Authentication Denied

Hi,
we have used WLS clustering for Installing Agile application.We Installed agile admin server on one of the node.
when we launch the admin console(http://hosname:Port/console),we were able to login to weblogic11g admin console,but after some time(around 45mins) we could not able to login to the same..saying that "Authentication Denied".
Could you please advise why this is happening and How to resolve this issue.
Thanks in Advance.
Thanks,
Lakshmana

Hi Lakshmana,
This could be several things. You need to look in the log files to figure it out.
It could be something like this:
>
<Jul 11, 2011 3:46:26 PM CEST> <Notice> <Security> <BEA-090078> <User weblogic in security realm myrealm has had 5 invalid login attempts, locking account for 30 minutes.>
>
Regards Peter

Similar Messages

OBIEE 11g - Weblogic Authentication Denied

Hello All,
I did install OBIEE 11g 11.1.1.3.3 in my personal PC which has windows XP SP3 and I did choose "Enterprise Installation" as an option.
Before installing this I did install the Loop Back Adapter and also set the IP address in the Host file ( 10.10.10.10 Mycomputername mycompany.com).
Installation went through very much fine no errors at all. Analytics page was opened after the installation and When I gave the weblogic Credentials it was Unable to sign in.
When I tried to login to Weblogic Console it says "Authentication Denied".
Checked the services Weblogic Node manager started but Oracle Process Manager(instance1) did not start (1053 the service couldn't start in a timely fashion).
Then I tried to StartBIServices from Start-> Allprograms->Oracle Business Intelligence gave Weblogic Credentials .... 2 cmd prompts were opened and all services are started and also the anlaytics page was opened and gave the credentials again same error "Unable to sign in" and agin tried to login to weblogic the same error "Authentication Denied". This is really strange....
I thought this is something to do with rebooting the system after installation. So I restarted the system and started the services Weblogic Node Manager and Oracle Process Manager (instance1).
This time both of them were started.
Again tried to start the BI services Start-> Allprograms->Oracle Business Intelligence , gave the credentials ... this time only one cmd prompt was opened and it says weblogic authentication denied and its forcefully shut down and Other cmd prompt stopped at WLS.alive...
Here is the Detail Log from Adminserver.log:
<Apr 18, 2011 12:34:57 AM PDT> <Critical> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097109> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
     at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
     at weblogic.security.SecurityService.start(SecurityService.java:141)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied
     at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:250)
     at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
     at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
     at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
     at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
     at $Proxy22.login(Unknown Source)
     at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:91)
     at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
     at $Proxy40.authenticate(Unknown Source)
     at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
     at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:348)
     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
     at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
     at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
     at weblogic.security.SecurityService.start(SecurityService.java:141)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
####<Apr 18, 2011 12:34:57 AM PDT> <Notice> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097156> <BEA-000365> <Server state changed to FAILED>
####<Apr 18, 2011 12:34:57 AM PDT> <Error> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097156> <BEA-000383> <A critical service failed. The server will shut itself down>
####<Apr 18, 2011 12:34:57 AM PDT> <Notice> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097156> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
####<Apr 18, 2011 12:34:57 AM PDT> <Info> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097172> <BEA-000236> <Stopping execute threads.>
Checked the Opmnctl Status through cmd prmpt:
coreapplication-obiccs1 - Alive
coreapplication-obisch1 - Alive
coreapplication-obijh1 - Alive
coreapplication-obips1 - Alive
coreapplication-obis1 - Alive
I dont know if the weblogic user or password got corrupted ............???
So I tried to reset the password by adding the Boot.properties file in the following path:
C:\OBIEE11gfmw\user_projects\domains\bifoundation_domain\servers\AdminServer\security
giving username=weblogic
password =password123 in the file but no use still the same error.
Did anybody got the same error ?
Please help me.....
Thanks in Advance...
Regards
Kanna
Edited by: Kanna on Apr 18, 2011 1:14 AM
Edited by: Kanna on Apr 18, 2011 10:45 AM

Yes, but my username and password was simple and straight its weblogic/password123...
Do you guys know how to reset the weblogic Admin password ?
I want to try to debug this error first...... If I couldn't get any help anyhow I am going to Deinstall...
but this shouldn't be the case evrytime.... because we are facing the same problem in our company ...Where we installed 11g in one of our DEV environments...
There should be a some solution for this problem...
Is there anything that I am doing wrong?
Do I need to provide more information from Logs to understand the problem?
Thanks
Kanna

Authentication denied: Boot identity not valid for Managed Server

Weblogic 8.1 SP4. Solaris 2.8.
Initially, I only had the admin server in my domain. My application was targetted to the admin. Eventually, I created a new managed server so that my application would be targetted here and my admin server would just be dedicated to its admin tasks. I tried starting my managed server for the first time using the standard startManagedWeblogic.sh -
I get this:
####<Aug 22, 2005 12:38:37 PM EDT> <Critical> <Security> <md3801> <winsManagedServer> <main> <<WLS Kernel>>
<> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity
file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was create
d. Please edit and update the boot identity file with the proper values of username and password. The first time the
updated boot identity file is used to start the server, these new values are encrypted.>
bash-2.03$
Starting the admin server is fine and it uses the same boot.properties file in my root directory (user weblogic). But when I start my managed server instance (which is in the same root directory), it complains about the boot.properties ! I assume it uses the same boot.properties file. Any insights ? Thanks.

Hi,
You should know the right username and password, so you have to edit boot.properties by hand.
Remove user and password entry and re-insert them.
Regards,
Antenore.
Antenore Gatta
Middleware Specialist
Hequa S.r.l
C.so Buenos Aires 77
20124 Milano
http://www.Hequa.it
Tel +39(0)267493078
Fax +39(0)267493079
Mobile +39 3481537897
______________________________________

Weblogic(BEA 09042): Authentication denied. Boot properties not valid error

Dear All,
I am getting the following Weblogic error while trying to start the application.
Web logic server is working fine independently and was able to create domains. But when the application was trying to invoke web logic, security encrytion issues are encountered in boot.properties file.
Please provide some ideas or suggestions on how to handle such kind of errors with the log details provided below., Thanks
starting weblogic with Java version:
java version "1.5.0_21"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_21-b01)
Java HotSpot(TM) 64-Bit Server VM (build 1.5.0_21-b01, mixed mode)
"Starting Weblogic with the following arguments"
C:\Java\JDK15~1.0_2\bin\java -server -Xms1024m -Xmx1024m -XX:PermSize=300m -d
a -Dplatform.home=C:\bea\WLSERV~1.0 -Dwls.home=C:\bea\WLSERV~1.0\myserver -Dwli.
home=C:\bea\WLSERV~1.0\integration -Dweblogic.management.discover=true -Dwlw.i
terativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=C:
\bea\patch_wss110\profiles\default\sysext_manifest_classpath;C:\bea\patch_wlw102
1\profiles\default\sysext_manifest_classpath;C:\bea\patch_wls1002\profiles\defau
lt\sysext_manifest_classpath;C:\bea\patch_cie640\profiles\default\sysext_manifes
t_classpath -Dweblogic.management.username=weblogic -Dweblogic.Name=myserver -Dj
ava.security.policy=C:\bea\WLSERV~1.0\server\lib\weblogic.policy weblogic.Serve
r
<Feb 8, 2011 3:13:09 AM PST> <Notice> <WebLogicServer> <BEA-000395> <Following e
xtensions directory contents added to the end of the classpath:
C:\bea\wlserver_10.0\platform\lib\p13n\p13n-schemas.jar;C:\bea\wlserver_10.0\pla
tform\lib\p13n\p13n_common.jar;C:\bea\wlserver_10.0\platform\lib\p13n\p13n_syste
m.jar;C:\bea\wlserver_10.0\platform\lib\p13n\wlp_services.jar;C:\bea\wlserver_10
.0\platform\lib\wlp\netuix_common.jar;C:\bea\wlserver_10.0\platform\lib\wlp\netu
ix_schemas.jar;C:\bea\wlserver_10.0\platform\lib\wlp\netuix_system.jar;C:\bea\wl
server_10.0\platform\lib\wlp\wsrp-client.jar;C:\bea\wlserver_10.0\platform\lib\w
lp\wsrp-common.jar>
<Feb 8, 2011 3:13:10 AM PST> <Info> <WebLogicServer> <BEA-000377> <Starting WebL
ogic Server with Java HotSpot(TM) 64-Bit Server VM Version 1.5.0_21-b01 from Sun
Microsystems Inc.>
<Feb 8, 2011 3:13:11 AM PST> <Info> <Management> <BEA-141107> <Version: WebLogic
Server 10.0 MP2 Sat Apr 25 01:45:38 EDT 2009 1213942 >
<Feb 8, 2011 3:13:13 AM PST> <Info> <WebLogicServer> <BEA-000215> <Loaded Licens
e : C:\bea\license.bea>
<Feb 8, 2011 3:13:13 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server stat
e changed to STARTING>
<Feb 8, 2011 3:13:13 AM PST> <Info> <WorkManager> <BEA-002900> <Initializing sel
f-tuning thread pool>
<Feb 8, 2011 3:13:14 AM PST> <Notice> <Log Management> <BEA-170019> <The server
log file C:\SPL\CCBWLS\logs\system\myserver.log is opened. All server side log e
vents will be written to this file.>
<Feb 8, 2011 3:13:18 AM PST> <Notice> <Security> <BEA-090082> <Security initiali
zing using security realm myrealm.>
<Feb 8, 2011 3:13:18 AM PST> <Critical> <Security> <BEA-090402> <Authentication
denied: Boot identity not valid; The user name and/or password from the boot ide
ntity file (boot.properties) is not valid. The boot identity may have been chang
ed since the boot identity file was created. Please edit and update the boot ide
ntity file with the proper values of username and password. The first time the u
pdated boot identity file is used to start the server, these new values are encr
ypted.>
<Feb 8, 2011 3:13:18 AM PST> <Critical> <WebLogicServer> <BEA-000386> <Server su
bsystem failed. Reason: weblogic.security.SecurityInitializationException: Authe
ntication denied: Boot identity not valid; The user name and/or password from th
e boot identity file (boot.properties) is not valid. The boot identity may have
been changed since the boot identity file was created. Please edit and update th
e boot identity file with the proper values of username and password. The first
time the updated boot identity file is used to start the server, these new value
s are encrypted.
<Feb 8, 2011 3:13:18 AM PST> <Critical> <WebLogicServer> <BEA-000386> <Server su
bsystem failed. Reason: weblogic.security.SecurityInitializationException: Authe
ntication denied: Boot identity not valid; The user name and/or password from th
e boot identity file (boot.properties) is not valid. The boot identity may have
been changed since the boot identity file was created. Please edit and update th
e boot identity file with the proper values of username and password. The first
time the updated boot identity file is used to start the server, these new value
s are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot i
dentity not valid; The user name and/or password from the boot identity file (bo
ot.properties) is not valid. The boot identity may have been changed since the b
oot identity file was created. Please edit and update the boot identity file wit
h the proper values of username and password. The first time the updated boot id
entity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.do
BootAuthorization(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.in
itialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown S
ource)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
>
<Feb 8, 2011 3:13:18 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server stat
e changed to FAILED>
<Feb 8, 2011 3:13:18 AM PST> <Error> <WebLogicServer> <BEA-000383> <A critical s
ervice failed. The server will shut itself down>
<Feb 8, 2011 3:13:18 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server stat
e changed to FORCE_SHUTTING_DOWN>
Stopping PointBase server...
PointBase server stopped.
You can close this window
Regards,
Sam.

Hi Baji, P-H,
Sorry for the delay. The ideas were useful and helped me a lot but i currently face the follwoing initialization of VM and object heap error.
Please adive and provide suggestion on the following issue. The logs are pasted below, Thanks,
JAVA Memory arguments: -Xms1024m -Xmx1024m -XX:PermSize=300m
WLS Start Mode=Development
CLASSPATH=C:\bea\WLSERV~1.0\samples\server\examples\build\serverclasses;C:\bea\p
atch_wss110\profiles\default\sys_manifest_classpath\weblogic_patch.jar;C:\bea\pa
tch_wlw1021\profiles\default\sys_manifest_classpath\weblogic_patch.jar;C:\bea\pa
tch_wls1002\profiles\default\sys_manifest_classpath\weblogic_patch.jar;C:\bea\pa
tch_cie640\profiles\default\sys_manifest_classpath\weblogic_patch.jar;C:\Java\JD
K15~1.0_2\lib\tools.jar;C:\bea\WLSERV~1.0\server\lib\weblogic_sp.jar;C:\bea\WLSE
RV~1.0\server\lib\weblogic.jar;C:\bea\modules\features\weblogic.server.modules_1
0.0.2.0.jar;C:\bea\modules\features\com.bea.cie.common-plugin.launch_2.1.2.0.jar
;C:\bea\WLSERV~1.0\server\lib\webservices.jar;C:\bea\modules\ORGAPA~1.5/lib/ant-
all.jar;C:\bea\modules\NETSFA~1.0/lib/ant-contrib.jar;;C:\bea\WLSERV~1.0\common\
eval\pointbase\lib\pbembedded51.jar;C:\bea\WLSERV~1.0\common\eval\pointbase\lib\
pbupgrade51.jar;C:\bea\WLSERV~1.0\common\eval\pointbase\lib\pbclient51.jar;C:\be
a\WLSERV~1.0\server\lib\xqrl.jar;;;C:\Spl\ccbwls\splapp\standalone\lib\xalan-2.7
.0.jar;C:\Spl\ccbwls\splapp\standalone\lib\serializer-2.7.0.jar;C:\Spl\ccbwls\sp
lapp\standalone\lib\antlr-2.7.6.jar
PATH=C:\bea\patch_wss110\profiles\default\native;C:\bea\patch_wlw1021\profiles\d
efault\native;C:\bea\patch_wls1002\profiles\default\native;C:\bea\patch_cie640\p
rofiles\default\native;C:\bea\WLSERV~1.0\server\native\win\x64;C:\bea\WLSERV~1.0
\server\bin;C:\bea\modules\ORGAPA~1.5\bin;C:\Java\JDK15~1.0_2\jre\bin;C:\Java\JD
K15~1.0_2\bin;C:\MICROF~1\SERVER~1.1\bin;C:\spl\ccbwls\runtime;C:\Java\jdk1.5.0_
21\bin;C:\spl\ccbwls\runtime;C:\spl\ccbwls\bin;C:\spl\ccbwls\product\apache-ant-
1.7.0\bin;C:\app\Administrator\product\11.2.0\dbhome_1;C:\app\Administrator\prod
uct\11.2.0\dbhome_1\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;
C:\Windows\System32\WindowsPowerShell\v1.0\;C:\app\Administrator\product\11.2.0\
dbhome_1\perl\bin;C:\Java\jdk1.5.0_21\bin;C:\Java\jdk1.5.0_21\lib;C:\Java\JRocki
t Real Time\jrrt-3.1.2-1.5.0\bin;C:\bea\WLSERV~1.0\server\native\win\x64\oci920_
8
* To start WebLogic Server, use a username and *
* password assigned to an admin-level user. For *
* server administration, use the WebLogic Server *
* console at http:\\hostname:port\console *
starting weblogic with Java version:
java version "1.5.0_21"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_21-b01)
Java HotSpot(TM) 64-Bit Server VM (build 1.5.0_21-b01, mixed mode)
"Starting Weblogic with the following arguments"
C:\Java\JDK15~1.0_2\bin\java -server -Xms1024m -Xmx1024m -XX:PermSize=300m -d
a -Dplatform.home=C:\bea\WLSERV~1.0 -Dwls.home=C:\bea\WLSERV~1.0\myserver -Dwli.
home=C:\bea\WLSERV~1.0\integration -Dweblogic.management.discover=true -Dwlw.i
terativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=C:
\bea\patch_wss110\profiles\default\sysext_manifest_classpath;C:\bea\patch_wlw102
1\profiles\default\sysext_manifest_classpath;C:\bea\patch_wls1002\profiles\defau
lt\sysext_manifest_classpath;C:\bea\patch_cie640\profiles\default\sysext_manifes
t_classpath -Dweblogic.management.username=weblogic -Dweblogic.Name=myserver -Dj
ava.security.policy=C:\bea\WLSERV~1.0\server\lib\weblogic.policy weblogic.Serve
r
Error occurred during initialization of VM
Could not reserve enough space for object heap
Stopping PointBase server...
PointBase server stopped.
Regards,
Sam.

Weblogic 10.2 :Authentication denied: Boot identity not valid

Weblogic 10.2 ,Windows xp prof
I have only one admin server (portal domain) and my application is targetted to admin server only. When I am startting my server the server is stopped forcedly with following exception.
If any have same kind of problem and solved it. please share the solutioin or reason for this :
<May 9, 2008 9:48:19 AM CEST> <Info> <WebLogicServer> <BEA-000215> <Loaded License : Y:\bea\license.bea>
<May 9, 2008 9:48:19 AM CEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<May 9, 2008 9:48:19 AM CEST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<May 9, 2008 9:48:20 AM CEST> <Notice> <Log Management> <BEA-170019> <The server log file Y:\bea\user_projects\doma
ins\merlinAJAX_domain\servers\AdminServer\logs\AdminServer.log is opened. All server side log events will be writte
n to this file.>
<May 9, 2008 9:48:23 AM CEST> <Error> <Security> <BEA-000000> <[Security:090737]An exception occurred while getting
connection to validate the configuration settings
java.sql.SQLException: [Security:090735]The DBMS connection was not usable
at weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateImpl.getManageableConnection(DBMS
SQLAuthenticatorDelegateImpl.java:911)
at weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateImpl.validateConfiguration(DBMSSQ
LAuthenticatorDelegateImpl.java:150)
at weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateImpl.<init>(DBMSSQLAuthenticatorD
elegateImpl.java:76)
at weblogic.security.providers.authentication.DBMSAuthenticatorDelegateImpl.getInstance(DBMSAuthenticatorDe
legateImpl.java:452)
at weblogic.security.providers.authentication.DBMSSQLAuthenticationProviderImpl.initialize(DBMSSQLAuthentic
ationProviderImpl.java:42)
Truncated. see log file for complete stacktrace
>
<May 9, 2008 9:48:26 AM CEST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.
>
<May 9, 2008 9:48:26 AM CEST> <Error> <Security> <BEA-000000> <[Security:090735]The DBMS connection was not usable>
<May 9, 2008 9:48:26 AM CEST> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; T
he user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have
been changed since the boot identity file was created. Please edit and update the boot identity file with the prop
er values of username and password. The first time the updated boot identity file is used to start the server, thes
e new values are encrypted.>
<May 9, 2008 9:48:26 AM CEST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.s
ecurity.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or passw
ord from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the b
oot identity file was created. Please edit and update the boot identity file with the proper values of username and
password. The first time the updated boot identity file is used to start the server, these new values are encrypte
d.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name an
d/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed s
ince the boot identity file was created. Please edit and update the boot identity file with the proper values of us
ername and password. The first time the updated boot identity file is used to start the server, these new values ar
e encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
>
<May 9, 2008 9:48:26 AM CEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<May 9, 2008 9:48:26 AM CEST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shu
t itself down>
<May 9, 2008 9:48:26 AM CEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
Stopping PointBase server...
PointBase server stopped.
Autonomy server stopped.
-Sreeram
Edited by sreeram.jonnalagadda at 05/09/2008 1:54 AM

It seems in my case I have a locked pointbase java process.
So I entered task manager and killed all running java process and MY domain started sucessfully.
Sreeram

Authentication denied on Weblogic admin console

I was playing with security policy for web applications and now I can't login from
console any more. It gives following error : Authentication Denied
The username or password has been refused by WebLogic Server. Please try again.
I can start the server from command line. How can I find out what is the problem
and how can I fix it ?
Thanks,
MK

Hi AB.
You can write your own pages and add them to WebLogic admin console by writing a console extension, here is a link to bea doc http://e-docs.bea.com/wls/docs100/console_ext/understandext.html
Regards,
Felix

OID + WebLogic ..Authentication denied

Dear Guys,
I use OID 11.1.1.6.0 and WebLogic 10.3.6.
Just created a simple WLS Domain and added the OIDAuthenticator to my realm. Added all the required parameters to the provide specific tab. I see the users and groups from OID are populating into myrealm->Users and Groups tab.
When I try to login into the WebLogic Console through OIDAuthenticator, it says 'Authentication denied'. Kindly see the config.xml entry below and appreciate your help. Thanks much.
<name>testdomain</name>
<domain-version>10.3.6.0</domain-version>
<security-configuration>
<name>testdomain</name>
<realm>
<sec:authentication-provider xsi:type="wls:oracle-internet-directory-authenticatorType">
<sec:name>OIDAuthenticator</sec:name>
<sec:control-flag>SUFFICIENT</sec:control-flag>
<wls:host>oracle3.cla.ca</wls:host>
<wls:port>3060</wls:port>
<wls:principal>cn=orcladmin</wls:principal>
<wls:user-base-dn>cn=Users, dc=cla,dc=ca</wls:user-base-dn>
<wls:credential-encrypted>{AES}jB+R2WyufH9tVPKJZgHhgToJmGdUYef0bs+If8jrMb8=</wls:credential-encrypted>
<wls:user-from-name-filter>(&(cn=%u)(objectclass=Person))</wls:user-from-name-filter>
<wls:all-users-filter>(&(cn=*)(objectclass=Person))</wls:all-users-filter>
<wls:group-base-dn>cn=Groups, dc=cla,dc=ca </wls:group-base-dn>
<wls:group-from-name-filter>(&(cn=%g)(objectclass=groupOfNames)) or (|(&(cn=%g)(objectclass=groupofUniqueNames))(&(cn=%g)(objectclass=groupOfNames)))</wls:group-from-name-filter>
<wls:all-groups-filter>(&(cn=*)(objectclass=groupOfNames)) or (&(cn=*)(|(objectclass=groupofUniqueNames)(objectclass=groupOfNames)))</wls:all-groups-filter>
<wls:static-member-dn-attribute>member</wls:static-member-dn-attribute>
<wls:static-group-dns-from-member-dn-filter>(&(member=%M)(objectclass=groupOfNames))</wls:static-group-dns-from-member-dn-filter>
</sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-authenticatorType">
<sec:control-flag>SUFFICIENT</sec:control-flag>
</sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-identity-asserterType">
<sec:active-type>AuthenticatedUser</sec:active-type>
</sec:authentication-provider>
<sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
<sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
<sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
<sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
<sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
<sec:name>myrealm</sec:name>
<sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
<sec:name>SystemPasswordValidator</sec:name>
<pas:min-password-length>8</pas:min-password-length>
<pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
</sec:password-validator>
</realm>
<default-realm>myrealm</default-realm>
<credential-encrypted>{AES}ZTjORSL/MHimWcm5Rt55/2hH8MCu3B8dLGvcYwMRAAE4Bv7xRVVI3neSugUngEhoXaIWNRFsSi4o58rTMTjxQnd9gPDhBV/VqRFijEWs3tDy/P8ZOPg6DVmEg4WBsYev</credential-encrypted>
<node-manager-username>weblogic</node-manager-username>
<node-manager-password-encrypted>{AES}PzBQK1IYj3Oq2BETmxFoqDlCNAt8n7Kl8fstbPVdKlc=</node-manager-password-encrypted>
</security-configuration>
<server>
<name>AdminServer</name>
<listen-port>10000</listen-port>
<listen-address></listen-address>
</server>
<embedded-ldap>
<name>testdomain</name>
<credential-encrypted>{AES}vLrGPaH6W5D7vYZlMYWjLeXaERMGbzBvX81Up4A37deegWImtQ67rY73IuQeFK9H</credential-encrypted>
</embedded-ldap>
<configuration-version>10.3.6.0</configuration-version>
<admin-server-name>AdminServer</admin-server-name>
</domain>
~

And I see the below error at log after enabling debug for security
####<Mar 21, 2012 12:33:47 PM EDT> <Debug> <SecurityAtn> <oracle5.xx.yy> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1332347627783> <BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User john denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:229)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy16.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy34.authenticate(Unknown Source)
Edited by: user11112257 on 21-Mar-2012 09:37

Weblogic authentication denied in 10.3

Not able to login to weblogic console. Have a weblogic server in one machine and i have to set up the same in another machine , when copied and paste in new machine it is not able to login to console , it is showing authentication denied..
I have tried deleting all ldap files and also tried writing the uname and password in boot.config file..
With Regards
Mit

Hi
It's a bad practice to setup weblogic domains by copy and paste. You must install new setup for every machine. Weblogic maintains hostname of the machine in a number of files. In order to get your weblogic domain working, you will have to identify all the files in which hostname needs to be changed.
Still I will recommend install a new setup on another machine.

Java.lang.SecurityException: Authentication denied: Boot identity not valid

Hi,
When I try to start up the WebLogic server by running a startup script
in the WebLogic server root directory, I am getting the following
error:
<Apr 23, 2003 1:15:11 PM EDT> <Critical> <WebLogicServer> <000364>
<Server failed during initialization.
Exception:java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
<Apr 23, 2003 1:15:11 PM EDT> <Emergency> <WebLogicServer> <000342>
<Unable to initialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
I am also pasting below the source code of the startup script that I
am using to start WebLogic server:
#!/bin/sh
# This script is used to start WebLogic Server.
# To create your own start script for your domain, simply set the
SERVER_NAME
# variable to your server name then call this script from your domain
# directory.
# This script sets the following variables before starting WebLogic
Server:
# WL_HOME - The root directory of your WebLogic installation
# JAVA_HOME - Location of the version of Java used to start
WebLogic
# Server. This variable must point to the root
directory of a
# JDK installation and will be set for you by the
installer.
# See the WebLogic platform support page
# (http://e-docs.bea.com/wls/platforms/index.html)
for an up-to-date list of
# supported JVMs on your platform.
# PATH - Adds the JDK and WebLogic directories to the system
path.
# CLASSPATH - Adds the JDK and WebLogic jars to the classpath.
# JAVA_OPTIONS - Java command-line options for running the server.
# Other variables that startWLS takes are:
# ADMIN_URL - If this variable is set, the server started will be
a
# managed server, and will look to the url specified
(i.e.
# http://localhost:7001) as the admin server.
# WLS_USER - Admin username for server startup
# WLS_PW - Cleartext password for server startup
# STARTMODE - Set to true for production mode servers, false for
# development mode
# JAVA_OPTIONS - Java command-line options for running the server.
(These
# will be tagged on to the end of the JAVA_VM and
MEM_ARGS)
# JAVA_VM - The java arg specifying the VM to run. (i.e.
-server,
# -hotspot, etc.)
# MEM_ARGS - The variable to override the standard memory
arguments
# passed to java
# PRE_CLASSPATH - Path style variable to be added to the beginning of
the
# CLASSPATH
# POST_CLASSPATH - Path style variable to be added to the end of the
# CLASSPATH
# PRE_PATH - Path style variable to be added to the beginning of
the
# PATH
# POST_PATH - Path style variable to be added to the end of the
PATH
# Alternately, this script will take the first two positional
parameters and
# set them to SERVER_NAME and ADMIN_URL. For instance, you could call
this
# script: "sh startWLS.sh myserver http://localhost:7001" to start a
# managed server named myserver, or just "sh startWLS.sh myserver"
# to start a server named myserver.
# jDriver for Oracle users: This script assumes that native libraries
required
# for jDriver for Oracle have been installed in the proper location
and that
# your os specific library path variable (i.e.
LD_LIBRARY_PATH/solaris,
# SHLIB_PATH/hpux, etc...) has been set appropriately. Also note that
this
# script defaults to the oci817_8 version of the shared libraries. If
this is
# not the version you need, please adjust the library path variable
# accordingly.
# For additional information, refer to the WebLogic Server
Administration Guide
# (http://e-docs.bea.com/wls/docs70/adminguide/startstop.html).
WL_HOME="/usr/local/bea/weblogic700"
JAVA_HOME="/usr/local/bea/jdk131_06"
. ${WL_HOME}/common/bin/commEnv.sh
# Check that the WebLogic classes are where we expect them to be
if [ ! -f "${WL_HOME}/server/lib/weblogic.jar" ]; then
echo
echo "The WebLogic Server wasn't found in directory
${WL_HOME}/server."
echo "Please edit your script so that the WL_HOME variable points"
echo "to the WebLogic installation directory."
# Check that java is where we expect it to be
elif [ ! -d "${JAVA_HOME}/bin" ]; then
echo
echo "The JDK wasn't found in directory ${JAVA_HOME}."
echo "Please edit your script so that the JAVA_HOME variable"
echo "points to the location of your JDK."
else
# Grab some file descriptors.
if [ ! -n "`uname -s |grep -i cygwin || uname -s |grep -i windows_nt`"
]; then
maxfiles=`ulimit -H -n`
if [ !$? -a "${maxfiles}" != 1024 ]; then
if [ "${maxfiles}" = "unlimited" ]; then
maxfiles=1025
fi
if [ "${maxfiles}" -lt 1024 ]; then
ulimit -n ${maxfiles}
else
ulimit -n 1024
fi
fi
fi
# Set first two positional parameters to SERVER_NAME and ADMIN_URL
if [ -n "${1}" -a "${SERVER_NAME}" = "" ]; then
SERVER_NAME="${1}"
fi
if [ -n "${2}" -a "${ADMIN_URL}" = "" ]; then
ADMIN_URL="${2}"
fi
# Figure out how to use our shared libraries
case `uname -s` in
AIX)
if [ -n "${LIBPATH}" ]; then
LIBPATH="${LIBPATH}:${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
else
LIBPATH="${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
fi
PATH="${WL_HOME}/server/lib/aix:${PATH}"
export LIBPATH PATH
export AIXTHREAD_SCOPE=S
export AIXTHREAD_MUTEX_DEBUG=OFF
export AIXTHREAD_RWLOCK_DEBUG=OFF
export AIXTHREAD_COND_DEBUG=OFF
echo "LIBPATH=${LIBPATH}"
HP-UX)
if [ -n "${SHLIB_PATH}" ]; then
SHLIB_PATH="${SHLIB_PATH}:${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
else
SHLIB_PATH="${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
fi
PATH="${WL_HOME}/server/lib/hpux11:${PATH}"
export SHLIB_PATH PATH
echo "SHLIB_PATH=${SHLIB_PATH}"
IRIX)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/irix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/irix"
fi
PATH="${WL_HOME}/server/lib/irix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
LINUX|Linux)
arch=`uname -m`
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
fi
PATH="${WL_HOME}/server/lib/linux:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
OSF1)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/tru64unix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/tru64unix"
fi
PATH="${WL_HOME}/server/lib/tru64unix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
SunOS)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
fi
PATH="${WL_HOME}/server/lib/solaris:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-server
JAVA_VM=${COMM_SERVER_VM}
fi
Windows_NT*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
PATHSEP=\;
CLASSPATHSEP=\;
CYGWIN*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
CLASSPATHSEP=\;
echo "$0: Don't know how to set the shared library path for `uname
-s`. "
esac
if [ "${MEM_ARGS}" = "" ]
then
MEM_ARGS="-Xms32m -Xmx200m"
fi
if [ "${PATHSEP}" = "" ]; then
PATHSEP=:
fi
if [ "${CLASSPATHSEP}" = "" ]; then
CLASSPATHSEP=:
fi
CLASSPATH="${JAVA_HOME}/lib/tools.jar${CLASSPATHSEP}${WL_HOME}/server${CLASSPATHSEP}${WL_HOME}/server/lib/weblogic_sp.jar${CLASSPATHSEP}${WL_H
OME}/server/lib/weblogic.jar${CLASSPATHSEP}${CLASSPATH}"
# If we are on an old version of Cygnus we need to turn <letter>:/ in
the path
# to //<letter>/
if [ `uname -s` = "CYGWIN32/NT" ]; then
WL_HOME=`echo $WL_HOME | sed "s#$[a-zA-Z]$:#//\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#$[a-zA-Z]$:#//\1#g"`
fi
# If we are on an new version of Cygnus we need to turn <letter>:/ in
the path
# to /cygdrive/<letter>/
if [ -n "`uname -s |grep -i cygwin_`" ]; then
WL_HOME=`echo $WL_HOME | sed "s#$[a-zA-Z]$:#/cygdrive/\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#$[a-zA-Z]$:#/cygdrive/\1#g"`
fi
PATH=".${PATHSEP}${WL_HOME}/server/bin${PATHSEP}${JAVA_HOME}/jre/bin${PATHSEP}${JAVA_HOME}/bin${PATHSEP}${PATH}"
# Import extended environment
if [ -f extEnv.sh ]; then
. extEnv.sh
fi
if [ ! -z "${EXT_PRE_CLASSPATH}" ]; then
CLASSPATH="${EXT_PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${EXT_POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${EXT_POST_CLASSPATH}"
fi
if [ ! -z "${EXT_PRE_PATH}" ]; then
PATH="${EXT_PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${EXT_POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${EXT_POST_PATH}"
fi
# Get PRE and POST environment
if [ ! -z "${PRE_CLASSPATH}" ]; then
CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}"
fi
if [ ! -z "${PRE_PATH}" ]; then
PATH="${PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${POST_PATH}"
fi
echo CLASSPATH=${CLASSPATH}
echo
echo PATH=${PATH}
echo
echo "***************************************************"
echo "* To start WebLogic Server, use a username and *"
echo "* password assigned to an admin-level user. For *"
echo "* server administration, use the WebLogic Server *"
echo "* console at http://<hostname>:<port>/console *"
echo "***************************************************"
if [ "$ADMIN_URL" != "" ]
then
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.management.server=${ADMIN_URL} -Dweblogic
.ProductionModeEnabled=${STARTMODE}
-Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
else
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.ProductionModeEnabled=${STARTMODE} -Djava
.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
fi
set +x
fi
--------------END OF SCRIPT----------
So can you please look at the exception and the above-pasted source
code of the startup script file and let me know what needs to be done
to fix the error?
Thanks,
Kalpana

Senthil,
What may have happened is that the boot identity (e.g., the "weblogic" user) is no longer in the realm. Or, you added a second authenticator which has a Control Flag of Required but the weblogic user cannot be found there.
If it's the first scenario, add the weblogic user (and his inclusion in the Administrators group) to the data store for your authenticator.
If it's the second scenario, you need to change the Control Flag to something less drastic such as Sufficient. In this case, you can't make the change in WebLogic Console since you can't boot your server. Have a look in config.xml and see if your newly created authenticator is listed there. If it is, change the Control Flag and try to reboot the server.
Otherwise, copy config.xml.booted to config.xml and start your server. You'll have to re-do your security realm changes, though.
HTH,
Mike

Boot Properties - Authentication Denied

Hi there,
I have one weblogic 10g r3 domain.
Which I call Domain 1
Well, I must copy my domain to create another environment.
So under same WL_HOME
I have copied DOMAIN1. I have created a new folder under $WL_HOME/user_projects/domains/
Domain 1 is working fine..
I have edited config.xml files and startup scripts (startWebLogic.cmd /SetDomainEnv.cmd)
But I getting security ERROR. In other words.
I got...
AUTHENTICATION DENIED
I don´t know what to do.
On config.xml in security section under node-manager-password-encrypted is the same value which is filled on boot.properties file under $WL_HOME/user_projects/domains/
So what am I missing here ?
I appreciate any help this is very urgent.
Thanks
Edson

Hi Sunil, basically is a general error saying that :
Authentication Denied and bla bla bla...
I have built a new domain and configured everything manually, I know, it hurts, but is working fine.
I don´t know where I missed, I did a lot of times with another envs and always worked. Using LINUX for sure.
Now I am using windows (yeah, damn it )
I guess there is something to do with encryption issues, when you copy a encripted value to another env, probably you got these errors, no big deal, I have solved, I have built a new one.
Thanks for help anyway !!

Authentication denied: Boot identity not valid

Hi,
After ADF Security Configuration, I am getting following error while running jspx pages:
<Jun 25, 2010 11:34:51 AM IST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Jun 25, 2010 11:34:51 AM IST> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
(Purposefully not putting entire run log to avoid cluttering. Can provide if needed.)
Please note that before ADF Security Configuration, I was able to run my jspx pages.
I have condifured ADF security as follows:
'ADF Authentication and Authorization' model
Form-based authentication with default login and error pages
No Automatic Grants
Redirect upon successful authentication - one of my jspx page (which was rendering fine before ADF Security Config)
Also is it possible to temporarily disable ADF security?
Where is the boot.properties located?
Thanks in advance

This error usually occurs on Weblogic server when identity store is changed. Basically the default admin user name password which is used by weblogic when u start with startWeblogic.cmd does not work.
so this is definitely not an issue of ADF Security.
You can remove ADF security from your application from the same menu which you created ADF security. Third option removed all security configuration. Before that you may want to copy your jazn-data.xml and keep it for backup.
boot.properties is to be created in domain\servers\AdminServer\security if present just edit it and
password=
username=
When you run the server it will encrypt the contents.
But as i see it is not an issue with ADF security and unless you have changed something in weblogic console realm providers not an issue with weblogic also.
Easy solution is to clode Jdev and delete defaultdomain in : C:\Documents and Settings\user\Application Data\JDeveloper\system11.1.1.2.36.55.36 and satrt Jdeveloper. Your domain will be automatically created.
Venkat

Authentication denied at server startup

I have a domain that was originally set up on a different machine. The data on the original machine was "ghosted" to a set of CDs. We put that data onto a new machine, booted it, changed the IP and hostname and some other things. When I go into the domain directory and type runWebLogic.sh I get a SecutiryInitializationException: Authentication for user weblogic denied.
I tried creating a new fileRealm.properties file using the FileRealm class and the original SerializedSystemIni.dat file and by using a completely new SerialziedSystemIni.dat file. Neither was works.
How can I get this working? Can I get it to work at all?

<context-param>
          <param-name>weblogic.jsp.precompile</param-name>
          <param-value>true</param-value>
          </context-param>
          add above tag into web.xml
          look for web.xml in edocs site.
          Hope this helps.
          "Jay Vadrevu" <[email protected]> wrote in message
          news:3c110474$[email protected]..
          > I am new to Weblogic and am trying to figure out the correct settings for
          instructing the Server to compile all JSPs at startup.
          >
          > Any help is much appreciated.
          >
          > Thanks and Regards,
          > Jay

Weblogic patch for the "Authentication for user wlsadmin denied" issue

Hi Everyone,
When I try to login to the weblogic console using the weblogic user id and password, I got below issue in the production server..Sometime back I saw a thread that Oracle has provided a patch for this issue. If any of you is aware of it then could you please provide us the patch file and its location please. This is quite a bit urgent. Awaiting for your response. Thanks in advance.
<Apr 3, 2011 10:41:02 PM ICT> <Critical> <Security> <BEA-090403> <Authentication for user wlsadmin denied>
<Apr 3, 2011 10:41:02 PM ICT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user wlsadmin denied
I need to communicate to onsite members about the patch details etc.
Edited by: user11290902 on May 13, 2011 1:27 AM

Faisal, Thank you for your response. Here the weblogic console id & password are known to few people so the guess you are making might be correct. Could anyone might have tried with incorrect credentials couple of times before we face this issue, I am not sure though. The moment we provide the credentials and upon click on Log In button we are getting j_security_check.
http://asdo0002:9683/console/j_security_check
Authentication Denied.
The username or password has been refused by WebLogic Server. Please try again.
Any information about the work--arounds or patches from weblogic would be helpful to me... Thanks a lot.

Authenticating a user present in default provider from a custom provider

Hi,
I have two authentication providers(custom and default one) configured with the configuration option "OPTIONAL" on weblogic v 10 server instance.
The custom Authentication provider basically creates a custom principal and adds the principal to the subject.This scenario works irrespective of the username sent by the client.
Now I want the custom authentication provider to add only principals (username) which are present in the default provider/ladap provider configured on the server.
for eg: If the client tries to authenticate with username "test", then my custom authentication provider should check if "test" user is present in the default/ldap provider, and if the "test" user does exists then create a custom principal with the user "test" and send it back to client as part of authentication.
How should one go about doing this? I tried to call the following code in my custom authentication provider,
try
System.out.println("default Login" + userId);
Authenticate.authenticate(environment, _subject);
principalsVector.add(new WLSUserImpl(customPrincipal.getName()));
but as expected the server startup gets into an infinite loop and throws
failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot iden
tity not valid; The user name and/or password from the boot identity file (boot.properties) is not v
alid. The boot identity may have been changed since the boot identity file was created. Please edit
and update the boot identity file with the proper values of username and password. The first time th
e updated boot identity file is used to start the server, these new values are encrypted.
Any help on this would be great.
Thanks in Advance.
Regards,
Preethi.

Hi,
Thanks for the information. It works when you change the configuration option for both the providers to sufficient . Now the subject gets populated with the custom principal and sent back to the client
can you tell me how to invoke an EJB method using this customprincipal from a java client? The EJB method is mapped to users having Admin role.
Best Regards,
Preethi.

Weblogic.security.SecurityInitializationException: Authentication for user

Folks,
I've newly installed Weblogic server on my home laptop.
I can't startup the weblogic server.
Errors are
Now, I know the location of the boot.properties file the server accesses, because if I delete and restart the server it asks for userid/password.
If that file does not exists it gives the following error
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
So, I thought the best way is to RECOVER the password and tried following the steps
1. At the command line, change directory to the domain and run the setEnv script to set the PATH and CLASSPATH.
2. cd <domain_home>/security
3. mv DefaultAuthenticatorInit.ldift DefaultAuthenticatorInit.ldift_BKP
4. run java weblogic.security.utils.AdminAccount <tempadmin> <temppassword> ./
-above command will Create a new DefaultAuthenticatorInit.ldift
4. cd <domain_home>/servers/<AdminServer>/data/ldap
5. mv DefaultAuthenticatormyrealmInit.initialized DefaultAuthenticatormyrealmInit.initialized_BKP
6. Restart the Admin Server.
7. Login with new username/password
The question is how do I run Step 4) above? Like what is the Java home, or jar file that has the weblogic.security.utils.AdminsAccount class?
Thanks
Ravi

The class "weblogic.security.utils.AdminAccount" is part of weblogic.jar
And JAVA_HOME would be the java installation directory, for example "D:\Middleware\wls1036\jdk160_29\bin"
So, for example, the same command can be read as
D:\Middleware\wls1036\jdk160_29\bin\java -cp D:\Middleware\wls1036\wlserver_10.3\server\lib\weblogic.jar weblogic.security.utils.AdminAccount <tempadmin> <temppassword> .
OR
Another option for you is to just run setDomainEnv to set the JAVA_HOME and CLASSPATH variables for us.
For windows open a command prompt and run,
<domain_home>/bin/setDomainEnv.cmd
For linux run,
. <domain_home>/bin/setDomainEnv.sh {Remember the dot and space, ". ", at the beginning are very important for a open shell with the environment variables set}
After running the above command, then cd <domain_home>/security (step 2)
Now, after doing the above, you can directly run the command in step 4
java weblogic.security.utils.AdminAccount <tempadmin> <temppassword> ./
Arun

Authentication Denied

Similar Messages

Maybe you are looking for