J2EE_ADMIN User

Hi experts,
need help If I start communication between java stack and abap stack I get the following error:
"Support desk was not able to read the properties of rfc destination 'QHR_LINVM88_QHJ' Check that the ABAP user 'J2EE_ADMIN' has sufficient authority for administration of RFC destinations. "
The J2EE_ADMIN User has "*" authorizations for S_RFC, S_RFC_ADM and S_ADMI_FCD in a special role.
The role "S_RFC_ADM" has the activity "03"...is that not enough?
I have deactivated the standard role "SAP_J2EE_ADMIN" --> is that the problem?
If this is the problem - why?
The role with the "*" authorizations for S_RFC should be enough or not?
Thanks in advance for all hints and answers...
Greeeez
Edited by: mrpynk on Apr 15, 2011 10:58 AM

What am I thinking today? 1st I gave a solution for SAPJSF* user then edit then edit...May be Friday is heavy on me and I should take a off now...sorry for multiple mails in your inbox
However are you sure that the ABAP user is J2EE_ADMIN? not SAPJSF_<SAPSID of AS Java>? That's the standard user used for datasource in ABAP system. And if the intention is to read user master data from ABAP source the those 2 roles should work.
I am out now.
Regards,
Arpan Paik

Similar Messages

J2EE_ADMIN user getting locked frequently

Hi SAP Guru's,
The user J2EE_ADMIN in our nw2004s system is getting locked frequently. We have changed the password of this user in ABAP via SU01 & in JAVA in the secure store via configtool. The server was re-booted after doing these changes. Still the user J2EE_ADMIN is getting locked frequently. Also in SM21, we have a log <b>"J2EE_ADMIN locked due to incorrect logon"</b> for this locking which mentions the user as SAPJSF (Communication user between ABAP & JAVA).
Is there a possibility that SAPJSF is locking the user J2EE_ADMIN ?? how & why ??
Any help on this will be highly appreciated.
Thanks,
Sanjeev.

have you solve this issue? we have the same!
every half hour (xx:51:00 and xx:29:00), the J2EE_ADMIN user is locked by user SAPJSF transaction KRNL from the local host (terminal).
We have changed the pass in secure store in configtool to the pass we used in abap.
In "Visual Administrator" "Cluster>Server>Services-->Security Provider" the user have a checked box at "No password change required"
We searched for other places with a wrong pass (Jco Connections = no J2EE_ADMIN used, SLD = no J2EE_ADMIN used), but found nothing.
need help pls.
regards
chris

Cannot use create user as j2ee_admin

Hi, All:
The system is: double stack, ABAP & Java, NW04s SR2 SP12, BI + EP, AIX + Oracle.
After successful installation, we logon the portal as j2ee_admin, when choose User Administartion -> Identity management, error occurs with message: "A required service for the identity management user interface is not available. Contact your system administrator ".
Then we go to http://<hostname>:50100/nwa -> administration -> identity management ->create user, error occurs with message:"Current user has user creation permissions in the UME, but cannot create users in the back-end system (data source). The original and possibly untranslated message was: "java.lang.reflect.UndeclaredThrowableException"
We check the UME settings via configtool and also check the sap_j2ee_admin role assigned to j2ee_admin in ABAP, it seems all correct.
So it's so strange that we can logon as j2ee_admin but can't do the user administration job.
Anyone met the same issue?
Any info will be highly appreciated!
Best Regards,
D.H

Hi David,
In the case of dual stack installations, the default admin user for the Java Stack is j2ee_admin, which would be created at the installation time itself. By default, one system user SAPJSF will also be created by default for dual stack installations which is used for the communication in between the ABAP stack and JAVA Stack.
This system user will be used for the commucation in between(UME and ABAP datasource).
You can also see two roles named, SAP_BC_JSF_COMMUNICATION and SAP_BC_JSF_COMMUNICATION_RO. Based on the assigned role to the system user, SAPJSF, one admin user on the Java Stack can only view(if the assigned role is SAP_BC_JSF_COMMUNICATION_RO ) the User related data and can view/edit( if the assigned role is SAP_BC_JSF_COMMUNICATION) the User related informations.
Just check, the assigned role to the SAPJSF user. If the assigned role is SAP_BC_JSF_COMMUNICATION you can modify the user informations(create and modify) on the Java Stack using the j2ee_admin user, if the assigned role is SAP_BC_JSF_COMMUNICATION_RO , you will not be able to modify the user related informations through the Java Stack.
If you want to modify the user related informations through Java Stack, then you have to assign the SAP_BC_JSF_COMMUNICATION role to the system user, SAPJSF. After the role assignment you have to restart the server inorder the changes to take effect.
For data consistency and security, it is not recommended to manipulate the user related informations using both su01(ABAP) and UME(java).
Regards,
Kishor Gopinathan

Access to user management with j2ee_admin

Hello, All
I have a problem I'm trying to access to user management () with j2ee_admin user, but when I log on with this users in the screen don't shown anything, only the fiels of usuername and password are cleaned and I enter other password in the screen, I got this message on the screen: User authentication failed . However I log on in the visual administrator with j2ee_admin and the same password nd the connection is succesfull.
We have enabled the sap* user but it did work.
Any suggestions for this problem?
thanks a lot
Danny

HI Joao
we found that one certificate there isn`t in the backend, this certificate was created again then this certificate was uploaded and the problem was solved
You could check the certificates in your backend system.
I hope this information helps you
Danny

No portal roles are assigned for this user.If this problem persists, contac

I am trying to access portal first time using j2ee_admin user. It is saying "No portal roles are assigned for this user.If this problem persists, contact your system administrator."
iam using abap+java enginee how config in abap enginne ,iwant which role to assign j2ee_admin user
i already asiigned sap_j2ee_admin,SAP_BC_JSF_COMMUNICATION,SAP_BC_JSF_COMMUNICATION_RO but it show same problem
please help me..
Edited by: Mugala Balu on Aug 7, 2010 5:53 PM
Edited by: Mugala Balu on Aug 8, 2010 7:48 AM

Balu,
Well this issue has been discussed many a times in forums. You would have to point your data source to ABAP system.
Check this thread in [here|J2EE Failed to start , after changing UME datasource;.
Good Luck!
Sandeep Tudumu

Creating new user in enterprise portal 7 .0

Hi,
I have installed enterprise portal 7.0 and backend is ECC 6.0 on windows 2003.i have logged with J2EE_ADMIN user.when i am trying to create new user in EP7.0 ,i got this problem.(an error occured,contact system administrator).please help me.

Hi,
Go to http://<server>:5<instance no>00
Click on User Management. After login, go to Configuration tab and there you can check.
Thanks
Sunny

Error while trying to access User Management Engine

Hi,
when I am trying to login to UME using J2EE_ADMIN user id and password, I am getting the following error.
Unknown message (ID = java.lang.ExceptionInInitializerError
at com.sap.i18n.cp.ConvertBase.CheckConverterJNIAvailable(ConvertBase.java:80)
at com.sap.i18n.cp.ConvertBase.<init>(ConvertBase.java:91)
at com.sap.i18n.cp.ConvertXToC.<init>(ConvertXToC.java:19)
at com.sap.security.core.ticket.imp.Ticket.getString(Ticket.java:359)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:413)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:339)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:318)
at com.sap.security.core.server.jaas.EvaluateTicketLoginModule.login(EvaluateTicketLoginModule.java:268)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:189)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:103)
at com.sap.security.core.logon.imp.JUMAuthenticator.forceLoggedInUser(JUMAuthenticator.java:267)
at com.sap.security.core.admin.ServletAccessToLogic.getActiveUser(ServletAccessToLogic.java:141)
at com.sap.security.core.admin.UserAdminLogic.executeRequest(UserAdminLogic.java:438)
at com.sap.security.core.admin.UserAdminServlet.doPost(UserAdminServlet.java:26)
at com.sap.security.core.admin.UserAdminServlet.doGet(UserAdminServlet.java:19)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
... 45 more
I have checked the password for J2EE_ADMIN from the ABAP end, it worked well.
Please suggest me the solution for this issue.
Thanks & regards,
Reddy

Hi,
I have checked UME properties in property sheet and everything is fine but still facing the same issue. Please find the default trace file below.
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
     at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
     ... 50 more
) not found in properties files-java.lang.ExceptionInInitializerError
     at com.sap.i18n.cp.ConvertBase.CheckConverterJNIAvailable(ConvertBase.java:80)
     at com.sap.i18n.cp.ConvertBase.<init>(ConvertBase.java:91)
     at com.sap.i18n.cp.ConvertXToC.<init>(ConvertXToC.java:19)
     at com.sap.security.core.ticket.imp.Ticket.getString(Ticket.java:359)
     at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:413)
     at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:339)
     at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:318)
     at com.sap.security.core.server.jaas.EvaluateTicketLoginModule.login(EvaluateTicketLoginModule.java:268)
     at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:189)
     at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
     at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
     at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:103)
     at com.sap.security.core.logon.imp.JUMAuthenticator.forceLoggedInUser(JUMAuthenticator.java:267)
     at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.forceLoggedInClientUser(ClientUserFactory.java:145)
     at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.checkAuthentication(ClientUserFactory.java:282)
     at com.sap.tc.webdynpro.services.sal.um.api.WDClientUser.checkAuthentication(WDClientUser.java:230)
     at com.sap.tc.webdynpro.clientserver.cal.ClientManager.checkAuthentication(ClientManager.java:1057)
     at com.sap.tc.webdynpro.clientserver.cal.ClientManager.findClientWindow(ClientManager.java:813)
     at com.sap.tc.webdynpro.clientserver.cal.ClientManager.doProcessing(ClientManager.java:201)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doWebDynproProcessing(DispatcherServlet.java:154)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:116)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:48)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
     at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
     ... 50 more
[EXCEPTION]
#1#java.util.MissingResourceException: Can't find resource for bundle java.util.PropertyResourceBundle, key java.lang.ExceptionInInitializerError
     at com.sap.i18n.cp.ConvertBase.CheckConverterJNIAvailable(ConvertBase.java:80)
     at com.sap.i18n.cp.ConvertBase.<init>(ConvertBase.java:91)
     at com.sap.i18n.cp.ConvertXToC.<init>(ConvertXToC.java:19)
     at com.sap.security.core.ticket.imp.Ticket.getString(Ticket.java:359)
     at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:413)
     at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:339)
     at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:318)
     at com.sap.security.core.server.jaas.EvaluateTicketLoginModule.login(EvaluateTicketLoginModule.java:268)
     at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:189)
     at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
     at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
     at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:103)
     at com.sap.security.core.logon.imp.JUMAuthenticator.forceLoggedInUser(JUMAuthenticator.java:267)
     at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.forceLoggedInClientUser(ClientUserFactory.java:145)
     at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.checkAuthentication(ClientUserFactory.java:282)
     at com.sap.tc.webdynpro.services.sal.um.api.WDClientUser.checkAuthentication(WDClientUser.java:230)
     at com.sap.tc.webdynpro.clientserver.cal.ClientManager.checkAuthentication(ClientManager.java:1057)
     at com.sap.tc.webdynpro.clientserver.cal.ClientManager.findClientWindow(ClientManager.java:813)
     at com.sap.tc.webdynpro.clientserver.cal.ClientManager.doProcessing(ClientManager.java:201)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doWebDynproProcessing(DispatcherServlet.java:154)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:116)
     at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:48)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
     ... 50 more
     at java.util.ResourceBundle.getObject(ResourceBundle.java:326)
     at java.util.ResourceBundle.getObject(ResourceBundle.java:323)
     at java.util.ResourceBundle.getString(ResourceBundle.java:286)
     at com.sap.security.core.util.ResourceBean.getString(ResourceBean.java:115)
     at com.sap.security.core.util.ResourceBean.print(ResourceBean.java:129)
     at jsp_umLogonPage1257494316062._jspService(jsp_umLogonPage1257494316062.java:137)
     at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
     at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:566)
     at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:190)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
     at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
     at com.sap.security.core.logonadmin.ServletAccessToLogic.gotoPage(ServletAccessToLogic.java:138)
     at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.doLogon(SAPMLogonLogic.java:993)
     at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.uidPasswordLogon(SAPMLogonLogic.java:630)
     at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.executeRequest(SAPMLogonLogic.java:150)
     at com.sap.security.core.sapmimp.logon.SAPMLogonServlet.doPost(SAPMLogonServlet.java:60)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Please suggest me the solution for this issue.
Thanks & regards,
Reddy

Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only

After installation fo ECC6,When I am trying to connect to visual admin,I am getting given below error.
I am also not able to login to NWA
Application cannot be started.
Details:
com.sap.engine.services.deploy.container.ExceptionInfo: Naming error.
System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400010000000001A6B16F0004A600094A9828#1308418992937#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-13,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400020000000001A6B16F0004A6000C292AF0#1308419041078#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-24,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400030000000001A6B16F0004A6001D1853B8#1308419325187#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-35,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400000000000001CA1A680004A6008F78FF48#1308421244125#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-2,5,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400010000000001CA1A680004A600919BB068#1308421279953#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-13,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400020000000001CA1A680004A6009220F598#1308421288687#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-24,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400030000000001CA1A680004A60097A70598#1308421381359#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-35,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400040000000001CA1A680004A6009867E880#1308421394000#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-46,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400000000000001402EEB0004A600E643EE28#1308422700265#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-2,5,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
Any help would be highly appreciated.
Thanks
Sukrut

Hello,
If you have a installation of dual stack(ABAP + JAVA) system.. check in SU01 transaction if SAP_J2EE_ADMIN role is assigned to the J2EE_ADMIN user. If not, please assign it.
For only JAVA stack systems, default administrator user is Administrator.
thanks
ashish

Creation of users for SDM

Hi,
I have a WAS 6.40 running on a server.Now we have different developers who work on their respective desktops using NWDS.
When they want to deploy WD app from their NDS,it asks for a SDM passwd.
What exaclty is this SDM passwd?Is it the passwd for J2EE_ADMIN user?If yes,is it possible to create separate users for SDM so that the developers can have their own user id and passwd without using the J2EE_ADMIN passwd?
regards,
Bhupesh

hi Bhupesh,
there are no users for SDM as such. you have only a password.
If you had made a default installation your master password which u give during the installation is your SDM password.
otherwise, your password is what you gave for SDM excluisvely during the installation (this is Custom Installation).
if yo had forgotten the password, follow this thread to reset your password.
Getting SDM Password
Rgds
Ak
Message was edited by: Arunkumar Ravi

NWA or User Management doesn't start

Hello, All !!
I have recently installed a NW 7.0 system. Details listed below:
System: SAP SRM 5.0 SR3
Stacks: ABAP+JAVA - single install
Platform: HP-UX (64-bit)
Database: Oracle
Issue / Problem that's on hand
I am not able to bring up User Management or NWA from the URL:
<http>://<AS_Java_hostname>:<AS_Java_HTTP_port>/nwa
<http>://<AS_Java_hostname>:<AS_Java_HTTP_port>/useradmin
User ID: J2EE_ADMIN
Password: Installation Master Password
Once I enter these details and click on login button, I get back the same blank login screen. If I enter incorrect password, then I get an error: "User Authentication failed".
When I log on to AS ABAP, I see the following users defined:
J2EE_ADMIN
J2EE_GUEST
SAPJSF.
In the config tool, the guest user is specified as J2EE_GUEST (property ume.login.guest_user.uniqueids).
=======================================================================
Here are related excerpts from the installation guide
As of SAP NetWeaver 7.0 and Business Suite 2005, you can install an ABAP+Java system in one installation run. This means that AS Java is configured by default against ABAP client 001.
You can choose one of the following methods to set up your new production client:
n You install the ABAP and the Java part of your system separately.
n You install an ABAP+Java system and reconnect the Java part.
n You install an ABAP+Java system and do not reconnect the Java part.
Bonjour!! (Most frequently used word from my French vocabulary (FV)!! BTW - my FV has very few words.)
Hope everyone's doing fine. I have been bothering a few on the team with my questions and have been receiving prompt reply. And here's yet another question I need some advise on.
Excerpts from the installation guide:
As of SAP NetWeaver 7.0 and Business Suite 2005, you can install an ABAP+Java system in one installation run. This means that AS Java is configured by default against ABAP client 001.
You can choose one of the following methods to set up your new production client:
n You install the ABAP and the Java part of your system separately.
n You install an ABAP+Java system and reconnect the Java part.
n You install an ABAP+Java system and do not reconnect the Java part.
Installing an ABAP+Java System and Reconnecting the Java Part
If you need the Java users in your ABAP production client, you have to manually configure the connection of the Java part to the ABAP part.For more information about Java users, see the table User Management Engine (UME) in Basic SAP System Parameters [page 28].
1. You install the ABAP+Java system as described in this documentation.
2. You perform the client copy [page 144].
3. You reconnect the Java part to the production client as described in SAP Note 937323.
=======================================================================
Eventually, I want to change the client in AS JAVA to point to production client and not client 001. But right now, I am not even able to bring up NWA or User Management. But I can bring up "System Information" - logging in as J2EE_ADMIN user.
Please let me what needs to be done to correct this problem.
Thanks in advance!!
Madhavi

Hi,
Login into your 001 client and check whether your j2ee_admin or j2ee_guest are locked? If yes then unlock them and try again.
Also if you want to change the password then make sure you update the pasword in the secure storage area of web as java through configtool.
Regards,
Vamshi.

Unable to create the user in identity management

Hi,
I have installed ABAP+JAVA system as per standard ABAP will take care of java datasourse.
But we can create the user in identity management, I could not create the user in identity management.
In R3 for j2ee_admin user i have given the role SAP_BC_JSF_COMMUNICATION and SAP_BC_JSF_COMMUNICATION_RO
I am phasing the issue when i create the user in identity management :
Current user has user creation permissions in the UME, but cannot create users in the back-end system (data source). The original and possibly untranslated message was: "No active writeable datasource found for user creation, check your Persistence Configuration.".

Please check this thread /message/7428560#7428560 [original link is broken]
Thank you,
Shyam

Forgot Password for J2EE_Admin An error occurred in the persistence. The or

I need your help!!
I forgot password for j2ee_admin and need to enter the Visual Administrator
I do not like change, achieved with the user enter SAP* to UME but will not let me change it.
When I try to change the key, I get the following error
An error occurred in the persistence. The original and possible not translatet message was: "Attribute "lockreason" on namespace "com.sap.security.core.usermanagement" of principal "UACC.R3_DATASOURCE.J2EE_ADMIN" is not modifiable.". Contact your system administrator.
somebody can help me!!
thanks
Edited by: Manuel Sandoval on Jul 9, 2008 10:20 PM

Hi,
if am not wrong, J2EE_ADMIN user only when you have ABAP+J2EE instance where your JAVA UME is mapped to ABAP UME.
Login to ABAP instance, go to SU01 and reset J2EE_ADMIN password.
regards
Anand.M

J2EE_Admin Unable to Add iView Permissions (Connecting BEx and Portal)

Hi guys,
I'm trying to set up a connection between BEx Web and Portal in a Netweaver 2004s environment.
Following notes 917950, I have made the configuration using Template Installer and RSPOR_SETUP.
Perhaps unsurprisingly, there are some issues.
Diagnostics & Support Desktop Tool (note 937697) shows 6 red lights:
1. BI iView Permissions
2. BI Mastersystem
3. BI Portal System Permissions
4. URLs Prefixes Customized on Both J2EE and ABAP Side
5. User Mapping of User DDIC
6. WebAS ABAP Certificate and Login Modules Configuration
Here, let's just look at
1. BI iView permissions.
<b>Error: </b>
The BI Report-Report Interface iView does not have the necessary permissions for being called directly.
My question is
Why can't the J2EE_Admin user do the following fix (Note 983683)?
1) In the portal, follow the path
"Content Administration -> Portal Content"
"Portal Content -> Content Provided by SAP -> Platform Add Ons ->
"Business Intelligence -> iViews -> BEx Launcher (transactions for RRI)"
(pcd:portal_content/com.sap.pct/platform_add_ons/com.sap.ip.bi/iViews/com.sap.ip.bi.rritransaction).
2) From the context menu for this entry, choose "Open" -> "Permissions".
3) "Search" for the "User Group" (Caution: not the "role") "Everyone" and add this to the list of assigned authorizations.
Set the value "None" in the selection field of the "Administrator" column and set the indicator "User". Save your changes.
The "ADD" button is not clickable!! Is it because the J2EE_ADMIN user is not authorized to add permissions?
I hope the experts here can provide some light into the situation. Points will be awarded for helpful answers. Thank you!!
Regards,
SJ

2. BI Mastersystem
it depends on the type of error, see the hint given by the disgnostics tool, if it is sothing to do with BW system alias, so you have to connect to your portal and in system configuration->systemlandscape-> right click on SAP_BW then choose system alias and add the one proposed earlier in the diagnostics tool
3. BI Portal System Permissions
add group everyone on you SAP_BW system on systemlandscape
4. URLs Prefixes Customized on Both J2EE and ABAP Side
the one declared in the portal should be the same as the one in RSPOR_T_PORTAL table. you can modify this table to include the domain name of your URL
5. User Mapping of User DDIC
open your java admin consol (http://server....:5sid00 and then click on user administration, choose ddic the in the mapping tabulation click on modify the enter j2ee_admin as a user for the mapping, it should solve this point, don't forget to save.
6. WebAS ABAP Certificate and Login Modules Configuration
for this one you have to give the error text so i can help.
if it helps give points.
Regards.
Lakhdar Mourad

XI Installation Error - J2EE_ADMIN Password Mismatch

Hello all,
I am doing an XI 3.0 SR1 64 bit installation on SUSE Linux/Oracle. I have successfully installed the SAP WebAS 640 Unicode ABAP + J2EE system. The J2EE was installed against client 300, which was a USCV
system copy from client 000. All prequisites as described in SAP XI 3.0 SR1 Installation Guide - Doc Version 1 December 15 were followed.
The J2EE engine worked BEFORE starting the XI Installation. However, the XI installation crashed in phase 11 of 17 while trying to start the J2EE engine. It looked like the reason for the crash was becasue the number of the opened files at the time the engine was starting was too high and this caused ZipExceptions when trying to open the jar files for the services and libraries of the J2EE Engine. The error from the log was: 'ERROR:java.io.IOException: Too many open files'
It looked to be some sort of ulimit issue, which we corrected this. We updated the ulimit settings and tried re-running the XI installation from the beginning.
Now, at the start of the XI installation, when it prompts us for the J2EE_ADMIN password it says that we are entering the incorrect password. Yet, when I login to the ABAP stack to verify the J2EE_ADMIN password it is correct there. I know I am entering the correct password. Why is there a mismatch? Does SAP temporarily change the password when doing the XI installation? What can we do to reset the password?
Thanks for any help!
]eff Dubois

We just installed three XI systems on Linux/Oracle with SP 16.
The main thing to note is which client your J2EE engine reads the users/roles from. Did you try checking for the j2ee_admin user in both client 000 and 300?
Also, there are setting for the J2EE engine that show you which client it's reading the user/role information from.
Regards,
Jay Malla
Licensed To Code
Here is some information from OSS:
We received this info from SAP OSS.
I think you may have selected the incorrect user persistence during installation.
Please check the value of the property :-
ume.persistence.data_source_configuration
from the J2EE Visual Administrator
--> Cluster --> server0 --> services --> UME Provider
The value should be :-
dataSourceConfiguration_r3_roles_db.xml
Please refer to the attached note :-
#718383 NW04: Supported UME Data Sources and Change Options
and page 15 of the XI 3.0 SR1 Installation Guide, i.e.,
"During the install of the J2EE Engine you should choose the XI specificinstallation option for the J2EE Engine in UME User Group management (Use SAPGUI Transaction PFCG) "
If you did not select this option then unfortunately you will have to reinstall the system. Changing the value now will not resolve the issue as user roles have already been generated and mapped incorrectly
Please see the attached screenshot of the correct UME option to select during installation.
If you did select the correct option during installation and you have encountered this problem then please provide remote access to the Integration Server and J2EE Engine Visual Administrator as per the attached note :-
#769478 remote connections to XI systems
The problem that we're now facing is that our J2EE engine does not start. So we're chasing another SAP OSS note
-SAP Note Number: 810434
NW'04: J2EE does not start after switching UME persistence
We just restarted the system - the dispatcher starts:
503 Service Unavailable
6.40
Dispatcher running but no server connected!
SAP Note Number: 810434
NW'04: J2EE does not start after switching UME persistence
Version: 1, Note Language: EN, Released on: 01/19/2005
Symptom
After having changed the user persistence (datasource configuration file) to ABAP, the J2EE does not start.
Reason and Prerequisites
You have installed NW'04 SP3 with dataSourceConfiguration_database_only. You have switched to dataSourceConfiguration_r3.xml or dataSourceConfiguration_r3_rw.xml. After the change, the J2EE does not start. In the default trace, you get the following error messages:
Core service security failed. J2EE Engine cannot be started.
Caused by: com.sap.security.api.UMException: USER_AUTH_FAILED: Logonid "Guest" is not unique!
Solution
In the connected ABAP System, a user with logon id GUEST exists. Delete (or rename) the user GUEST on the ABAP System, and restart the J2EE.
SAP recommends to user the configuration file dataSourceConfiguration_r3_rw.xml for ABAP user store in the scenario described under Reason and Prerequisites.
In case you have installed >= SR1, you have already chosen the ABAP user repository during the installation. Thus, this error cannot appear. See note 718383 for the possible installation options

J2ee_admin keeps getting locked

Hi,
I changed the j2ee_admin password in both the secure storage of Java AS and in ABAP. Our SLD connection also seemed to use the j2ee_admin user in tx SLDAPICUST which I also changed but still it gets locked each time! SAPJSF user reports the locked j2ee_admin account in the syslog after awhile when unlocking it.
Where else could j2ee_admin be possibly being used where I still need to change the password ? ..or any other log files on Java AS that could tell me of errors or give me more info ?
Thanks!
Regards,
Nelis
Sorry, not sure if this is the right place to post this question.

Hello Neil,
When you log into R/3 and go to transaction SU01 does the j2ee_admin user show up "locked"? In addition to changing the password did you remember to unlock the user. Also, you might try changing the user type from dialog to system in su01. If you have a security policy that requires the password to be changed at first logon or after a period of time, this could cause the logon failures. Changing the user type to system or communication type will avoid the forced password changes for j2ee_admin.
If the issue continues to occur you should check the ./cluster/server#/log/defaultTrace.#.trc for exceptions regarding the j2ee_admin user. Another useful log is the ./cluster/server#/log/system/security.#.log which will show details more specific to the security provider.
Regards,
Nathan

J2EE_ADMIN User

Similar Messages

Maybe you are looking for