\Rational\Rational Test;C:\jdk1.3\bin;C:\Ant\bin;
D:\bea\wlserver6.0>set CLASSPATH=.;.\lib\weblogic_sp.jar;.\lib\weblogic.jar
D:\bea\wlserver6.0>D:\bea\jdk130\bin\java -hotspot -ms64m -mx64m -classpath .;.\
lib\weblogic_sp.jar;.\lib\weblogic.jar -Dweblogic.Domain=test -Dweblogic.Name=te
stServer -Dbea.home=D:\bea -Dcloudscape.system.home=./samples/eval/cloudscape/da
ta -Djava.security.policy==D:\bea\wlserver6.0/lib/weblogic.policy weblogic.Serve
r
Enter password to boot weblogic server:password
Starting WebLogic Server ....
<Feb 14, 2001 12:13:04 PM EST> <Notice> <Management> <Loading configuration file
.\config\test\config.xml ...>
<Feb 14, 2001 12:13:06 PM EST> <Info> <Logging> <Only log messages of severity "
Error" or worse will be displayed in this window. This can be changed at Admin C
onsole> test> Servers> testServer> Logging> Debugging> Stdout severity threshold
>
<Feb 14, 2001 12:13:08 PM EST> <Emergency> <Server> <Unable to initialize the se
rver: 'Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user system denied in
realm weblogic
java.lang.SecurityException: Authentication for user system denied in realm webl
ogic
at weblogic.security.acl.Realm.authenticate(Realm.java:209)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:229)
at weblogic.security.acl.internal.Security.authenticate(Security.java:11
3)
at weblogic.security.SecurityService.initializeSuid(SecurityService.java
:293)
at weblogic.security.SecurityService.initialize(SecurityService.java:123
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
'>
The WebLogic Server did not start up properly.
Exception raised: java.lang.SecurityException: Authentication for user system de
nied in realm weblogic
java.lang.SecurityException: Authentication for user system denied in realm webl
ogic
at weblogic.security.acl.Realm.authenticate(Realm.java:209)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:229)
at weblogic.security.acl.internal.Security.authenticate(Security.java:11
3)
at weblogic.security.SecurityService.initializeSuid(SecurityService.java
:293)
at weblogic.security.SecurityService.initialize(SecurityService.java:123
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
D:\bea\wlserver6.0>goto finish
D:\bea\wlserver6.0>cd config\test
D:\bea\wlserver6.0\config\test>ENDLOCAL
D:\bea\wlserver6.0\config\test>Seen this, may give a clue?
Server Known Problems Change Request Number Description
042556
The weblogic.Admin command now requires the user and password options. For example:
java weblogic.Admin -username system -password gumby1234
The username "system" is required for most functions (for example: VERSION). If
you do not specify -username system, you will get the following error:
Exception in thread "main" java.lang.SecurityException: Authentication for user
system denied in realm weblogic
<<no stack trace available>>
"lazar" <[email protected]> wrote:
>
I would also like to know, if there is a fix for it.
Thanks
Lazar
Greg Layton <[email protected]> wrote:
Did you ever get an answer to this. If so could you share it with me.ThanksGreg -
Hi,
I am using WL60SP2 on Windows NT 4.0.
I am trying to call a bean from my startup class. The code is as follows
home = lookupHome();
messageSubscriber = (MessageSubscriber) narrow(home.create(),
MessageSubscriber.class);
Right at this point the Weblogic server is throwing the following error.
java.lang.SecurityException: Authentication for user guest denied in
realm wl_realm
<<no stack trace available>>
I know this has something to do with the security. In WL50 I would have
gone to the weblogic.policy file to fix it. With WL60 I know I have to
change something on the console but am not sure.
Please help.
Thanks
RajGo into the console and make sure the GuestDisabled property = false
http://e-docs.bea.com/wls/docs61/////ConsoleHelp/security.html
Joe Jerry
Raj Kathlesar wrote:
Hi,
I am using WL60SP2 on Windows NT 4.0.
I am trying to call a bean from my startup class. The code is as follows
home = lookupHome();
messageSubscriber = (MessageSubscriber) narrow(home.create(),
MessageSubscriber.class);
Right at this point the Weblogic server is throwing the following error.
java.lang.SecurityException: Authentication for user guest denied in
realm wl_realm
<<no stack trace available>>
I know this has something to do with the security. In WL50 I would have
gone to the weblogic.policy file to fix it. With WL60 I know I have to
change something on the console but am not sure.
Please help.
Thanks
Raj -
Java.lang.SecurityException: Authentication for user null denied in realm
Hello,
We have the following exceptionj on WLS 6.1 SP3 on Win2K:
javax.naming.AuthenticationException. Root exception is
java.lang.SecurityException: Authentication for user null denied in realm
weblogic
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:135)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:518)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:362)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:334)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:211)
at
weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:660)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:241)
at javax.naming.InitialContext.init(InitialContext.java:217)
at javax.naming.InitialContext.<init>(InitialContext.java:173)
at
And it seems that this exception happens after the introduction of a JAAS module
for an external call.
What strikes me is that the WLS samples use System.setProperty... and I was wondering
if this could be the cause of our problem, because the rest of the application
does not use JAAS, and that may be it screws up the realm with WLS....
Any idea?
Cheers,
ThierryHello,
We have the following exceptionj on WLS 6.1 SP3 on Win2K:
javax.naming.AuthenticationException. Root exception is
java.lang.SecurityException: Authentication for user null denied in realm
weblogic
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:135)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:518)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:362)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:334)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:211)
at
weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:660)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:241)
at javax.naming.InitialContext.init(InitialContext.java:217)
at javax.naming.InitialContext.<init>(InitialContext.java:173)
at
And it seems that this exception happens after the introduction of a JAAS module
for an external call.
What strikes me is that the WLS samples use System.setProperty... and I was wondering
if this could be the cause of our problem, because the rest of the application
does not use JAAS, and that may be it screws up the realm with WLS....
Any idea?
Cheers,
Thierry -
Environment: WLS61 SP2
Two WLS61 servers on different machines. User test1 is authenticated against LDAP
on server_1, then tries
to execute a class (from JSP) that calls EJB on server_2. The environment properties
for the call to EJB on server_2 to are setup as follows (Note that user test2 is
used to call EJB on server_2. User test2 exists in the wl_realm on server2):
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.PROVIDER_URL, "t3://server2:7001");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "test2");
env.put(Context.SECURITY_CREDENTIALS, "somepass");
The call results in the following exception raised on server_2. Why is test1 id used
if test2 is explicitly specified for the call? User test1 does not exist on server_2.
<Jul 13, 2002 11:37:31 AM EDT> <Warning> <Dispatcher> <RuntimeException thrown by
rmi server: 'weblo
gic.rmi.cluster.ClusterableServerRef@111 - jvmid: '4783591120128354231S:xxx.xxx.xxx.xxx:[7001,7001,7002,7
002,7001,7002,-1]:mydomain:myserver', oid: '271', implementation: '[BaseEJBObject]
home: c
om.test.TestEJB_jvjalv_HomeImpl@7583b9''
java.lang.SecurityException: Authentication for user test1 denied in realm wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:237)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)If you are using JNDI authentication, make sure you close the context before
you get another context.
In WLS, stack of authenticated users will be maintained per thread. Now when
user is authenticated, it will be pushed into the stack. When you close the
context it will be popped out. In your case it seems like somehow test1 user's
idenitity is set on the thread which is calling the EJB on server2.
use weblogic.security.acl.Security.getCurrentUser() to get the current
user associated with the thread.
I hope this helps.
-utpal -
I am experiencing this error when a servlet or JSP is preloaded on the web
server and the init method of the preloaded item results in a call to the
app server. If I don't preload and then manually invoke the JSP or servlet
after the web server completely loads the call to the app server does not
produce the exception. The only security differences between the web and
app servers are the console and system passwords. I can fix the problem by
making the passwords (system and console) the same across the board, but
find it hard to believe that this is the true solution. I would prefer
sticking with the default security settings.
I've poured through hundreds of messages. I can find similar problems but
not this exact problem.
Any ideas would truly be appreciated!
More information:...
App and Web server are both wls 6.1.1.0 running on the same SUN Solaris box.
Both are using the basic, out of the box, security.
The App server has SSL disabled.
The exception reported in the app server's log is:
java.lang.SecurityException: Authentication for user system denied in realm
wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at
weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:235)
at
weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:2
2)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
The exception reported in the web server's log is:
java.lang.SecurityException: Authentication for user system denied in realm
wl_realm
at
weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.
java:85)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:255)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:222)
at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35)
at $Proxy54.lookup(Unknown Source)
at
weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
at javax.naming.InitialContext.lookup(InitialContext.java:350)
at
com.qwest.tmmt.manager.client.MDMAdapter.getEJBHome(MDMAdapter.java:197)
at
com.qwest.tmmt.manager.client.MDMAdapter.<init>(MDMAdapter.java:64)
at
com.qwest.tmmt.manager.client.ManagerFactory.createMetaDataManager(ManagerFa
ctory.java:305)
at
com.qwest.insite.util.ClientMetaDataCache.<init>(ClientMetaDataCache.java:53
at
com.qwest.insite.util.ClientMetaDataCache.getInstance(ClientMetaDataCache.ja
va:106)
at
com.qwest.insite.metadata.startup.MetaDataServlet.init(MetaDataServlet.java:
30)
at
weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java
:700)
at
weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.ja
va:643)
at
weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.jav
a:588)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletC
ontext.java:2203)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServlet
Context.java:2147)
at
weblogic.servlet.internal.WebAppServletContext.init(WebAppServletContext.jav
a:884)
at
weblogic.servlet.internal.WebAppServletContext.<init>(WebAppServletContext.j
ava:807)
at
weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:421)
at weblogic.j2ee.WebAppComponent.deploy(WebAppComponent.java:74)
at weblogic.j2ee.Application.addComponent(Application.java:160)
at weblogic.j2ee.J2EEService.addDeployment(J2EEService.java:117)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:329)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:144)
at
weblogic.management.mbeans.custom.WebServer.addWebDeployment(WebServer.java:
76)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy33.addWebDeployment(Unknown Source)
at
weblogic.management.configuration.WebServerMBean_CachingStub.addWebDeploymen
t(WebServerMBean_CachingStub.java:1094)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:315)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployments(Deployment
Target.java:279)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateServerDeployments(D
eploymentTarget.java:233)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateDeployments(Deploym
entTarget.java:193)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy32.updateDeployments(Unknown Source)
at
weblogic.management.configuration.ServerMBean_CachingStub.updateDeployments(
ServerMBean_CachingStub.java:2734)
at
weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(Appl
icationManager.java:362)
at
weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManage
r.java:154)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy45.start(Unknown Source)
at
weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(
ApplicationManagerMBean_CachingStub.java:480)
at
weblogic.management.Admin.startApplicationManager(Admin.java:1151)
at weblogic.management.Admin.finish(Admin.java:570)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:506)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:203)
at weblogic.Server.main(Server.java:35)
Thanks,
Jed ZimmerYou're correct. I meant the DOMAIN_SYSTEM_PASSWORD password in my
<domain-name>domain.ksh file. The DOMAIN_SYSTEM_PASSWORD value (if
specified) has to match the system user's password or else the server will
not start/stop.
I have determined more since my post. A startup class also produces the
same error. I have minimized my environments as follows and still receive
the exception, and a soon as I synchronize the system users' passwords on
the app/web server the problem goes away. Or, I can keep the passwords
different and just not access the app server EJBs until after the web server
finished loading, which also causes the error to go away. I'm just confused
about what I might be doing wrong.
Steps to produce the error:
App server:
- Installed from 6.1.1.0 from scratch and started it up.
- Changed the system user's password from the admin console, persisting the
changes.
- Modified logging settings to see more info in the log files.
- Disabled instrument stack traces.
- Stopped/Started the app server
Web server:
- Installed from 6.1.1.0 from scratch and started it up.
- Modified logging settings to see more info in the log files.
- Disabled instrument stack traces.
- Added a servlet to the DefaultWebApp_insiteserver application
- specified name and class
- the load on startup setting defaulted to zero, which will cause the
preloading
- Added 3 jar files to the classpath to support the EJB call
- Stopped/Started the web server
When the web server loads the servlet loads and tries to locate the EJB on
the app server. The app server throws the security exception. The app/web
servers are both running on the same SUN box, have the same IP address
(different ports) and I'm using non-SSL. Each server is it's own WLS
environment. The only installed file that is shared it the
weblogic_domain_registry.dat file in the root directory. As for security,
I'm doing nothing except changing one password (system user on the app
server).
I then tried to manually upgrade the app/web servers to 6.1.2.0 by updating
the WEBLOGIC_ROOT in the respective xxxxdomain.ksh files. Same problem.
I then cleanly reinstalled the app/web servers using version 6.1.2.0 and
configured as above. Same problem.
Let me know if I need to provide additional details.
Thanks,
Jed Zimmer
"Joseph Nguyen" <[email protected]> wrote in message
news:[email protected]...
>
"Jed Zimmer" <[email protected]> wrote in message
news:[email protected]...
I am experiencing this error when a servlet or JSP is preloaded on the
web
server and the init method of the preloaded item results in a call tothe
app server. If I don't preload and then manually invoke the JSP orservlet
after the web server completely loads the call to the app server does
not
produce the exception. The only security differences between the weband
app servers are the console and system passwords. I can fix the problemby
making the passwords (system and console) the same across the board, but
find it hard to believe that this is the true solutionI don't quite understand what you mean by "console" password? Are you
talking about the admin console? If so then it's confusing because youhave
to log into the console using the system user. If you can clarify morehere
it would great.
Joseph Nguyen
BEA Support
. I would prefer
sticking with the default security settings.
I've poured through hundreds of messages. I can find similar problems
but
not this exact problem.
Any ideas would truly be appreciated!
More information:...
App and Web server are both wls 6.1.1.0 running on the same SUN Solarisbox.
Both are using the basic, out of the box, security.
The App server has SSL disabled.
The exception reported in the app server's log is:
java.lang.SecurityException: Authentication for user system denied inrealm
wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
atweblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:125)
atweblogic.security.acl.internal.Security.verify(Security.java:87)
at
weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:235)
at
weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:2
2)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
The exception reported in the web server's log is:
java.lang.SecurityException: Authentication for user system denied inrealm
wl_realm
at
weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.
java:85)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:255)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:222)
at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35)
at $Proxy54.lookup(Unknown Source)
at
weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
at javax.naming.InitialContext.lookup(InitialContext.java:350)
at
com.qwest.tmmt.manager.client.MDMAdapter.getEJBHome(MDMAdapter.java:197)
at
com.qwest.tmmt.manager.client.MDMAdapter.<init>(MDMAdapter.java:64)
at
com.qwest.tmmt.manager.client.ManagerFactory.createMetaDataManager(ManagerFa
ctory.java:305)
at
com.qwest.insite.util.ClientMetaDataCache.<init>(ClientMetaDataCache.java:53
at
com.qwest.insite.util.ClientMetaDataCache.getInstance(ClientMetaDataCache.ja
va:106)
at
com.qwest.insite.metadata.startup.MetaDataServlet.init(MetaDataServlet.java:
30)
at
weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java
:700)
at
weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.ja
va:643)
at
weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.jav
a:588)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletC
ontext.java:2203)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServlet
Context.java:2147)
at
weblogic.servlet.internal.WebAppServletContext.init(WebAppServletContext.jav
a:884)
at
weblogic.servlet.internal.WebAppServletContext.<init>(WebAppServletContext.j
ava:807)
at
weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:421)
at weblogic.j2ee.WebAppComponent.deploy(WebAppComponent.java:74)
at weblogic.j2ee.Application.addComponent(Application.java:160)
at weblogic.j2ee.J2EEService.addDeployment(J2EEService.java:117)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:329)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:144)
at
weblogic.management.mbeans.custom.WebServer.addWebDeployment(WebServer.java:
76)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy33.addWebDeployment(Unknown Source)
at
weblogic.management.configuration.WebServerMBean_CachingStub.addWebDeploymen
t(WebServerMBean_CachingStub.java:1094)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:315)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployments(Deployment
Target.java:279)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateServerDeployments(D
eploymentTarget.java:233)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateDeployments(Deploym
entTarget.java:193)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy32.updateDeployments(Unknown Source)
at
weblogic.management.configuration.ServerMBean_CachingStub.updateDeployments(
ServerMBean_CachingStub.java:2734)
at
weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(Appl
icationManager.java:362)
at
weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManage
r.java:154)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy45.start(Unknown Source)
at
weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(
ApplicationManagerMBean_CachingStub.java:480)
at
weblogic.management.Admin.startApplicationManager(Admin.java:1151)
at weblogic.management.Admin.finish(Admin.java:570)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:506)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:203)
at weblogic.Server.main(Server.java:35)
Thanks,
Jed Zimmer -
Getting this security exception when trying to pull a message from one weblogic
instance JMS queue, and sending the message (via a MDB) to another machine's JMS
queue.
Ex. Here's the scenario.
Two Windows2000Server machines,
one at ip ... xxx.xxx.x.16,
second machine at ... xxx.xxx.x.17.
MDB pulls message off of a JMS queue on 16. MDB sends the message to .17 box.
ON the .17 machine (the receiver) I get the following exception
weblogic.transaction.internal.CoordinatorImpl@31406b>
java.lang.SecurityException: Authentication for user system denied in realm wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:76)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
ON the sending maching .16, I get the following exception.
####<Apr 3, 2002 9:46:24 AM CST> <Error> <RJVM> <testweblogic> <OptiSoftAppServer>
<ExecuteThread: '96' for queue: 'default'> <> <> <000000> <Unsolicited error response
for: '-1'>
The messages appear to show up on the destination machine, but are these error
messages valid, or just bogus?
Thanks,
Eric.
Why is that? Your suggestion worked but I don't understand why.
When our MDB on machineA did the JNDI lookup to MachineB we set the
credentials to a valid user/password on MachineB.
My speculation: Since the MDB on machineA is already in a transaction
any other JNDI calls use the credentials for the MDB's transactions,
ignoring any other credentials we might try to set explicitly. If my
speculation is correct then that would explain by the passwords for the
user "system" would have to be the same between servers.
Is there a good place to read up on this?
Thanks
Tom
Rajesh Mirchandani wrote:
> Make sure you have the same system password for the 2 instances of WLS on seperate boxes.
>
> Tom Barnes wrote:
>
>
>>Or post to the EJB newsgroup (which "owns" MDBs).
>>
>>Tom Barnes wrote:
>>
>>
>>>I think there is a username/password field configurable in the MDB descriptor that
>>>might help here??? Other than that, I suggest posting to the security newsgroup.
>>>
>>>Tom
>>>
>>>Eric Babin wrote:
>>>
>>>
>>>>Getting this security exception when trying to pull a message from one weblogic
>>>>instance JMS queue, and sending the message (via a MDB) to another machine's JMS
>>>>queue.
>>>>
>>>>Ex. Here's the scenario.
>>>>
>>>> Two Windows2000Server machines,
>>>> one at ip ... xxx.xxx.x.16,
>>>> second machine at ... xxx.xxx.x.17.
>>>>
>>>> MDB pulls message off of a JMS queue on 16. MDB sends the message to .17 box.
>>>>
>>>>
>>>>ON the .17 machine (the receiver) I get the following exception
>>>>
>>>>weblogic.transaction.internal.CoordinatorImpl@31406b>
>>>>java.lang.SecurityException: Authentication for user system denied in realm wl_realm
>>>> at weblogic.security.acl.Realm.authenticate(Realm.java:212)
>>>> at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
>>>> at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
>>>> at weblogic.security.acl.internal.Security.verify(Security.java:87)
>>>> at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:76)
>>>> at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
>>>> at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
>>>> at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
>>>>
>>>>ON the sending maching .16, I get the following exception.
>>>>
>>>>####<Apr 3, 2002 9:46:24 AM CST> <Error> <RJVM> <testweblogic> <OptiSoftAppServer>
>>>><ExecuteThread: '96' for queue: 'default'> <> <> <000000> <Unsolicited error response
>>>>for: '-1'>
>>>>
>>>>The messages appear to show up on the destination machine, but are these error
>>>>messages valid, or just bogus?
>>>>
>>>>Thanks,
>>>>
>>>>Eric.
>>>>
>
> --
> Rajesh Mirchandani
> Developer Relations Engineer
> BEA Support
>
>
>
-
We have started getting the above error message in a system that has worked happily
for the past 6 months or so (and continues to work happily from our disaster recovery
environment). I should probably add that this occurs when we are attempting to
write to the database via the connection pool.
Anyone have any ideas?
Thanks
Andrew
The full stack trace is
javax.naming.AuthenticationException. Root exception is java.lang.SecurityException:
Authentication for user system denied in realm weblogic
<<no stack trace available>>
31-Jan-02 00:04:41 GMT Warning Adapter RuntimeException
thrown by rmi server(class com.esure.ibis.a
ccesslayer.sb.useraccess.UserAccessBeanEOImpl)
[265127279722
6064825S:hfxesure17:[7005,7005,7002,7002,7005,7002,-1]:esure
prdwls/296]: [BaseEJBObject]
home: com.esure.ibis.accesslaye
r.sb.useraccess.UserAccessBeanHomeImpl@4b741e
com.esure.ibis.util.IbisException: NamingException occurred in UserAccess Session
Bean::validateUser()
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBean.validateUser(UserAccessBean.java:192)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanImpl.validateUser(UserAccessBeanImpl.java:110)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl.validateUser(UserAccessBeanEOImpl.java:31)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl_WLSkel.invoke(UserAccessBeanEOImpl_WLSkel.java:202)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:373)
at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:128)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:237)
at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:118)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)We have started getting the above error message in a system that has worked happily
for the past 6 months or so (and continues to work happily from our disaster recovery
environment). I should probably add that this occurs when we are attempting to
write to the database via the connection pool.
Anyone have any ideas?
Thanks
Andrew
The full stack trace is
javax.naming.AuthenticationException. Root exception is java.lang.SecurityException:
Authentication for user system denied in realm weblogic
<<no stack trace available>>
31-Jan-02 00:04:41 GMT Warning Adapter RuntimeException
thrown by rmi server(class com.esure.ibis.a
ccesslayer.sb.useraccess.UserAccessBeanEOImpl)
[265127279722
6064825S:hfxesure17:[7005,7005,7002,7002,7005,7002,-1]:esure
prdwls/296]: [BaseEJBObject]
home: com.esure.ibis.accesslaye
r.sb.useraccess.UserAccessBeanHomeImpl@4b741e
com.esure.ibis.util.IbisException: NamingException occurred in UserAccess Session
Bean::validateUser()
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBean.validateUser(UserAccessBean.java:192)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanImpl.validateUser(UserAccessBeanImpl.java:110)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl.validateUser(UserAccessBeanEOImpl.java:31)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl_WLSkel.invoke(UserAccessBeanEOImpl_WLSkel.java:202)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:373)
at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:128)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:237)
at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:118)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120) -
Java.lang.SecurityException: Jurisdiction policy files are not signed by t
Hi
*I am installing ECC6 onAIX 6.1 with oarcle 10g.*
*I am getting error in create secure store*
*Policy and security files are ok,*
aused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more
ERROR 2009-07-07 14:10:47.063
CJSlibModule::writeError_impl()
CJS-30050 Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more.
ERROR 2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
FCO-00011 The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more.).
what could be the problem ?
Please give me the soluation
regards
VijayDear Juan
You are correct.
I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
it gave error
n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
regards
vijjay -
Sometimes: java.lang.SecurityException: Permission denied
Hello,
we are using a lot of signed applets in our Web application (used web server: JBoss 5.1).
For example we use an applet in javascript code and call some of applet's methods. The called java methods are privileged code.
Since Update to JRE 1.6.0_24 we are getting sometimes:
Permission denied: null
java.lang.SecurityException: Permission denied: null
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Ausnahme: java.lang.SecurityException: Permission denied: null
java.net.MalformedURLException: no protocol: ./Test.jar
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at sun.plugin.util.GrayBoxPainter.setProgressFilter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.setupGrayBoxPainter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.showAppletException(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Test.jar is signed. Most of the time Test.jar can be found. The problem seems to appear in case of new JVM (and new java console).
We arent't operating on the local file system.
Are there any ideas, known problems?
Thanks in advance.We've encountered the same problem
exception: Permission denied: null.
java.lang.SecurityException: Permission denied: null
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.SecurityException: Permission denied: null
But seems to me, that the issue is related to combination of Java6 update 24 and Firefox 3.6.14. We tested on two stations, first FF3.6.14, java6u24, second FF3.6.14, java6u23. On the first station we got exception, but on the second java works fine. After reinstaling java on the first stations to verstion 6u23, everything works fine.
Maybe you are looking for
-
Defaulting fonts when viewing DPS articles in Adobe Content Viewer
Hi. My fonts are defaulting throughout my folio when I view articles in Adobe content viewer. This folio is a PDF. I have published before and not had this issue. Is the problem with Content Viewer? Will the type display correctly when I publish this
-
IPad 2/3 - ICC Profile Recommendations
Since the iPad 2 and iPad 3 have different color gamuts (i.e. iPad 3 can display a wider range of hues and shades) is there a particular profile that's recommended when we're converting images for use in our books? I used to default to sRGB for the f
-
My photoshop elements wont install on my new computer.
I got Photoshop Elements for Christmas last year and downloaded it on my home computer and laptop. I got my laptop cleaned out a couple months later and noticed the download was gone and I no longer had it on that computer. I didn't think it was a bi
-
Shockwave Flash plug-in crashing
Lately, I've been getting the following message: "The following plug-in has crashed: Shockwave Flash" in a yellow bar near the top of my browsers. I get the same error in chrome, IE8, Firefox, etc. When I go into control panel --> Flash Player -->
-
Timecode video sync with spanned clip problem for multicam edit
I wasn't being able to sync 3 camera angles from a recent shoot with 3 EX3's all synced using the clock on one camera as master and free run on the other two cameras as slaves. External link came up on the displays and the videos show in premiere to