Lost policy configurations in Security proivder in Visual Administrator
Hi Portal Gurus,
I lost Polcy Configurations in Security Provider service in Visual Administrator.Now Iam not able to login to Visual Administrator its giving an error.But portal is up and running .when I check in visualadminconsole log saying "logon module not suceeded"
Is there anyway to recover Policy configuration ?
Regards
Tami
Pl follow the steps given in the below link.
Thanks,
Vuthpala
[[http://help.sap.com/saphelp_nw70/helpdata/en/7f/c52442ad9f5133e10000000a155106/frameset.htm]]
Similar Messages
-
Configure Memory Info service in Visual Administrator
Hello All,
I need to configure Memory Info service in Visual Administrator.
I am looking for a service/tool which will give me a summary of used/free and total memory in portal.
Ive read a little about Memory Info service and i think this will help me fulfill my requirement.
1. If you know of any other tool which will help me in my requirement, please give details.
2. Please guide me to configure Memory Info Service in Visual Admin. Currently its appears as its not configured. When I right click on it, the Start and Stop commands in the context menu are disabled.
Awaiting Reply.
Regards,
RituHello Detlev,
In the Visual Administrator, there are few services like:
1.Memory Info - The context menu for Start / Stop is greyed out.
How can I start this service?
Referring to your reply above, could you please be little more explicit.
2. Message Info - enabled.
3. Monitoring - enabled.
Awaiting Reply.
Regards,
Ritu -
Missing Security Provider in Visual Administrator
Hi there,
I'm missing the service "Security Provider" in the Visual Administrator. There is only the service "Security", but it's not the same like "Security Provider". I need this service, because I try to run the Adobe Document Server on our Solution Manager.
Can anybody help me?
Thanks and best regards,
MaxHi,
@ Sneha: yes, it's strange and I've checked all instances.
@ Tom: .. some information about the sap system:
- OS: AIX 6.1
- Component version: SAP EHP 1 for SAP Solution Manager 7.0
- SP: 24
I've followed this path:
--> cluster data -> instance_idxx -> server_idxx -> services ...
but I have also checked the following paths:
--> Global disptacher configuration -> services ....
--> Global server configuration -> services ...
I can only find the services security .. but this doesn't help me
Thanks for your answers.
Best regards,
Max -
Remoteaccess to Visual Administrator
Hello,
we have a Portal 7.0 and a lot of consultants have installed the visual binaries on their pc and are now able to configure/change things in the visual administrator. For production system we are planning to reduce this access. Can someone tell me with role/authorization you need to access the visual administrator? Is it possible change the security in the way, that no remote login is allowed?
Thanks
AlexanderHi,
1. If your visual administrator (P4 Port) is accessable and not protected by any firewall you will not be able to restrict the physical access from outside. This access should only be possible from within your company network so I guess all the consultants who are accessing the J2EE using a local visual admin are located on the internal network and have a direct TCP Connection to the engine. If you know the IPs restrict the access using a firewall or just allow the access from a couple of hosts (e.g only yours) This only works if you have a static IP or if you can make sure that if you are using DHCP the DHCP Server always assigns the same address to your machine
2. Let's assume you are not able to restrict the physical access to the engine than you can still restrict the access on a user base. In order to access the Administration you have to be aware of any user within the j2ee who has appropriate administration rights (e.g. the Administrator user)
If the consultants know the Administrator password you should change it using the configtool (modify the password in secure store etc.)
If they have personalized users than just remove all the administration rights. Without administration rights a user is not able to access the J2EE Administration (You will get an error message in the status bar saying "Error while connecting")
Cheers
Marcel -
Hi guys,
We deployed a simple application in our new SAP NW 7.3 JAVA instance; by calling the application, we receive "error 403 : Error: You are not authorized to view the requested resource."; this was fixed wihtin NW 7.x by adding a user/group within security roles of the selected component ( Visual Admin => Security Provider => Policy Configurations => select component and than security roles );
where to do this within NWA 7.3 ?
any ideas;
Thanks
OliverHi Oliver,
Procedure
Start SAP NetWeaver Administrator with the quick link /nwa/auth.
Choose Components.
Select a policy configuration.
On the Authentication Stack tab, choose the Edit pushbutton.
Determine if you want to use an existing template or if you want to change the policy configuration of the current component.
To use an existing template, select a template from the Used Template field.
For authscheme references, select a template from Used Authscheme.
The component uses the settings and authentication stack from the template. To edit these settings, edit the settings of the policy configuration template. To create a new template, see Creating Authentication Stack Templates for Policy Configurations.
To change the policy configuration of the current component, do the following:
Add and remove login modules as required.
The system applies the login modules in the order they appear in the list.
Set a processing flag for each login module.
For more information about login module flags, see Policy Configurations and Authentication Stacks.
Add and remove any options to the login modules.
Set the authentication stack parameters according to the type of policy configuration.
Please,go through below help file
http://help.sap.com/saphelp_nw73/helpdata/en/4a/734e26fa92731fe10000000a42189c/frameset.htm
Cheers
Revanth Pasupuleti -
Order of Security Policy Configuration
Hi,
I want to change the order of the Policy Configuration so that my CustomLoginModule is checked before the others.
Can i do that without removing all others and adding them again one after another?
Greetings,
Mariusheres a helpfull url http://java.sun.com/j2se/1.3/docs/guide/security/PolicyFiles.html#DefaultLocs
-
Ping time out, server connection is lost in visual administrator after java
Dear all,
Recently I have done system copy for XI system. I have imported the java import after importing the abap stack into the target system as java add in abap.The import phase finished successfully and java engine is also working well.
I have confirmed this by moving to the browser page " http://hostname:50000/ and XI system http://hostname:50000/rep ". Everything is working fine and in MMC console as well.
But while trying to log in to visual administrator i am getting the error message as " ping time out,connection to server is lost "
std_serverout.log
unrecoverable stack overflow has occurred.
An unexpected error has been detected by HotSpot Virtual Machine:
EXCEPTION_STACK_OVERFLOW (0xc00000fd) at pc=0x00000000080e3c66, pid=2940, tid=928
Java VM: Java HotSpot(TM) 64-Bit Server VM (1.4.2_16-b05 mixed mode)
Problematic frame:
V [jvm.dll+0xe3c66]
An error report file with more information is saved as hs_err_pid2940.log
stdout/stderr redirect
node name : server0
pid : 3060
system name : XIT
system nr. : 03
started at : Tue Feb 17 18:42:50 2009
CompilerOracle: exclude com/sapportals/portal/pb/layout/taglib/ContainerTag addIviewResources
CompilerOracle: exclude com/sap/engine/services/keystore/impl/security/CodeBasedSecurityConnector getApplicationDomain
CompilerOracle: exclude com/sap/engine/services/rmi_p4/P4StubSkeletonGenerator generateStub
CompilerOracle: exclude com/sapportals/portal/prt/util/StringUtils escapeToJS
CompilerOracle: exclude com/sapportals/portal/prt/core/broker/PortalServiceItem startServices
CompilerOracle: exclude com/sap/engine/services/webservices/server/deploy/WSConfigurationHandler downloadFile
CompilerOracle: exclude com/sapportals/portal/prt/jndisupport/util/AbstractHierarchicalContext lookup
SAP J2EE Engine Version 6.40 PatchLevel 100627.313 is starting...
Loading: LogManager ... 453 ms.
Loading: PoolManager ... 0 ms.
Loading: ApplicationThreadManager ... 94 ms.
Loading: ThreadManager ... 31 ms.
Loading: IpVerificationManager ... 0 ms.
Loading: ClassLoaderManager ... 16 ms.
Loading: ClusterManager ... 219 ms.
Loading: LockingManager ... 93 ms.
Loading: ConfigurationManager ... 1502 ms.
Loading: LicensingManager ... 31 ms.
Loading: ServiceManager ...
6.226: [GC 6.226: [ParNew: 87040K->8544K(130560K), 0.0628724 secs] 87040K->8544K(1005056K), 0.0629982 secs]
Loading services.:
Service memory started. (16 ms).
Service cross started. (15 ms).
Service file started. (78 ms).
Service timeout started. (32 ms).
Service runtimeinfo started. (15 ms).
Service userstore started. (63 ms).
Service trex.service started. (94 ms).
Service jmx_notification started. (63 ms).
Service p4 started. (235 ms).
Service classpath_resolver started. (15 ms).
10.537: [GC 10.537: [ParNew: 95584K->16246K(130560K), 0.0776272 secs] 95584K->16246K(1005056K), 0.0777727 secs]
Service deploy started. (3926 ms).
Service log_configurator started. (4363 ms).
Service locking started. (0 ms).
Service http started. (172 ms).
Service naming started. (203 ms).
Service failover started. (78 ms).
Service appclient started. (110 ms).
Service javamail started. (140 ms).
Service jmsconnector started. (140 ms).
Service ts started. (125 ms).
Service licensing started. (16 ms).
Service connector started. (188 ms).
Service configuration started. (31 ms).
service MobileSetupGeneration ================= ERROR =================
Service MobileArchiveContainer started. (78 ms).
Service webservices started. (470 ms).
Service dbpool started. (1172 ms).
13.195: [GC 13.196: [ParNew: 103286K->20423K(130560K), 0.0478316 secs] 103286K->20423K(1005056K), 0.0489244 secs]
Service com.sap.security.core.ume.service started. (2596 ms).
Service security started. (2471 ms).
Service classload started. (78 ms).
Service applocking started. (141 ms).
Service shell started. (188 ms).
Service tceCATTPingservice started. (32 ms).
Service telnet started. (63 ms).
18.218: [GC 18.218: [ParNew: 107463K->25937K(130560K), 0.0545612 secs] 107463K->25937K(1005056K), 0.0546428 secs]
Service webdynpro started. (203 ms).
Service ejb started. (532 ms).
Service dsr started. (172 ms).
Service keystore started. (485 ms).
Service ssl started. (16 ms).
Service servlet_jsp started. (704 ms).
Service tcsecsecurestorage~service started. (63 ms).
Service jmx started. (391 ms).
Service tclmctcculculservice_sda started. (0 ms).
Service rfcengine started. (656 ms).
Service tcsecwssec~service started. (469 ms).
Service apptracing started. (360 ms).
19.355: [GC 19.355: [ParNew: 112977K->42681K(130560K), 0.0844669 secs] 112977K->47563K(1005056K), 0.0845476 secs]
Service tcsecdestinations~service started. (907 ms).
Service basicadmin started. (860 ms).
Service adminadapter started. (297 ms).
Service pmi started. (312 ms).
Service tclmctcculservice_sda started. (1251 ms).
Service tcsecvsi~service started. (438 ms).
Service monitor started. (407 ms).
Service sld started. (1721 ms).
20.296: [GC 20.296: [ParNew: 129721K->39952K(130560K), 0.1028212 secs] 134603K->50894K(1005056K), 0.1028881 secs]
Service tc.monitoring.logviewer started. (1704 ms).
21.584: [GC 21.584: [ParNew: 126992K->40823K(130560K), 0.0664458 secs] 137934K->58110K(1005056K), 0.0665026 secs]
Service jms_provider started. (3518 ms).
Service com.sap.aii.af.cpa.svc started. (2033 ms).
Service com.sap.aii.af.security.service started. (16 ms).
Service com.sap.aii.af.svc started. (157 ms).
22.873: [GC 22.873: [ParNew: 127863K->43238K(130560K), 0.0574693 secs] 145150K->65266K(1005056K), 0.0575210 secs]
Service com.sap.aii.af.ms.svc started. (407 ms).
Service com.sap.aii.adapter.marketplace.svc started. (47 ms).
Service com.sap.aii.adapter.bc.svc started. (47 ms).
Service com.sap.aii.adapter.xi.svc started. (47 ms).
Service com.sap.aii.adapter.jms.svc started. (79 ms).
Service com.sap.aii.adapter.mail.svc started. (63 ms).
Service com.sap.aii.adapter.jdbc.svc started. (156 ms).
Service com.sap.aii.adapter.rfc.svc started. (219 ms).
Service com.sap.aii.af.ispeak.svc started. (313 ms).
Service com.sap.aii.adapter.file.svc started. (2315 ms).
ServiceManager started for 22082 ms.
Framework started for 24772 ms.
SAP J2EE Engine Version 6.40 PatchLevel 100627.313 is running!
PatchLevel 100627.313 December 14, 2005 20:06 GMT
>26.086: [GC 26.086: [ParNew: 130278K->23111K(130560K), 0.0693509 secs] 152306K->68371K(1005056K), 0.0694372 secs]
32.059: [GC 32.059: [ParNew: 110151K->34716K(130560K), 0.0419854 secs] 155411K->79975K(1005056K), 0.0420301 secs]
32.608: [GC 32.608: [ParNew: 121756K->43497K(130560K), 0.0827214 secs] 167015K->105659K(1005056K), 0.0827638 secs]
38.688: [GC 38.688: [ParNew: 130537K->39986K(130560K), 0.0525517 secs] 192699K->106409K(1005056K), 0.0526114 secs]
41.615: [GC 41.615: [ParNew: 127026K->32598K(130560K), 0.0467433 secs] 193449K->103188K(1005056K), 0.0467930 secs]
44.298: [GC 44.298: [ParNew: 119638K->34820K(130560K), 0.0430069 secs] 190228K->105410K(1005056K), 0.0432422 secs]
46.443: [GC 46.443: [ParNew: 121860K->39729K(130560K), 0.0498349 secs] 192450K->110319K(1005056K), 0.0499023 secs]
48.656: [GC 48.656: [ParNew: 126769K->36669K(130560K), 0.0625983 secs] 197359K->112667K(1005056K), 0.0626567 secs]
52.243: [GC 52.243: [ParNew: 123709K->39589K(130560K), 0.0477260 secs] 199707K->115587K(1005056K), 0.0477793 secs]
115.241: [GC 115.241: [ParNew: 126629K->37429K(130560K), 0.0553704 secs] 202627K->118544K(1005056K), 0.0554346 secs]
118.096: [GC 118.096: [ParNew: 124469K->40865K(130560K), 0.0504829 secs] 205584K->121980K(1005056K), 0.0505322 secs]
120.589: [GC 120.589: [ParNew: 127905K->37247K(130560K), 0.0578313 secs] 209020K->123954K(1005056K), 0.0578734 secs]
122.573: [GC 122.573: [ParNew: 124287K->39626K(130560K), 0.0534208 secs] 210994K->126333K(1005056K), 0.0534640 secs]
124.070: [GC 124.077: [ParNew: 126666K->35377K(130560K), 0.0626490 secs] 213373K->128235K(1005056K), 0.0627628 secs]
126.103: [GC 126.103: [ParNew: 122417K->37886K(130560K), 0.0485833 secs] 215275K->130744K(1005056K), 0.0486433 secs]
128.251: [GC 128.251: [ParNew: 124926K->41258K(130560K), 0.0482213 secs] 217784K->134115K(1005056K), 0.0482675 secs]
130.792: [GC 130.792: [ParNew:
Due to this i am not able to log in visual adminsitrator.Kindly advice me for the same.
Thanks in advance
VijayHello vamshi,
As you have suggeseted, I followed the notes and changed the following paramters.The system is 64bit and hence the values are adjusted according to the server.
-Djco.jarm=1
-Dsun.io.useCanonCaches=false
-Djava.awt.headless=true
-XX:SoftRefLRUPolicyMSPerMB=1
-verbose:gc
-XX:+PrintGCDetails
-XX:+PrintGCTimeStamps
-Xss2m
-Xms2048M
-Xmx2048M
-XX:MaxNewSize=320M
-XX:NewSize=320M
-XX:MaxPermSize=512M
-XX:PermSize=512M
-XX:SurvivorRatio=2
-XX:TargetSurvivorRatio=90
-XX:+UseParNewGC
-XX:+UseTLAB
-XX:+HeapDumpOnCtrlBreak
The heap size for java is 2048
But still i am getting the ping time out. Connection to server is lost.
Kindly let me know,
Regards
Vijay -
Security error in Visual Admin!
Hi Experts,
I've got the below error when I click on :
Visual Admin ---> Server --> Services ---> Security Provider ---> ticket
"Unable to update authentication stack for the selected configuration"
and I found this in DefaultTrace.trc file
"1.5 #001E0BBF78FC007900000020000017C4000453A8C918990F#1217884300281#com.sap.engine.services.security.authentication.logincontext#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#Guest#0##n/a##ee766e90626911dda03b001e0bbf78fc#SAPEngine_Application_Thread[impl:3]_6##0#0#Error##Plain###Cyclic dependency has been found for security policy configuration named: ticket#"
Any idea?
Thanks!
P.s.: I'm running EP7 SP15 , Windows 2003 server , Oracle 10.2.Hi
I activated the sap* user and now I can logon to my system and Visual administrator.
But I don't know what to modify about the SSO configuration.
The logs (when I started without the activation of sap*) shows:
#1.5^H#00000000000000500000002900002FA700045A7CBA7A30A6#1225391657856#com.sap.engine.services.security.resource.ResourceHandl
eImpl#sap.com/com.sap.engine.class.download#com.sap.engine.services.security.resource.ResourceHandleImpl#J2EE_GUEST#0##n/a##3
b73a600a6b111ddc302000000000000#SAPEngine_Application_Thread[impl:3]_13##0#0#Error#1#/System/Security/Audit/J2EE#Java###ACCES
S.ERROR: Authorization check for caller assignment to J2EE resource [ : : : ].#4#SAP-J2EE-Engine#session-pool#
get_session_pool#ALL#
#1.5^H#00000000000000500000002B00002FA700045A7CBA7A3282#1225391657857#com.sap.engine.services.security#sap.com/com.sap.engine
.class.download#com.sap.engine.services.security#J2EE_GUEST#0##n/a##3b73a600a6b111ddc302000000000000#SAPEngine_Application_Th
read[impl:3]_13##0#0#Error#1#/System/Security#Java#security_4041##Cannot get login modules.##
#1.5^H#00000000000000500000002C00002FA700045A7CBA7A34C4#1225391657858#com.sap.engine.services.security#sap.com/com.sap.engine
.class.download#com.sap.engine.services.security#J2EE_GUEST#0##n/a##3b73a600a6b111ddc302000000000000#SAPEngine_Application_Th
read[impl:3]_13##0#0#Error#1#/System/Audit#Java###Exception #1#com.sap.engine.services.security.exceptions.BaseSecurityExc
eption: Cannot get login modules.
at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginModules(AuthenticationContextImpl.java:1
68)
at com.sap.engine.services.servlets_jsp.server.servlet.PutProtectionFilter.ensureUploadRoleCreated(PutProtectionFilte
r.java:105)
at com.sap.engine.services.servlets_jsp.server.servlet.PutProtectionFilter.init(PutProtectionFilter.java:53)
at com.sap.engine.services.servlets_jsp.server.runtime.context.WebComponents.addFilter(WebComponents.java:198)
at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadInitializer.loadFilters(ApplicationThreadIn
itializer.java:292)
at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadInitializer.run(ApplicationThreadInitialize
r.java:107)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:627)
at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:513)
at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:119)
at com.sap.engine.services.security.server.AuthenticationContextImpl.getSessionPool(AuthenticationContextImpl.java:39
5)
at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContextFactory(AuthenticationContextImpl
.java:740)
at com.sap.engine.services.security.server.AuthenticationContextImpl.getAppConfigurationEntries(AuthenticationContext
Impl.java:751)
at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginModules(AuthenticationContextImpl.java:1
65)
... 9 more
Do you know what parameters or setting did I miss?
Thank you so much for your help !
Regards -
Security Provider for a web dynpro with tool Visual Administrator
Hello all,
after deploying successfully my web dynpro on the J2EE 7.0 WAS, I'm trying to set up authentication to it but I cannot find my applicaiton in the list of policy configurations of the Security Provider entry. When I try to add the path to my local web dynpro, the engine doesn't find it.
I have noticed that all other policy configurations reference a servlet_jsp application. Should I transform my web dynpro into a servlet_jsp? How do I do that?
Thanks for your input,
Tanguy MezzanoHello Marcel,
in fact, I don't succeed to redeploy with another provider name... I have undeployed my webdynpro with SDM on the Java stack, but from NWDS, when I change the application-j2ee-engine.xml and application.xml files, and that I rebuild the webdynpro, when I run and deploy, it always redeploys under the former provider: local.
When I create the application, I tell to use the existing component, should I select create a new one, but that means that I have to rebuild the whole application.
Will then the webdynpro be in the Security Provider list, so that I can configure it with http header?
Thx for your help,
Tanguy -
Fail to Configure Java Security Module. JPS-10902:Enrollment Server Error.
I am unable to configure my Java Security Module Client in Controlled Mode. Everytime, I attempt to run the config command, I get an JPS-10902:Enrollment Server Error.
Note that, while I run the configure Client command, the OES Administration Server is running on the same machine listening at 7002 with the default username password "weblogic/welcome1" (tested to work as expected on the Server console).
Any help on this issue is appreciated. Below are the values in the smconfig.prp file, the command at the console and the error message.
Values in the smconfig.java.controlled.prp:
==========================
oracle.security.jps.runtime.pd.client.policyDistributionMode=controlled-push
oracle.security.jps.runtime.pd.client.RegistrationServerHost=localhost [I also tried using my hostname]
oracle.security.jps.runtime.pd.client.RegistrationServerPort=7002
oracle.security.jps.runtime.pd.client.sm_name=MySM_Java
# >>>>>>>>>>>>OPTIONAL PARAMETERS<<<<<<<<<<<<<<<<<
# ------------ Only for Java SM, WS SM, and RMI SM in controlled-push mode --------------------
# port to listen for policy distribution. Picked automatically by SM config tool if not specified
#Port value set by Premal. It a random number
oracle.security.jps.runtime.pd.client.DistributionServicePort=
oracle.security.jps.runtime.pd.client.sm_type=java
The Config command issued at the console:
===========================
C:\Oracle\Middleware\oes_client\oessm\bin>config.cmd -smConfigId MySM_Java -prpFileName C:\Oracle\Middleware\oes_client\oessm\SMConfigTool\smconfig.java.controlled.prp
The resulting error message:
======================
C:\Oracle\Middleware\oes_client\oessm\bin>config.cmd -smConfigId MySM_Java -prpFileName C:\Oracle\Middleware\oes_clien
t\oessm\SMConfigTool\smconfig.java.controlled.prp
Configuring for Controlled Policy Distribution Mode
Security Module configuration is created at: C:\Oracle\MIDDLE~1\OES_CL~1\oes_sm_instances\MySM_Java_3
Enter password for key stores:
Enter password for key stores again:
Passwords are saved in credential store.
Keystores are initialized successfully.
Please enter a value for OES Admin Server User name:weblogic
Please enter a value for OES Admin Server Password:
Please re-enter a value for OES Admin Server Password:
oracle.security.jps.service.policystore.PolicyStoreException: JPS-10902: Enrollment server error.
at oracle.security.oes.enroll.EnrollmentClient.readFromSocket(EnrollmentClient.java:236)
at oracle.security.oes.enroll.EnrollmentClient.enroll(EnrollmentClient.java:166)
at oracle.security.oes.enroll.EnrollmentClient.main(EnrollmentClient.java:491)
at oracle.security.oes.tools.EnrollmentTool.doEnroll(EnrollmentTool.java:103)
at oracle.security.oes.tools.SMConfigTool.doEnrollment(SMConfigTool.java:610)
at oracle.security.oes.tools.SMConfigTool.run(SMConfigTool.java:381)
at oracle.security.oes.tools.SMConfigTool.main(SMConfigTool.java:346)
JPS-10902: Enrollment server error.
Enrollment is not proceeded successfully.Hi,
Perhaps oracle.oes.admin.enroll, oracle.oes.admin.psl.ssl are not successfully deployed to the admin server or both are not in active state.
Please try to redeploy the oracle.oes.admin.enroll, oracle.oes.admin.psl.ssl to the admin server, and make sure these two are active state. Then the SM couls be configured without issues hopefully.
Thanks,
Cris -
Failed to get configuration from secure gateway. Contact your system administrator.
I have an ASA 5515 running 9.1(1).
One of my customers is attempting to connect with AnyConnect 3.1.02040 and after authenticating, he gets the message
Failed to get configuration from secure gateway. Contact your system administrator.
I have about 100 other customers who have not had this issue and can connect fine.
Since it appears to be localized to his PC, he's uninstalled and reinstall the client, but to no avail. He's using Windows 7 Pro.
On the ASA, while he is attempting to connect, I see this:
15:48:04|302014|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Teardown TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 to identity:<<<ASA IP>>>/443 duration 0:00:00 bytes 8241 TCP Reset-I
14:48:04|725007|<<<REMOTE IP>>>|51032|||SSL session with client outside:<<<REMOTE IP>>>/51032 terminated.
14:48:04|113039|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> AnyConnect parent session started.
14:48:04|734001|||||DAP: User etpdeir, Addr <<<REMOTE IP>>>, Connection AnyConnect: The following DAP records were selected for this connection: DfltAccessPolicy
14:48:04|113008|||||AAA transaction status ACCEPT : user = etpdeir
14:48:04|113019|||||Group = ibmdtsc, Username = etpdeir, IP = 124.128.162.43, Session disconnected. Session Type: AnyConnect-Parent, Duration: 0h:41m:41s, Bytes xmt: 885580, Bytes rcv: 1343, Reason: Connection Preempted
14:48:04|716002|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> WebVPN session terminated: Connection Preempted.
14:48:04|113009|||||AAA retrieved default group policy (GroupPolicy_AnyConnect) for user = etpdeir
14:48:04|113004|||||AAA user authentication Successful : server = 172.29.128.126 : user = etpdeir
14:48:04|725002|<<<REMOTE IP>>>|51032|||Device completed SSL handshake with client outside:<<<REMOTE IP>>>/51032
14:48:03|725001|<<<REMOTE IP>>>|51032|||Starting SSL handshake with client outside:<<<REMOTE IP>>>/51032 for TLSv1 session.
15:48:03|302013|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Built inbound TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 (<<<REMOTE IP>>>/51032) to identity:<<<ASA IP>>>/443 (<<<ASA IP>>>/443)
Any ideas?i had this problem. for me the cause had to do with internet explorer TLS settings.
in IE8 go to tools, internet options, advanced and under security I had to make sure Use TLS 1.0 was checked (only Use SSL 3.0 and Use TLS 1.1 were checked. I left them checked.). -
While upgrading oim 11gr1 toR2 problem with configuration of security store
/hae/idmt/as/mw/iam/oracle_common/common/bin/wlst.sh Info: DB JDBC driver: oracle.jdbc.OracleDriver
Info: DB JDBC URL: jdbc:oracle:thin:@haeidmdb01.dataintensity.com:1521/HAEIDMT
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely
Jan 3, 2013 6:37:28 PM oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator schemaCompatibleHandler
INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.5.0 is compatible to the seed schema version 11.1.1.4.0
WLS ManagedService is not up running. Fall back to use system properties for configuration.
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done
Exception in thread "main" java.lang.RuntimeException: JPS-10000: There was an internal error in the policy store.
oracle.security.jps.internal.api.common.JpsCredentialStoreLdapNodeCreationException: JPS-10000: There was an internal error in the policy store.
at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.createJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:300)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:98)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator.migrateData(LdapCredStoreServiceConfigurator.java:64)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.runConfiguration(LdapServiceEnabler.java:441)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.configureCredentialStoreService(LdapServiceEnabler.java:221)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.configureSecurityServices(LdapServiceEnabler.java:160)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.main(LdapServiceEnabler.java:119)
Caused by: oracle.security.jps.service.policystore.PolicyStoreConnectivityException: JPS-10000: There was an internal error in the policy store.
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.handleRollbackException(JpsDBDataManager.java:1274)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.internalCommitTxn(JpsDBDataManager.java:1437)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commitTransactionInDoAs(JpsDBDataManager.java:1404)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commitTransaction(JpsDBDataManager.java:1395)
at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.createJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:293)
... 6 more
Caused by: javax.persistence.RollbackException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (TEST_OPSS.IDX_JPS_RDN_PDN) violated
Error Code: 1
Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
bind => [3 parameters bound]
Query: InsertObjectQuery(EntryId=5037:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=jpscontext,cn=iam,: JpsStore Entry={[EntryId = 5037:Attribute RowId = 5292
dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 5037:Attribute RowId = 5293
objectclass = top, EntryId = 5037:Attribute RowId = 5294
objectclass = orclContainer, EntryId = 5037:Attribute RowId = 5295
cn = CredentialStore]})
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commitInternal(EntityTransactionImpl.java:102)
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commit(EntityTransactionImpl.java:63)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager$7.run(JpsDBDataManager.java:1416)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.internalCommitTxn(JpsDBDataManager.java:1421)
... 9 more
Caused by: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (TEST_OPSS.IDX_JPS_RDN_PDN) violated
Error Code: 1
Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
bind => [3 parameters bound]
Query: InsertObjectQuery(EntryId=5037:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=jpscontext,cn=iam,: JpsStore Entry={[EntryId = 5037:Attribute RowId = 5292
dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 5037:Attribute RowId = 5293
objectclass = top, EntryId = 5037:Attribute RowId = 5294
objectclass = orclContainer, EntryId = 5037:Attribute RowId = 5295
cn = CredentialStore]})
at org.eclipse.persistence.exceptions.DatabaseException.sqlException(DatabaseException.java:324)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeDirectNoSelect(DatabaseAccessor.java:840)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeNoSelect(DatabaseAccessor.java:906)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:592)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:535)
at org.eclipse.persistence.internal.sessions.AbstractSession.basicExecuteCall(AbstractSession.java:1717)
at org.eclipse.persistence.sessions.server.ClientSession.executeCall(ClientSession.java:253)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:207)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:193)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.insertObject(DatasourceCallQueryMechanism.java:342)
at org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:162)
at org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:177)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.insertObjectForWrite(DatabaseQueryMechanism.java:472)
at org.eclipse.persistence.queries.InsertObjectQuery.executeCommit(InsertObjectQuery.java:80)
at org.eclipse.persistence.queries.InsertObjectQuery.executeCommitWithChangeSet(InsertObjectQuery.java:90)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.executeWriteWithChangeSet(DatabaseQueryMechanism.java:287)
at org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery(WriteObjectQuery.java:58)
at org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.java:844)
at org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(DatabaseQuery.java:743)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:108)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWork(ObjectLevelModifyQuery.java:85)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExecuteQuery(UnitOfWorkImpl.java:2871)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1516)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1498)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1449)
at org.eclipse.persistence.internal.sessions.CommitManager.commitNewObjectsForClassWithChangeSet(CommitManager.java:224)
at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsForClassWithChangeSet(CommitManager.java:191)
at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsWithChangeSet(CommitManager.java:136)
at org.eclipse.persistence.internal.sessions.AbstractSession.writeAllObjectsWithChangeSet(AbstractSession.java:3799)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabase(UnitOfWorkImpl.java:1415)
at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.commitToDatabase(RepeatableWriteUnitOfWork.java:636)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabaseWithChangeSet(UnitOfWorkImpl.java:1505)
at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.commitRootUnitOfWork(RepeatableWriteUnitOfWork.java:267)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitAndResume(UnitOfWorkImpl.java:1143)
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commitInternal(EntityTransactionImpl.java:84)
... 12 more
Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (TEST_OPSS.IDX_JPS_RDN_PDN) violated
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:396)
at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:879)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:207)
at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedStatement.java:1044)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1329)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3593)
at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3674)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(OraclePreparedStatementWrapper.java:1354)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeDirectNoSelect(DatabaseAccessor.java:831)
... 45 more
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.throwExceptionWithStackTrace(LdapServiceEnabler.java:135)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.main(LdapServiceEnabler.java:127)
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - failed JPS-10000: There was an internal error in the policy store.
Error: Failed to initialize security store.
Error: Create operation has failed.Hi Pratheek,
Are you able to upgrade from 11gR1 to R2 ? .We tried upgrading but struck up with an issue.Thanks in advance. -
Please help with Configuring Database Security Store
Here's the error i get....
Any ideas?
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Info: Data source is: opss-DBDS
WLS ManagedService is not up running. Fall back to use system properties for con
figuration.
Info: DB JDBC driver: oracle.jdbc.OracleDriver
Info: DB JDBC URL: jdbc:oracle:thin:@localhost:1521/idgov
Connected:oracle.jdbc.driver.T4CConnection@21bce8d
Disconnect:oracle.jdbc.driver.T4CConnection@21bce8d
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvide
r". OpenJPA will not be used.
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkSe
rviceSetup - done
Aug 13, 2013 8:47:47 PM oracle.security.jps.internal.config.ldap.LdapCredStoreSe
rviceConfigurator schemaCompatibleHandler
INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.
6.0 is compatible to the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkSe
rviceSchema - Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateS
erviceConfiguration - done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] seedSch
emaAndCreateDIT - failed JPS-10000: There was an internal error in the policy st
ore.
Exception in thread "Main Thread" java.lang.RuntimeException: JPS-10000: There w
as an internal error in the policy store.
oracle.security.jps.internal.api.common.JpsCredentialStoreLdapNodeCreationExcept
ion: JPS-10000: There was an internal error in the policy store.
at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:303)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:114)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.runConfiguration(LdapServiceEnabler.java:448)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureCredentialStoreService(LdapServiceEnabler.java:233)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureSecurityServices(LdapServiceEnabler.java:171)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.main(LdapServiceEnabler.java:129)
Caused by: oracle.security.jps.service.policystore.PolicyStoreConnectivityExcept
ion: JPS-10000: There was an internal error in the policy store.
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.handl
eRollbackException(JpsDBDataManager.java:1345)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.inter
nalCommitTxn(JpsDBDataManager.java:1508)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
tTransactionInDoAs(JpsDBDataManager.java:1475)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
tTransaction(JpsDBDataManager.java:1466)
at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:296)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:113)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.runConfiguration(LdapServiceEnabler.java:447)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureCredentialStoreService(LdapServiceEnabler.java:232)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureSecurityServices(LdapServiceEnabler.java:170)
... 1 more
Caused by: javax.persistence.RollbackException: Exception [EclipseLink-4002] (Ec
lipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.ex
ceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001
: unique constraint (DEV20_OPSS.IDX_JPS_RDN_PDN) violated
Error Code: 1
Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
bind => [3 parameters bound]
Query: InsertObjectQuery(EntryId=11437:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=
jpscontext,cn=iam,: JpsStore Entry={[EntryId = 11437:Attribute RowId = 45348
dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 11437:Attribu
te RowId = 45349
objectclass = top, EntryId = 11437:Attribute RowId = 45350
objectclass = orclContainer, EntryId = 11437:Attribute RowId = 45351
cn = CredentialStore]})
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
l.commitInternal(EntityTransactionImpl.java:102)
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
l.commit(EntityTransactionImpl.java:63)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager$8.run
(JpsDBDataManager.java:1488)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.inter
nalCommitTxn(JpsDBDataManager.java:1492)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
tTransactionInDoAs(JpsDBDataManager.java:1476)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
tTransaction(JpsDBDataManager.java:1466)
at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:297)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:114)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.runConfiguration(LdapServiceEnabler.java:448)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureCredentialStoreService(LdapServiceEnabler.java:233)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureSecurityServices(LdapServiceEnabler.java:171)
... 1 more
Caused by: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v2
0111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001
: unique constraint (DEV20_OPSS.IDX_JPS_RDN_PDN) violated
Error Code: 1
Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
bind => [3 parameters bound]
Query: InsertObjectQuery(EntryId=11437:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=
jpscontext,cn=iam,: JpsStore Entry={[EntryId = 11437:Attribute RowId = 45348
dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 11437:Attribu
te RowId = 45349
objectclass = top, EntryId = 11437:Attribute RowId = 45350
objectclass = orclContainer, EntryId = 11437:Attribute RowId = 45351
cn = CredentialStore]})
at org.eclipse.persistence.exceptions.DatabaseException.sqlException(Dat
abaseException.java:324)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
uteDirectNoSelect(DatabaseAccessor.java:840)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
uteNoSelect(DatabaseAccessor.java:906)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basi
cExecuteCall(DatabaseAccessor.java:592)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
uteCall(DatabaseAccessor.java:535)
at org.eclipse.persistence.internal.sessions.AbstractSession.basicExecut
eCall(AbstractSession.java:1717)
at org.eclipse.persistence.sessions.server.ClientSession.executeCall(Cli
entSession.java:253)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism
.executeCall(DatasourceCallQueryMechanism.java:207)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism
.executeCall(DatasourceCallQueryMechanism.java:193)
at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism
.insertObject(DatasourceCallQueryMechanism.java:342)
at org.eclipse.persistence.internal.queries.StatementQueryMechanism.inse
rtObject(StatementQueryMechanism.java:162)
at org.eclipse.persistence.internal.queries.StatementQueryMechanism.inse
rtObject(StatementQueryMechanism.java:177)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.inser
tObjectForWrite(DatabaseQueryMechanism.java:472)
at org.eclipse.persistence.queries.InsertObjectQuery.executeCommit(Inser
tObjectQuery.java:80)
at org.eclipse.persistence.queries.InsertObjectQuery.executeCommitWithCh
angeSet(InsertObjectQuery.java:90)
at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.execu
teWriteWithChangeSet(DatabaseQueryMechanism.java:287)
at org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery
(WriteObjectQuery.java:58)
at org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.j
ava:844)
at org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(Dat
abaseQuery.java:743)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitO
fWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:108)
at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitO
fWork(ObjectLevelModifyQuery.java:85)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExec
uteQuery(UnitOfWorkImpl.java:2871)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuer
y(AbstractSession.java:1516)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuer
y(AbstractSession.java:1498)
at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuer
y(AbstractSession.java:1449)
at org.eclipse.persistence.internal.sessions.CommitManager.commitNewObje
ctsForClassWithChangeSet(CommitManager.java:224)
at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObje
ctsForClassWithChangeSet(CommitManager.java:191)
at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObje
ctsWithChangeSet(CommitManager.java:136)
at org.eclipse.persistence.internal.sessions.AbstractSession.writeAllObj
ectsWithChangeSet(AbstractSession.java:3799)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToData
base(UnitOfWorkImpl.java:1415)
at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.c
ommitToDatabase(RepeatableWriteUnitOfWork.java:636)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToData
baseWithChangeSet(UnitOfWorkImpl.java:1505)
at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.c
ommitRootUnitOfWork(RepeatableWriteUnitOfWork.java:267)
at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitAndRes
ume(UnitOfWorkImpl.java:1143)
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
l.commitInternal(EntityTransactionImpl.java:84)
at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
l.commit(EntityTransactionImpl.java:63)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager$8.run
(JpsDBDataManager.java:1487)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.inter
nalCommitTxn(JpsDBDataManager.java:1492)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
tTransactionInDoAs(JpsDBDataManager.java:1475)
at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
tTransaction(JpsDBDataManager.java:1466)
at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:296)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:113)
at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.runConfiguration(LdapServiceEnabler.java:447)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureCredentialStoreService(LdapServiceEnabler.java:232)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.configureSecurityServices(LdapServiceEnabler.java:170)
... 1 more
Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique
constraint (DEV20_OPSS.IDX_JPS_RDN_PDN) violated
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:396)
at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:879)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.
java:207)
at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedSta
tement.java:1044)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStateme
nt.java:1329)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePrep
aredStatement.java:3593)
at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePrepar
edStatement.java:3674)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(Oracl
ePreparedStatementWrapper.java:1354)
at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
uteDirectNoSelect(DatabaseAccessor.java:831)
... 45 more
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.throwExceptionWithStackTrace(LdapServiceEnabler.java:145)
at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
ler.main(LdapServiceEnabler.java:137)
Error: Failed to initialize security store.
Error: Create operation has failed.
C:\Oracle\IDGMiddleware\oracle_common\common\bin>Try to configure the policy store with different ID (highlighted in the below command)
./wlst.sh <Oracle_IDM1_Home>/common/tools/configureSecurityStore.py -d <WLS_Domain>/OAM_domain -c IAM -p <Password> -m create
OR
Reinstall the RCU and try to configure the policy store. -
Error in security provider logon stack: no logon to visual administrator
Probably i made a mistake in configuring SAP-J2EE-Engine security provider login modules.
Now i cannot logon to Visual Administrator, it tells me
"Error while connecting
com.sap.engine.services.security.exceptions.BaseLoginException: Access Denied."
Is there a way to reset login module stack from configtool or in some config file?
Many thanks in advance.
Simone ZaffalonHi
you can configure your login stack configuration using config tool. Config tool works locally against the server's database, thus no authentication is required.
1. Be sure that your server is not running! (shutdown SAP J2EE processes)
2. Launch config tool ("use default db settings").
3. switch to configuration editor mode (the most-right icon in the icon toolbar)
4. navigate to security-->configurations
Here you find your logon stacks and the login modules contained within them. Click on the "pencil" icon for changing your current configuration.
See the thread below .It will resolve your issue
Unable to access Visual Admin
Points are welcome if it is helpful
Koti Reddy -
Configuring ADF Security to use LDAP
HI All
We are building an application which is secured using SSO authentication. We have an LDAP setup for this.
During development, we wanted to configure LDAP in ADF Security Wizard in Jdeveloper for authentication. I tried the following in ADF Security Wizard in the 10 steps of the wizard:
1) Configure ADF for Web Application, enforce Authorization
2) Enable Credential Store
3) No Policy Store
4) LDAP Identity Store
5) Enter LDAP credentials, LdAp URL, user base
6) No Anonymous Provider
7) Did not select any login module
8) Form Based Authentication, generate default
9) Added pages that need to be secured
10) Finish
The login page is rendered whenever i try to access a protected page. But when I enter the LDAP user credentials for login, it does not work. It says "You are not authorized to view this page".
Is there anything missing in the setup that is causing the issue. Any pointers on this would be helpful.
Thanks
Srinidhi.Hi,
note that there don't exist documentation for configuring ADF Security in JDeveloper 11 with LDAP. In general, ADF Security in JDeveloper 11 is not yet ready for SSO and LDAP testings and still is under development. Note that LDAP authentication - as container managed authentication - is configured in the jps-config.xml file of the deployed application. However, as said, its not documented and would be just too much at this point to put into a forum answer
Frank
Maybe you are looking for
-
I Can't get it to work!!!!
I'm just frustrated... Why will my nano not play m4p files? I have latest nano software (v1.1) and iTunes (6.0.2). Every time I try to put a song I downloaded from iTune MS (m4p file) I get an error to update my nano. Nano can't update cause its the
-
Itunes is saying its waiting on the Iphone and I have left it for over 2 hours, what do I do?
-
Saving files as .jpg, not .eps?
I've moved up from CS5 to 6. Always before able to save images as .jpg. Now on 6, files are saved as .eps? Why is that and how can I save as .jpg instead?
-
how we can show the following data in a flex tree (without having any label field) ? <?xml version="1.0"?> <rootNode> <childNode> < subchildNode > <valueNode>1000</valueNode > < valueNode >999-888-777</
-
Is it possible to action scale an image while keeping it inside its mask? I have several images on a slide and I want to zoom in to one of the slides, but the mask doesn't apply to the image once it scales up. I tried selecting the scaled up image,