Lost policy configurations in Security proivder  in Visual Administrator

Hi Portal Gurus,
I lost Polcy Configurations in Security Provider service in Visual Administrator.Now Iam not able to login to Visual Administrator its giving an error.But portal is up and running .when I check in visualadminconsole log saying "logon module not suceeded"
Is there anyway to recover Policy configuration ?
Regards
Tami

Pl follow the steps given in the below link.
Thanks,
Vuthpala
[[http://help.sap.com/saphelp_nw70/helpdata/en/7f/c52442ad9f5133e10000000a155106/frameset.htm]]

Similar Messages

  • Configure Memory Info service in Visual Administrator

    Hello All,
    I need to configure Memory Info service in Visual Administrator.
    I am looking for a service/tool which will give me a summary of used/free and total memory in portal.
    Ive read a little about Memory Info service and i think this will help me fulfill my requirement.
    1. If you know of any other tool which will help me in my requirement, please give details.
    2. Please guide me to configure Memory Info Service in Visual Admin. Currently its appears as its not configured. When I right click on it, the Start and Stop commands in the context menu are disabled.
    Awaiting Reply.
    Regards,
    Ritu

    Hello Detlev,
    In the Visual Administrator, there are few services like:
    1.Memory Info - The context menu for Start / Stop is greyed out.
    How can I start this service?
    Referring to your reply above, could you please be little more explicit.
    2. Message Info  - enabled.
    3. Monitoring - enabled.
    Awaiting Reply.
    Regards,
    Ritu

  • Missing Security Provider in Visual Administrator

    Hi there,
    I'm missing the service "Security Provider" in the Visual Administrator. There is only the service "Security", but it's not the same like "Security Provider". I need this service, because I try to run the Adobe Document Server on our Solution Manager.
    Can anybody help me?
    Thanks and best regards,
    Max

    Hi,
    @ Sneha: yes, it's strange and I've checked all instances.
    @ Tom: .. some information about the sap system:
    - OS: AIX 6.1
    - Component version: SAP EHP 1 for SAP Solution Manager 7.0
    - SP: 24
    I've followed this path:
    --> cluster data -> instance_idxx -> server_idxx -> services ...
    but I have also checked the following paths:
    --> Global disptacher configuration -> services ....
    --> Global server configuration -> services ...
    I can only find the services security .. but this doesn't help me
    Thanks for your answers.
    Best regards,
    Max

  • Remoteaccess to Visual Administrator

    Hello,
    we have a Portal 7.0 and a lot of consultants have installed the visual binaries on their pc and are now able to configure/change things in the visual administrator. For production system we are planning to reduce this access. Can someone tell me with role/authorization you need to access the visual administrator? Is it possible change the security in the way, that no remote login is allowed?
    Thanks
    Alexander

    Hi,
    1. If your visual administrator (P4 Port) is accessable and not protected by any firewall you will not be able to restrict the physical access from outside. This access should only be possible from within your company network so I guess all the consultants who are accessing the J2EE using a local visual admin are located on the internal network and have a direct TCP Connection to the engine. If you know the IPs restrict the access using a firewall or just allow the access from a couple of hosts (e.g only yours) This only works if you have a static IP or if you can make sure that if you are using DHCP the DHCP Server always assigns the same address to your machine
    2. Let's assume you are not able to restrict the physical access to the engine than you can still restrict the access on a user base. In order to access the Administration you have to be aware of any user within the j2ee who has appropriate administration rights (e.g. the Administrator user)
    If the consultants know the Administrator password you should change it using the configtool (modify the password in secure store etc.)
    If they have personalized users than just remove all the administration rights. Without administration rights a user is not able to access the J2EE Administration (You will get an error message in the status bar saying "Error while connecting")
    Cheers
    Marcel

  • NWA 7.3 : Looking for "security roles" (Policy Configuration) ...

    Hi guys,
    We deployed a simple application in our new SAP NW 7.3 JAVA instance; by calling the application, we receive "error 403 : Error: You are not authorized to view the requested resource."; this was fixed wihtin NW 7.x by adding a user/group within security roles of the selected component ( Visual Admin => Security Provider => Policy Configurations => select component and than security roles );
    where to do this within NWA 7.3 ?
    any ideas;
    Thanks
    Oliver

    Hi Oliver,
    Procedure
      Start SAP NetWeaver Administrator with the quick link /nwa/auth.
      Choose Components.
      Select a policy configuration.
      On the Authentication Stack tab, choose the Edit pushbutton.
      Determine if you want to use an existing template or if you want to change the policy configuration of the current component. 
    To use an existing template, select a template from the Used Template field.
    For authscheme references, select a template from Used Authscheme.
    The component uses the settings and authentication stack from the template. To edit these settings, edit the settings of the policy configuration template. To create a new template, see Creating Authentication Stack Templates for Policy Configurations.
      To change the policy configuration of the current component, do the following: 
    Add and remove login modules as required.
    The system applies the login modules in the order they appear in the list.
      Set a processing flag for each login module. 
    For more information about login module flags, see Policy Configurations and Authentication Stacks.
      Add and remove any options to the login modules.
      Set the authentication stack parameters according to the type of policy configuration. 
    Please,go through below help file
    http://help.sap.com/saphelp_nw73/helpdata/en/4a/734e26fa92731fe10000000a42189c/frameset.htm
    Cheers
    Revanth Pasupuleti

  • Order of Security Policy Configuration

    Hi,
    I want to change the order of the Policy Configuration so that my CustomLoginModule is checked before the others.
    Can i do that without removing all others and adding them again one after another?
    Greetings,
    Marius

    heres a helpfull url http://java.sun.com/j2se/1.3/docs/guide/security/PolicyFiles.html#DefaultLocs

  • Ping time out, server connection is lost in visual administrator after java

    Dear all,
    Recently I have done system copy for XI system. I have imported the java import after importing  the abap stack into the target system as java add in abap.The import phase finished successfully and java engine is also working well.
    I have confirmed this by moving to the browser page  " http://hostname:50000/ and XI system  http://hostname:50000/rep ". Everything is working fine and in MMC console as well.
    But while trying to log in to visual administrator i am getting the error message as " ping time out,connection to server is lost "
    std_serverout.log
    unrecoverable stack overflow has occurred.
    An unexpected error has been detected by HotSpot Virtual Machine:
    EXCEPTION_STACK_OVERFLOW (0xc00000fd) at pc=0x00000000080e3c66, pid=2940, tid=928
    Java VM: Java HotSpot(TM) 64-Bit Server VM (1.4.2_16-b05 mixed mode)
    Problematic frame:
    V  [jvm.dll+0xe3c66]
    An error report file with more information is saved as hs_err_pid2940.log
    stdout/stderr redirect
    node name   : server0
    pid         : 3060
    system name : XIT
    system nr.  : 03
    started at  : Tue Feb 17 18:42:50 2009
    CompilerOracle: exclude com/sapportals/portal/pb/layout/taglib/ContainerTag addIviewResources
    CompilerOracle: exclude com/sap/engine/services/keystore/impl/security/CodeBasedSecurityConnector getApplicationDomain
    CompilerOracle: exclude com/sap/engine/services/rmi_p4/P4StubSkeletonGenerator generateStub
    CompilerOracle: exclude com/sapportals/portal/prt/util/StringUtils escapeToJS
    CompilerOracle: exclude com/sapportals/portal/prt/core/broker/PortalServiceItem startServices
    CompilerOracle: exclude com/sap/engine/services/webservices/server/deploy/WSConfigurationHandler downloadFile
    CompilerOracle: exclude com/sapportals/portal/prt/jndisupport/util/AbstractHierarchicalContext lookup
    SAP J2EE Engine Version 6.40   PatchLevel 100627.313 is starting...
    Loading: LogManager ... 453 ms.
    Loading: PoolManager ... 0 ms.
    Loading: ApplicationThreadManager ... 94 ms.
    Loading: ThreadManager ... 31 ms.
    Loading: IpVerificationManager ... 0 ms.
    Loading: ClassLoaderManager ... 16 ms.
    Loading: ClusterManager ... 219 ms.
    Loading: LockingManager ... 93 ms.
    Loading: ConfigurationManager ... 1502 ms.
    Loading: LicensingManager ... 31 ms.
    Loading: ServiceManager ...
    6.226: [GC 6.226: [ParNew: 87040K->8544K(130560K), 0.0628724 secs] 87040K->8544K(1005056K), 0.0629982 secs]
    Loading services.:
      Service memory started. (16 ms).
      Service cross started. (15 ms).
      Service file started. (78 ms).
      Service timeout started. (32 ms).
      Service runtimeinfo started. (15 ms).
      Service userstore started. (63 ms).
      Service trex.service started. (94 ms).
      Service jmx_notification started. (63 ms).
      Service p4 started. (235 ms).
      Service classpath_resolver started. (15 ms).
    10.537: [GC 10.537: [ParNew: 95584K->16246K(130560K), 0.0776272 secs] 95584K->16246K(1005056K), 0.0777727 secs]
      Service deploy started. (3926 ms).
      Service log_configurator started. (4363 ms).
      Service locking started. (0 ms).
      Service http started. (172 ms).
      Service naming started. (203 ms).
      Service failover started. (78 ms).
      Service appclient started. (110 ms).
      Service javamail started. (140 ms).
      Service jmsconnector started. (140 ms).
      Service ts started. (125 ms).
      Service licensing started. (16 ms).
      Service connector started. (188 ms).
      Service configuration started. (31 ms).
      service MobileSetupGeneration ================= ERROR =================
      Service MobileArchiveContainer started. (78 ms).
      Service webservices started. (470 ms).
      Service dbpool started. (1172 ms).
    13.195: [GC 13.196: [ParNew: 103286K->20423K(130560K), 0.0478316 secs] 103286K->20423K(1005056K), 0.0489244 secs]
      Service com.sap.security.core.ume.service started. (2596 ms).
      Service security started. (2471 ms).
      Service classload started. (78 ms).
      Service applocking started. (141 ms).
      Service shell started. (188 ms).
      Service tceCATTPingservice started. (32 ms).
      Service telnet started. (63 ms).
    18.218: [GC 18.218: [ParNew: 107463K->25937K(130560K), 0.0545612 secs] 107463K->25937K(1005056K), 0.0546428 secs]
      Service webdynpro started. (203 ms).
      Service ejb started. (532 ms).
      Service dsr started. (172 ms).
      Service keystore started. (485 ms).
      Service ssl started. (16 ms).
      Service servlet_jsp started. (704 ms).
      Service tcsecsecurestorage~service started. (63 ms).
      Service jmx started. (391 ms).
      Service tclmctcculculservice_sda started. (0 ms).
      Service rfcengine started. (656 ms).
      Service tcsecwssec~service started. (469 ms).
      Service apptracing started. (360 ms).
    19.355: [GC 19.355: [ParNew: 112977K->42681K(130560K), 0.0844669 secs] 112977K->47563K(1005056K), 0.0845476 secs]
      Service tcsecdestinations~service started. (907 ms).
      Service basicadmin started. (860 ms).
      Service adminadapter started. (297 ms).
      Service pmi started. (312 ms).
      Service tclmctcculservice_sda started. (1251 ms).
      Service tcsecvsi~service started. (438 ms).
      Service monitor started. (407 ms).
      Service sld started. (1721 ms).
    20.296: [GC 20.296: [ParNew: 129721K->39952K(130560K), 0.1028212 secs] 134603K->50894K(1005056K), 0.1028881 secs]
      Service tc.monitoring.logviewer started. (1704 ms).
    21.584: [GC 21.584: [ParNew: 126992K->40823K(130560K), 0.0664458 secs] 137934K->58110K(1005056K), 0.0665026 secs]
      Service jms_provider started. (3518 ms).
      Service com.sap.aii.af.cpa.svc started. (2033 ms).
      Service com.sap.aii.af.security.service started. (16 ms).
      Service com.sap.aii.af.svc started. (157 ms).
    22.873: [GC 22.873: [ParNew: 127863K->43238K(130560K), 0.0574693 secs] 145150K->65266K(1005056K), 0.0575210 secs]
      Service com.sap.aii.af.ms.svc started. (407 ms).
      Service com.sap.aii.adapter.marketplace.svc started. (47 ms).
      Service com.sap.aii.adapter.bc.svc started. (47 ms).
      Service com.sap.aii.adapter.xi.svc started. (47 ms).
      Service com.sap.aii.adapter.jms.svc started. (79 ms).
      Service com.sap.aii.adapter.mail.svc started. (63 ms).
      Service com.sap.aii.adapter.jdbc.svc started. (156 ms).
      Service com.sap.aii.adapter.rfc.svc started. (219 ms).
      Service com.sap.aii.af.ispeak.svc started. (313 ms).
      Service com.sap.aii.adapter.file.svc started. (2315 ms).
    ServiceManager started for 22082 ms.
    Framework started for 24772 ms.
    SAP J2EE Engine Version 6.40   PatchLevel 100627.313 is running!
    PatchLevel 100627.313 December 14, 2005 20:06 GMT
    >26.086: [GC 26.086: [ParNew: 130278K->23111K(130560K), 0.0693509 secs] 152306K->68371K(1005056K), 0.0694372 secs]
    32.059: [GC 32.059: [ParNew: 110151K->34716K(130560K), 0.0419854 secs] 155411K->79975K(1005056K), 0.0420301 secs]
    32.608: [GC 32.608: [ParNew: 121756K->43497K(130560K), 0.0827214 secs] 167015K->105659K(1005056K), 0.0827638 secs]
    38.688: [GC 38.688: [ParNew: 130537K->39986K(130560K), 0.0525517 secs] 192699K->106409K(1005056K), 0.0526114 secs]
    41.615: [GC 41.615: [ParNew: 127026K->32598K(130560K), 0.0467433 secs] 193449K->103188K(1005056K), 0.0467930 secs]
    44.298: [GC 44.298: [ParNew: 119638K->34820K(130560K), 0.0430069 secs] 190228K->105410K(1005056K), 0.0432422 secs]
    46.443: [GC 46.443: [ParNew: 121860K->39729K(130560K), 0.0498349 secs] 192450K->110319K(1005056K), 0.0499023 secs]
    48.656: [GC 48.656: [ParNew: 126769K->36669K(130560K), 0.0625983 secs] 197359K->112667K(1005056K), 0.0626567 secs]
    52.243: [GC 52.243: [ParNew: 123709K->39589K(130560K), 0.0477260 secs] 199707K->115587K(1005056K), 0.0477793 secs]
    115.241: [GC 115.241: [ParNew: 126629K->37429K(130560K), 0.0553704 secs] 202627K->118544K(1005056K), 0.0554346 secs]
    118.096: [GC 118.096: [ParNew: 124469K->40865K(130560K), 0.0504829 secs] 205584K->121980K(1005056K), 0.0505322 secs]
    120.589: [GC 120.589: [ParNew: 127905K->37247K(130560K), 0.0578313 secs] 209020K->123954K(1005056K), 0.0578734 secs]
    122.573: [GC 122.573: [ParNew: 124287K->39626K(130560K), 0.0534208 secs] 210994K->126333K(1005056K), 0.0534640 secs]
    124.070: [GC 124.077: [ParNew: 126666K->35377K(130560K), 0.0626490 secs] 213373K->128235K(1005056K), 0.0627628 secs]
    126.103: [GC 126.103: [ParNew: 122417K->37886K(130560K), 0.0485833 secs] 215275K->130744K(1005056K), 0.0486433 secs]
    128.251: [GC 128.251: [ParNew: 124926K->41258K(130560K), 0.0482213 secs] 217784K->134115K(1005056K), 0.0482675 secs]
    130.792: [GC 130.792: [ParNew:
    Due to this i am not able to log in visual adminsitrator.Kindly advice me for the same.
    Thanks in advance
    Vijay

    Hello vamshi,
    As you have suggeseted, I followed the notes and changed the following paramters.The system is 64bit and hence the values are adjusted according to the server.
    -Djco.jarm=1
    -Dsun.io.useCanonCaches=false
    -Djava.awt.headless=true
    -XX:SoftRefLRUPolicyMSPerMB=1
    -verbose:gc
    -XX:+PrintGCDetails
    -XX:+PrintGCTimeStamps
    -Xss2m
    -Xms2048M
    -Xmx2048M
    -XX:MaxNewSize=320M
    -XX:NewSize=320M
    -XX:MaxPermSize=512M
    -XX:PermSize=512M
    -XX:SurvivorRatio=2
    -XX:TargetSurvivorRatio=90
    -XX:+UseParNewGC
    -XX:+UseTLAB
    -XX:+HeapDumpOnCtrlBreak
    The heap size for java is 2048
    But still i am getting the ping time out. Connection to server is lost.
    Kindly let me know,
    Regards
    Vijay

  • Security error in Visual Admin!

    Hi Experts,
      I've got the below error when I click on :
    Visual Admin ---> Server --> Services ---> Security Provider ---> ticket
    "Unable to update authentication stack for the selected configuration"
    and I found this in DefaultTrace.trc file
    "1.5 #001E0BBF78FC007900000020000017C4000453A8C918990F#1217884300281#com.sap.engine.services.security.authentication.logincontext#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#Guest#0##n/a##ee766e90626911dda03b001e0bbf78fc#SAPEngine_Application_Thread[impl:3]_6##0#0#Error##Plain###Cyclic dependency has been found for security policy configuration named: ticket#"
    Any idea?
    Thanks!
    P.s.: I'm running EP7 SP15 , Windows 2003 server , Oracle 10.2.

    Hi
    I activated the sap* user and now I can logon to my system and Visual administrator.
    But I don't know what to modify about the SSO configuration.
    The logs (when I started without the activation of sap*) shows:
    #1.5^H#00000000000000500000002900002FA700045A7CBA7A30A6#1225391657856#com.sap.engine.services.security.resource.ResourceHandl
    eImpl#sap.com/com.sap.engine.class.download#com.sap.engine.services.security.resource.ResourceHandleImpl#J2EE_GUEST#0##n/a##3
    b73a600a6b111ddc302000000000000#SAPEngine_Application_Thread[impl:3]_13##0#0#Error#1#/System/Security/Audit/J2EE#Java###ACCES
    S.ERROR: Authorization check for caller assignment to J2EE resource [ : : : ].#4#SAP-J2EE-Engine#session-pool#
    get_session_pool#ALL#
    #1.5^H#00000000000000500000002B00002FA700045A7CBA7A3282#1225391657857#com.sap.engine.services.security#sap.com/com.sap.engine
    .class.download#com.sap.engine.services.security#J2EE_GUEST#0##n/a##3b73a600a6b111ddc302000000000000#SAPEngine_Application_Th
    read[impl:3]_13##0#0#Error#1#/System/Security#Java#security_4041##Cannot get login modules.##
    #1.5^H#00000000000000500000002C00002FA700045A7CBA7A34C4#1225391657858#com.sap.engine.services.security#sap.com/com.sap.engine
    .class.download#com.sap.engine.services.security#J2EE_GUEST#0##n/a##3b73a600a6b111ddc302000000000000#SAPEngine_Application_Th
    read[impl:3]_13##0#0#Error#1#/System/Audit#Java###Exception #1#com.sap.engine.services.security.exceptions.BaseSecurityExc
    eption: Cannot get login modules.
            at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginModules(AuthenticationContextImpl.java:1
    68)
            at com.sap.engine.services.servlets_jsp.server.servlet.PutProtectionFilter.ensureUploadRoleCreated(PutProtectionFilte
    r.java:105)
            at com.sap.engine.services.servlets_jsp.server.servlet.PutProtectionFilter.init(PutProtectionFilter.java:53)
            at com.sap.engine.services.servlets_jsp.server.runtime.context.WebComponents.addFilter(WebComponents.java:198)
            at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadInitializer.loadFilters(ApplicationThreadIn
    itializer.java:292)
            at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadInitializer.run(ApplicationThreadInitialize
    r.java:107)
            at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
            at java.security.AccessController.doPrivileged(Native Method)
            at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
            at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
            at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:627)
            at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:513)
            at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
            at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:119)
            at com.sap.engine.services.security.server.AuthenticationContextImpl.getSessionPool(AuthenticationContextImpl.java:39
    5)
            at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContextFactory(AuthenticationContextImpl
    .java:740)
            at com.sap.engine.services.security.server.AuthenticationContextImpl.getAppConfigurationEntries(AuthenticationContext
    Impl.java:751)
            at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginModules(AuthenticationContextImpl.java:1
    65)
            ... 9 more
    Do you know what parameters or setting did I miss?
    Thank you so much for your help !
    Regards

  • Security Provider for a web dynpro with tool Visual Administrator

    Hello all,
    after deploying successfully my web dynpro on the J2EE 7.0 WAS, I'm trying to set up authentication to it but I cannot find my applicaiton in the list of policy configurations of the Security Provider entry. When I try to add the path to my local web dynpro, the engine doesn't find it.
    I have noticed that all other policy configurations reference a servlet_jsp application. Should I transform my web dynpro into a servlet_jsp? How do I do that?
    Thanks for your input,
    Tanguy Mezzano

    Hello Marcel,
    in fact, I don't succeed to redeploy with another provider name... I have undeployed my webdynpro with SDM on the Java stack, but from NWDS, when I change the application-j2ee-engine.xml and application.xml files, and that I rebuild the webdynpro, when I run and deploy, it always redeploys under the former provider: local.
    When I create the application, I tell to use the existing component, should I select create a new one, but that means that I have to rebuild the whole application.
    Will then the webdynpro be in the Security Provider list, so that I can configure it with http header?
    Thx for your help,
    Tanguy

  • Fail to Configure Java Security Module. JPS-10902:Enrollment Server Error.

    I am unable to configure my Java Security Module Client in Controlled Mode. Everytime, I attempt to run the config command, I get an JPS-10902:Enrollment Server Error.
    Note that, while I run the configure Client command, the OES Administration Server is running on the same machine listening at 7002 with the default username password "weblogic/welcome1" (tested to work as expected on the Server console).
    Any help on this issue is appreciated. Below are the values in the smconfig.prp file, the command at the console and the error message.
    Values in the smconfig.java.controlled.prp:
    ==========================
    oracle.security.jps.runtime.pd.client.policyDistributionMode=controlled-push
    oracle.security.jps.runtime.pd.client.RegistrationServerHost=localhost [I also tried using my hostname]
    oracle.security.jps.runtime.pd.client.RegistrationServerPort=7002
    oracle.security.jps.runtime.pd.client.sm_name=MySM_Java
    # >>>>>>>>>>>>OPTIONAL PARAMETERS<<<<<<<<<<<<<<<<<
    # ------------ Only for Java SM, WS SM, and RMI SM in controlled-push mode --------------------
    # port to listen for policy distribution. Picked automatically by SM config tool if not specified
    #Port value set by Premal. It a random number
    oracle.security.jps.runtime.pd.client.DistributionServicePort=
    oracle.security.jps.runtime.pd.client.sm_type=java
    The Config command issued at the console:
    ===========================
    C:\Oracle\Middleware\oes_client\oessm\bin>config.cmd -smConfigId MySM_Java -prpFileName C:\Oracle\Middleware\oes_client\oessm\SMConfigTool\smconfig.java.controlled.prp
    The resulting error message:
    ======================
    C:\Oracle\Middleware\oes_client\oessm\bin>config.cmd -smConfigId MySM_Java -prpFileName C:\Oracle\Middleware\oes_clien
    t\oessm\SMConfigTool\smconfig.java.controlled.prp
    Configuring for Controlled Policy Distribution Mode
    Security Module configuration is created at: C:\Oracle\MIDDLE~1\OES_CL~1\oes_sm_instances\MySM_Java_3
    Enter password for key stores:
    Enter password for key stores again:
    Passwords are saved in credential store.
    Keystores are initialized successfully.
    Please enter a value for OES Admin Server User name:weblogic
    Please enter a value for OES Admin Server Password:
    Please re-enter a value for OES Admin Server Password:
    oracle.security.jps.service.policystore.PolicyStoreException: JPS-10902: Enrollment server error.
    at oracle.security.oes.enroll.EnrollmentClient.readFromSocket(EnrollmentClient.java:236)
    at oracle.security.oes.enroll.EnrollmentClient.enroll(EnrollmentClient.java:166)
    at oracle.security.oes.enroll.EnrollmentClient.main(EnrollmentClient.java:491)
    at oracle.security.oes.tools.EnrollmentTool.doEnroll(EnrollmentTool.java:103)
    at oracle.security.oes.tools.SMConfigTool.doEnrollment(SMConfigTool.java:610)
    at oracle.security.oes.tools.SMConfigTool.run(SMConfigTool.java:381)
    at oracle.security.oes.tools.SMConfigTool.main(SMConfigTool.java:346)
    JPS-10902: Enrollment server error.
    Enrollment is not proceeded successfully.

    Hi,
    Perhaps oracle.oes.admin.enroll, oracle.oes.admin.psl.ssl are not successfully deployed to the admin server or both are not in active state.
    Please try to redeploy the oracle.oes.admin.enroll, oracle.oes.admin.psl.ssl to the admin server, and make sure these two are active state. Then the SM couls be configured without issues hopefully.
    Thanks,
    Cris

  • Failed to get configuration from secure gateway. Contact your system administrator.

    I have an ASA 5515 running 9.1(1).
    One of my customers is attempting to connect with AnyConnect 3.1.02040 and after authenticating, he gets the message
    Failed to get configuration from secure gateway. Contact your system administrator.
    I have about 100 other customers who have not had this issue and can connect fine.
    Since it appears to be localized to his PC, he's uninstalled and reinstall the client, but to no avail. He's using Windows 7 Pro.
    On the ASA, while he is attempting to connect, I see this:
    15:48:04|302014|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Teardown TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 to identity:<<<ASA IP>>>/443 duration 0:00:00 bytes 8241 TCP Reset-I
    14:48:04|725007|<<<REMOTE IP>>>|51032|||SSL session with client outside:<<<REMOTE IP>>>/51032 terminated.
    14:48:04|113039|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> AnyConnect parent session started.
    14:48:04|734001|||||DAP: User etpdeir, Addr <<<REMOTE IP>>>, Connection AnyConnect: The following DAP records were selected for this connection: DfltAccessPolicy
    14:48:04|113008|||||AAA transaction status ACCEPT : user = etpdeir
    14:48:04|113019|||||Group = ibmdtsc, Username = etpdeir, IP = 124.128.162.43, Session disconnected. Session Type: AnyConnect-Parent, Duration: 0h:41m:41s, Bytes xmt: 885580, Bytes rcv: 1343, Reason: Connection Preempted
    14:48:04|716002|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> WebVPN session terminated: Connection Preempted.
    14:48:04|113009|||||AAA retrieved default group policy (GroupPolicy_AnyConnect) for user = etpdeir
    14:48:04|113004|||||AAA user authentication Successful : server =  172.29.128.126 : user = etpdeir
    14:48:04|725002|<<<REMOTE IP>>>|51032|||Device completed SSL handshake with client outside:<<<REMOTE IP>>>/51032
    14:48:03|725001|<<<REMOTE IP>>>|51032|||Starting SSL handshake with client outside:<<<REMOTE IP>>>/51032 for TLSv1 session.
    15:48:03|302013|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Built inbound TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 (<<<REMOTE IP>>>/51032) to identity:<<<ASA IP>>>/443 (<<<ASA IP>>>/443)
    Any ideas?

    i had this problem.  for me the cause had to do with internet explorer TLS settings.
    in IE8 go to tools, internet options, advanced and under security I had to make sure Use TLS 1.0 was checked (only Use SSL 3.0 and Use TLS 1.1 were checked.  I left them checked.).

  • While upgrading oim 11gr1 toR2 problem with configuration of security store

    /hae/idmt/as/mw/iam/oracle_common/common/bin/wlst.sh Info: DB JDBC driver: oracle.jdbc.OracleDriver
    Info: DB JDBC URL: jdbc:oracle:thin:@haeidmdb01.dataintensity.com:1521/HAEIDMT
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely
    Jan 3, 2013 6:37:28 PM oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator schemaCompatibleHandler
    INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.5.0 is compatible to the seed schema version 11.1.1.4.0
    WLS ManagedService is not up running. Fall back to use system properties for configuration.
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done
    Exception in thread "main" java.lang.RuntimeException: JPS-10000: There was an internal error in the policy store.
    oracle.security.jps.internal.api.common.JpsCredentialStoreLdapNodeCreationException: JPS-10000: There was an internal error in the policy store.
    at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.createJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:300)
    at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:98)
    at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator.migrateData(LdapCredStoreServiceConfigurator.java:64)
    at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.runConfiguration(LdapServiceEnabler.java:441)
    at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.configureCredentialStoreService(LdapServiceEnabler.java:221)
    at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.configureSecurityServices(LdapServiceEnabler.java:160)
    at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.main(LdapServiceEnabler.java:119)
    Caused by: oracle.security.jps.service.policystore.PolicyStoreConnectivityException: JPS-10000: There was an internal error in the policy store.
    at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.handleRollbackException(JpsDBDataManager.java:1274)
    at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.internalCommitTxn(JpsDBDataManager.java:1437)
    at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commitTransactionInDoAs(JpsDBDataManager.java:1404)
    at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commitTransaction(JpsDBDataManager.java:1395)
    at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.createJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:293)
    ... 6 more
    Caused by: javax.persistence.RollbackException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
    Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (TEST_OPSS.IDX_JPS_RDN_PDN) violated
    Error Code: 1
    Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
    bind => [3 parameters bound]
    Query: InsertObjectQuery(EntryId=5037:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=jpscontext,cn=iam,: JpsStore Entry={[EntryId = 5037:Attribute RowId = 5292
    dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 5037:Attribute RowId = 5293
    objectclass = top, EntryId = 5037:Attribute RowId = 5294
    objectclass = orclContainer, EntryId = 5037:Attribute RowId = 5295
    cn = CredentialStore]})
    at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commitInternal(EntityTransactionImpl.java:102)
    at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commit(EntityTransactionImpl.java:63)
    at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager$7.run(JpsDBDataManager.java:1416)
    at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.internalCommitTxn(JpsDBDataManager.java:1421)
    ... 9 more
    Caused by: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
    Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (TEST_OPSS.IDX_JPS_RDN_PDN) violated
    Error Code: 1
    Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
    bind => [3 parameters bound]
    Query: InsertObjectQuery(EntryId=5037:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=jpscontext,cn=iam,: JpsStore Entry={[EntryId = 5037:Attribute RowId = 5292
    dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 5037:Attribute RowId = 5293
    objectclass = top, EntryId = 5037:Attribute RowId = 5294
    objectclass = orclContainer, EntryId = 5037:Attribute RowId = 5295
    cn = CredentialStore]})
    at org.eclipse.persistence.exceptions.DatabaseException.sqlException(DatabaseException.java:324)
    at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeDirectNoSelect(DatabaseAccessor.java:840)
    at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeNoSelect(DatabaseAccessor.java:906)
    at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:592)
    at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:535)
    at org.eclipse.persistence.internal.sessions.AbstractSession.basicExecuteCall(AbstractSession.java:1717)
    at org.eclipse.persistence.sessions.server.ClientSession.executeCall(ClientSession.java:253)
    at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:207)
    at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:193)
    at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.insertObject(DatasourceCallQueryMechanism.java:342)
    at org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:162)
    at org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:177)
    at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.insertObjectForWrite(DatabaseQueryMechanism.java:472)
    at org.eclipse.persistence.queries.InsertObjectQuery.executeCommit(InsertObjectQuery.java:80)
    at org.eclipse.persistence.queries.InsertObjectQuery.executeCommitWithChangeSet(InsertObjectQuery.java:90)
    at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.executeWriteWithChangeSet(DatabaseQueryMechanism.java:287)
    at org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery(WriteObjectQuery.java:58)
    at org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.java:844)
    at org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(DatabaseQuery.java:743)
    at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:108)
    at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWork(ObjectLevelModifyQuery.java:85)
    at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExecuteQuery(UnitOfWorkImpl.java:2871)
    at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1516)
    at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1498)
    at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1449)
    at org.eclipse.persistence.internal.sessions.CommitManager.commitNewObjectsForClassWithChangeSet(CommitManager.java:224)
    at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsForClassWithChangeSet(CommitManager.java:191)
    at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsWithChangeSet(CommitManager.java:136)
    at org.eclipse.persistence.internal.sessions.AbstractSession.writeAllObjectsWithChangeSet(AbstractSession.java:3799)
    at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabase(UnitOfWorkImpl.java:1415)
    at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.commitToDatabase(RepeatableWriteUnitOfWork.java:636)
    at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToDatabaseWithChangeSet(UnitOfWorkImpl.java:1505)
    at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.commitRootUnitOfWork(RepeatableWriteUnitOfWork.java:267)
    at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitAndResume(UnitOfWorkImpl.java:1143)
    at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commitInternal(EntityTransactionImpl.java:84)
    ... 12 more
    Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (TEST_OPSS.IDX_JPS_RDN_PDN) violated
    at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
    at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:396)
    at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:879)
    at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
    at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
    at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
    at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:207)
    at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedStatement.java:1044)
    at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1329)
    at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3593)
    at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3674)
    at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(OraclePreparedStatementWrapper.java:1354)
    at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeDirectNoSelect(DatabaseAccessor.java:831)
    ... 45 more
    at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.throwExceptionWithStackTrace(LdapServiceEnabler.java:135)
    at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.main(LdapServiceEnabler.java:127)
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - failed JPS-10000: There was an internal error in the policy store.
    Error: Failed to initialize security store.
    Error: Create operation has failed.

    Hi Pratheek,
    Are you able to upgrade from 11gR1 to R2 ? .We tried upgrading but struck up with an issue.Thanks in advance.

  • Please help with Configuring Database Security Store

    Here's the error i get....
    Any ideas?
    Initializing WebLogic Scripting Tool (WLST) ...
    Welcome to WebLogic Server Administration Scripting Shell
    Type help() for help on available commands
    Info: Data source is: opss-DBDS
    WLS ManagedService is not up running. Fall back to use system properties for con
    figuration.
    Info: DB JDBC driver: oracle.jdbc.OracleDriver
    Info: DB JDBC URL: jdbc:oracle:thin:@localhost:1521/idgov
    Connected:oracle.jdbc.driver.T4CConnection@21bce8d
    Disconnect:oracle.jdbc.driver.T4CConnection@21bce8d
    INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvide
    r". OpenJPA will not be used.
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]  checkSe
    rviceSetup - done
    Aug 13, 2013 8:47:47 PM oracle.security.jps.internal.config.ldap.LdapCredStoreSe
    rviceConfigurator schemaCompatibleHandler
    INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.
    6.0 is compatible to the seed schema version 11.1.1.4.0
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]  checkSe
    rviceSchema - Store schema has been seeded completely
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]  updateS
    erviceConfiguration - done
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]  seedSch
    emaAndCreateDIT - failed JPS-10000: There was an internal error in the policy st
    ore.
    Exception in thread "Main Thread" java.lang.RuntimeException: JPS-10000: There w
    as an internal error in the policy store.
    oracle.security.jps.internal.api.common.JpsCredentialStoreLdapNodeCreationExcept
    ion: JPS-10000: There was an internal error in the policy store.
            at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
    ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:303)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:114)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.runConfiguration(LdapServiceEnabler.java:448)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureCredentialStoreService(LdapServiceEnabler.java:233)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureSecurityServices(LdapServiceEnabler.java:171)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.main(LdapServiceEnabler.java:129)
    Caused by: oracle.security.jps.service.policystore.PolicyStoreConnectivityExcept
    ion: JPS-10000: There was an internal error in the policy store.
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.handl
    eRollbackException(JpsDBDataManager.java:1345)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.inter
    nalCommitTxn(JpsDBDataManager.java:1508)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
    tTransactionInDoAs(JpsDBDataManager.java:1475)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
    tTransaction(JpsDBDataManager.java:1466)
            at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
    ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:296)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:113)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.runConfiguration(LdapServiceEnabler.java:447)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureCredentialStoreService(LdapServiceEnabler.java:232)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureSecurityServices(LdapServiceEnabler.java:170)
            ... 1 more
    Caused by: javax.persistence.RollbackException: Exception [EclipseLink-4002] (Ec
    lipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.ex
    ceptions.DatabaseException
    Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001
    : unique constraint (DEV20_OPSS.IDX_JPS_RDN_PDN) violated
    Error Code: 1
    Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
            bind => [3 parameters bound]
    Query: InsertObjectQuery(EntryId=11437:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=
    jpscontext,cn=iam,: JpsStore Entry={[EntryId = 11437:Attribute RowId = 45348
    dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 11437:Attribu
    te RowId = 45349
    objectclass = top, EntryId = 11437:Attribute RowId = 45350
    objectclass = orclContainer, EntryId = 11437:Attribute RowId = 45351
    cn = CredentialStore]})
            at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
    l.commitInternal(EntityTransactionImpl.java:102)
            at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
    l.commit(EntityTransactionImpl.java:63)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager$8.run
    (JpsDBDataManager.java:1488)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.inter
    nalCommitTxn(JpsDBDataManager.java:1492)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
    tTransactionInDoAs(JpsDBDataManager.java:1476)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
    tTransaction(JpsDBDataManager.java:1466)
            at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
    ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:297)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:114)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.runConfiguration(LdapServiceEnabler.java:448)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureCredentialStoreService(LdapServiceEnabler.java:233)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureSecurityServices(LdapServiceEnabler.java:171)
            ... 1 more
    Caused by: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v2
    0111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
    Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001
    : unique constraint (DEV20_OPSS.IDX_JPS_RDN_PDN) violated
    Error Code: 1
    Call: INSERT INTO JPS_DN (ENTRYID, PARENTDN, RDN) VALUES (?, ?, ?)
            bind => [3 parameters bound]
    Query: InsertObjectQuery(EntryId=11437:rdn=cn=credentialstore:pdn=cn=jpsroot,cn=
    jpscontext,cn=iam,: JpsStore Entry={[EntryId = 11437:Attribute RowId = 45348
    dn = cn=CredentialStore,cn=IAM,cn=JPSContext,cn=jpsroot, EntryId = 11437:Attribu
    te RowId = 45349
    objectclass = top, EntryId = 11437:Attribute RowId = 45350
    objectclass = orclContainer, EntryId = 11437:Attribute RowId = 45351
    cn = CredentialStore]})
            at org.eclipse.persistence.exceptions.DatabaseException.sqlException(Dat
    abaseException.java:324)
            at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
    uteDirectNoSelect(DatabaseAccessor.java:840)
            at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
    uteNoSelect(DatabaseAccessor.java:906)
            at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basi
    cExecuteCall(DatabaseAccessor.java:592)
            at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
    uteCall(DatabaseAccessor.java:535)
            at org.eclipse.persistence.internal.sessions.AbstractSession.basicExecut
    eCall(AbstractSession.java:1717)
            at org.eclipse.persistence.sessions.server.ClientSession.executeCall(Cli
    entSession.java:253)
            at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism
    .executeCall(DatasourceCallQueryMechanism.java:207)
            at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism
    .executeCall(DatasourceCallQueryMechanism.java:193)
            at org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism
    .insertObject(DatasourceCallQueryMechanism.java:342)
            at org.eclipse.persistence.internal.queries.StatementQueryMechanism.inse
    rtObject(StatementQueryMechanism.java:162)
            at org.eclipse.persistence.internal.queries.StatementQueryMechanism.inse
    rtObject(StatementQueryMechanism.java:177)
            at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.inser
    tObjectForWrite(DatabaseQueryMechanism.java:472)
            at org.eclipse.persistence.queries.InsertObjectQuery.executeCommit(Inser
    tObjectQuery.java:80)
            at org.eclipse.persistence.queries.InsertObjectQuery.executeCommitWithCh
    angeSet(InsertObjectQuery.java:90)
            at org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.execu
    teWriteWithChangeSet(DatabaseQueryMechanism.java:287)
            at org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery
    (WriteObjectQuery.java:58)
            at org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.j
    ava:844)
            at org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(Dat
    abaseQuery.java:743)
            at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitO
    fWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:108)
            at org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitO
    fWork(ObjectLevelModifyQuery.java:85)
            at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExec
    uteQuery(UnitOfWorkImpl.java:2871)
            at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuer
    y(AbstractSession.java:1516)
            at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuer
    y(AbstractSession.java:1498)
            at org.eclipse.persistence.internal.sessions.AbstractSession.executeQuer
    y(AbstractSession.java:1449)
            at org.eclipse.persistence.internal.sessions.CommitManager.commitNewObje
    ctsForClassWithChangeSet(CommitManager.java:224)
            at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObje
    ctsForClassWithChangeSet(CommitManager.java:191)
            at org.eclipse.persistence.internal.sessions.CommitManager.commitAllObje
    ctsWithChangeSet(CommitManager.java:136)
            at org.eclipse.persistence.internal.sessions.AbstractSession.writeAllObj
    ectsWithChangeSet(AbstractSession.java:3799)
            at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToData
    base(UnitOfWorkImpl.java:1415)
            at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.c
    ommitToDatabase(RepeatableWriteUnitOfWork.java:636)
            at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitToData
    baseWithChangeSet(UnitOfWorkImpl.java:1505)
            at org.eclipse.persistence.internal.sessions.RepeatableWriteUnitOfWork.c
    ommitRootUnitOfWork(RepeatableWriteUnitOfWork.java:267)
            at org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.commitAndRes
    ume(UnitOfWorkImpl.java:1143)
            at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
    l.commitInternal(EntityTransactionImpl.java:84)
            at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImp
    l.commit(EntityTransactionImpl.java:63)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager$8.run
    (JpsDBDataManager.java:1487)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.inter
    nalCommitTxn(JpsDBDataManager.java:1492)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
    tTransactionInDoAs(JpsDBDataManager.java:1475)
            at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.commi
    tTransaction(JpsDBDataManager.java:1466)
            at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.cre
    ateJpsCredentailStoreInLdap(JpsDbBootstrapImpl.java:296)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.addServiceStoreBase(LdapCredStoreServiceConfigurator.java:113)
            at oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigur
    ator.seedSchemaAndCreateDIT(LdapCredStoreServiceConfigurator.java:142)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.runConfiguration(LdapServiceEnabler.java:447)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureCredentialStoreService(LdapServiceEnabler.java:232)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.configureSecurityServices(LdapServiceEnabler.java:170)
            ... 1 more
    Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique
    constraint (DEV20_OPSS.IDX_JPS_RDN_PDN) violated
            at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
            at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:396)
            at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:879)
            at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
            at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
            at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
            at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.
    java:207)
            at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedSta
    tement.java:1044)
            at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStateme
    nt.java:1329)
            at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePrep
    aredStatement.java:3593)
            at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePrepar
    edStatement.java:3674)
            at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(Oracl
    ePreparedStatementWrapper.java:1354)
            at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
    uteDirectNoSelect(DatabaseAccessor.java:831)
            ... 45 more
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.throwExceptionWithStackTrace(LdapServiceEnabler.java:145)
            at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnab
    ler.main(LdapServiceEnabler.java:137)
    Error: Failed to initialize security store.
    Error: Create operation has failed.
    C:\Oracle\IDGMiddleware\oracle_common\common\bin>

    Try to configure the policy store with different ID (highlighted in the below command)
    ./wlst.sh <Oracle_IDM1_Home>/common/tools/configureSecurityStore.py -d <WLS_Domain>/OAM_domain -c IAM -p <Password> -m create
    OR
    Reinstall the RCU and try to configure the policy store.

  • Error in security provider logon stack: no logon to visual administrator

    Probably i made a mistake in configuring SAP-J2EE-Engine security provider login modules.
    Now i cannot logon to Visual Administrator, it tells me
    "Error while connecting
    com.sap.engine.services.security.exceptions.BaseLoginException: Access Denied."
    Is there a way to reset login module stack from configtool or in some config file?
    Many thanks in advance.
    Simone Zaffalon

    Hi
    you can configure your login stack configuration using config tool. Config tool works locally against the server's database, thus no authentication is required.
    1. Be sure that your server is not running! (shutdown SAP J2EE processes)
    2. Launch config tool ("use default db settings").
    3. switch to configuration editor mode (the most-right icon in the icon toolbar)
    4. navigate to security-->configurations
    Here you find your logon stacks and the login modules contained within them. Click on the "pencil" icon for changing your current configuration.
    See the thread below .It will resolve your issue
    Unable to access Visual Admin
    Points are welcome if it is helpful
    Koti Reddy

  • Configuring ADF Security to use LDAP

    HI All
    We are building an application which is secured using SSO authentication. We have an LDAP setup for this.
    During development, we wanted to configure LDAP in ADF Security Wizard in Jdeveloper for authentication. I tried the following in ADF Security Wizard in the 10 steps of the wizard:
    1) Configure ADF for Web Application, enforce Authorization
    2) Enable Credential Store
    3) No Policy Store
    4) LDAP Identity Store
    5) Enter LDAP credentials, LdAp URL, user base
    6) No Anonymous Provider
    7) Did not select any login module
    8) Form Based Authentication, generate default
    9) Added pages that need to be secured
    10) Finish
    The login page is rendered whenever i try to access a protected page. But when I enter the LDAP user credentials for login, it does not work. It says "You are not authorized to view this page".
    Is there anything missing in the setup that is causing the issue. Any pointers on this would be helpful.
    Thanks
    Srinidhi.

    Hi,
    note that there don't exist documentation for configuring ADF Security in JDeveloper 11 with LDAP. In general, ADF Security in JDeveloper 11 is not yet ready for SSO and LDAP testings and still is under development. Note that LDAP authentication - as container managed authentication - is configured in the jps-config.xml file of the deployed application. However, as said, its not documented and would be just too much at this point to put into a forum answer
    Frank

Maybe you are looking for