Policy Agent 3.0 for Tomcat - Cannot obtain Application SSO token
Hi
I am trying to configure Sun OpenSSO Enterprise Policy Agent 3.0 for Apache Tomcat Application Server 6.
After installing the Policy Agent, Tomcat is not starting.
The Error in the stack is :
=========
Jun 14, 2009 2:21:00 AM
org.apache.tomcat.util.digester.Digester startElement
SEVERE: Begin event threw error
java.lang.ExceptionInInitializerError
at
com.sun.identity.agents.arch.AgentConfiguration.bootStrapClientConfig
uration(AgentConfiguration.java:682)
Caused by:
com.sun.identity.security.AMSecurityPropertiesException:
AdminTokenAction: FATAL ERROR: Cannot obtain Application
SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at
com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:
258)
=========
There is no AMConfig.properties file. The Agent uses "OpenSSOAgentBootstrap.properties".
Is there a workaround for this issue ?
Cheers.
Hi,
I have the same Problem, did you come up with a solution for it?
thanks
Matrius
Similar Messages
-
IM Installation - FATAL ERROR: Cannot obtain Application SSO token
Hi Guys,
I am having a problem trying to install IM, I got the following error,
Registering services with Access Manager...exist exception - AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
I got the IM + DA+ AM 7.1 + AS 9.1 U2 installed in the same server with the DS 6.3 installed remotly. I installed the following components for the AM
*[X] 1. Access Manager Core Services
*[X] 2. Access Manager Administration Console
*[X] 3. Common Domain Services for Federation Management
*[X] 4. Access Manager SDK
yes, the Application server is up and running before I start the installation of IM and the access manager is working fine, do you know why I am getting this error?
p.s. i tried to set those variable in the following file (/etc/opt/SUNWam/config/AMConfig.properties) but i got the same error
com.sun.identity.agents.app.username=amadmin
com.iplanet.am.service.password=encrypted password
thanks a lot guysI give up finding the problem....i will re-install AM, these are the questions that the installer will ask, are my values ok ?
*[X] 1. Access Manager Core Services
*[X] 2. Access Manager Administration Console
*[X] 3. Common Domain Services for Federation Management
*[X] 4. Access Manager SDK
Specify Common Server Settings
Enter Host Name [convergence] {"<" goes back, "!" exits}
Enter DNS Domain Name [domain.com] {"<" goes back, "!" exits}
Enter IP Address [192.168.2.82] {"<" goes back, "!" exits}
Enter Server admin User ID [admin] {"<" goes back, "!" exits}
Enter Admin User's Password (Password cannot be less than 8 characters) []
{"<" goes back, "!" exits}
Confirm Admin User's Password [] {"<" goes back, "!" exits}
Enter System User [root] {"<" goes back, "!" exits}
Enter System Group [root] {"<" goes back, "!" exits}
Access Manager: Specify Configuration Information
Install type (Realm/Legacy) Mode [Legacy] {"<" goes back, "!" exits}:
Administrator User ID: amAdmin
Administrator Password [] {"<" goes back, "!" exits}:
Retype Password [] {"<" goes back, "!" exits}:
LDAP User ID: amldapuser
LDAP Password [] {"<" goes back, "!" exits}:
Retype Password [] {"<" goes back, "!" exits}:
Password Encryption Key [gdtrt576ythjgut7erehejr8] {"<" goes back,
"!" exits}:
Access Manager: Choose Deployment Container
1. Sun Java(TM) System Application Server
2. Sun Java(TM) System Web Server
Select the container to deploy the component and hit enter key [1] {"<" goes
back, "!" exits} 1
Access Manager: Specify Sun Java System Application Server
Installation Directory [opt/SUNWappserver/appserver] {"<" goes back, "!"
exits}: /opt/SUNWappserver
Instance Directory [var/opt/SUNWappserver/domains/domain1] {"<" goes back,
"!" exits}: /opt/SUNWappserver/domains/domain1
Access Manager Runtime Instance [server] {"<" goes back, "!" exits}:
Access Manager Instance Port [8080] {"<" goes back, "!" exits}: 80
Document Root [var/opt/SUNWappserver/domains/domain1/docroot] {"<" goes
back, "!" exits}: /opt/SUNWappserver/domains/domain1/docroot
Administrator User ID [admin] {"<" goes back, "!" exits}:
Administrator Password [] {"<" goes back, "!" exits}:
Master Password [] {"<" goes back, "!" exits}:
Administrator Port [4849] {"<" goes back, "!" exits}: 4848
Secure Server Instance Port [No] {"<" goes back, "!" exits}:
Secure Administration Server Port [Yes] {"<" goes back, "!" exits}:
Access Manager: Specify Web Container for Running Access Manager Services
Host Name [convergence.domain.com] {"<" goes back, "!" exits}:
Services Deployment URI [amserver] {"<" goes back, "!" exits}:
Common Domain Deployment URI [amcommon] {"<" goes back, "!" exits}:
Cookie Domain(Assure it is not a top level domain) [.domain.com] {"<" goes
back, "!" exits}:
Password Deployment URI [ampassword] {"<" goes back, "!" exits}:
1. HTTP
2. HTTPS
Console Protocol [1] {"<" goes back, "!" exits}:
Access Manager: Choose Access Manager Console
Administration Console [Yes] {"<" goes back, "!" exits}:
Console Deployment URI [amconsole] {"<" goes back, "!" exits}:
Access Manager: Specify Directory Server Information
Directory Server Host [] {"<" goes back, "!" exits}: mail.domain.com
Directory Server Port [389] {"<" goes back, "!" exits}:
Directory Root Suffix [dc=domain,dc=com] {"<" goes back, "!" exits}:
Directory Manager DN [cn=Directory Manager] {"<" goes back, "!" exits}:
Directory Manager Password [] {"<" goes back, "!" exits}:
Access Manager: Specify Directory Server Data
Is Directory Server provisioned with user data [No] {"<" goes back, "!"
exits}?
Ready to Install -
"Cannot obtain Application SSO token" error
Hello,
I configured my agent as follows:
Version: 3.0
Build Date: 20071212
Application Server Config Directory : C:\Sun\SDK\domains\domain1\config
Application Server Instance name : server
Access Manager URL : http://juno:6140/opensso
Domain Administration Server Host is remote : false
Agent URL : http://juno:8080
Deployment URI for the Agent Application : /agentapp
Encryption Key : J+KQLOM+s6gAQb1Y1H8uJoej3bzKBAEN
Agent Profile name : asagent
Agent Profile Password file name : c:\temp\password.TXT
Agent installed on the DAS host for a remote instance : false
The AM and the sample applications are both running on separate domains.
Following steps I performed:
1. I started my SSO domain (domain2) first and then the application domain where my agent is installed (domain1).
2. I deployed the agentsample.ear file after compilation through build.xml file
When I try to access the URL (http://localhost:8080/agentsample/index.html), it throw the following exception (recorded in amSSO log file located in the Agent_001
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:233)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.common.PropertiesFinder.getProperty(PropertiesFinder.java:49)
at com.iplanet.am.util.SystemProperties.get(SystemProperties.java:255)
at com.iplanet.am.util.SystemProperties.get(SystemProperties.java:298)
at com.iplanet.dpro.session.SessionID.<clinit>(SessionID.java:90)
... 46 more
|#]
[#|2007-12-14T11:32:42.881-0500|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-1;_RequestID=30ba22ac-dd83-461b-a835-440480970033;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: Could not initialize class com.sun.identity.agents.filter.AmFilterManager
at com.sun.identity.agents.filter.AmAgentBaseFilter.initializeFilter(AmAgentBaseFilter.java:217)
at com.sun.identity.agents.filter.AmAgentBaseFilter.getAmFilterInstance(AmAgentBaseFilter.java:279)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:64)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:361)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
I spent lot of time refering the supporting document but could not find any solution.
Your assistance will be greatly appreciated.
Thanks,
VinitI tried to deploy "agentapp.war" in the "domain1" which I configured to install J2EE Agent. The "domain2" deployed opensso.war file. When I tried to invoke "http://test.domain.org:8080/agentapp", it threw the following error:
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:233)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.common.configuration.ConfigurationBase.isLegacy(ConfigurationBase.java:180)
at com.sun.identity.common.configuration.ConfigurationObserver.createAttributeMapping(ConfigurationObserver.java:62)
at com.sun.identity.common.configuration.ConfigurationObserver.<init>(ConfigurationObserver.java:58)
at com.sun.identity.common.configuration.ConfigurationObserver.<clinit>(ConfigurationObserver.java:50)
... 35 more
|#]
[#|2007-12-17T21:24:21.453-0500|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=fde18bdd-a04f-48ba-b4f1-7a88a756c315;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: Could not initialize class com.sun.identity.agents.filter.AmFilterManager
at com.sun.identity.agents.filter.AmAgentBaseFilter.initializeFilter(AmAgentBaseFilter.java:217)
at com.sun.identity.agents.filter.AmAgentBaseFilter.getAmFilterInstance(AmAgentBaseFilter.java:279)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:64)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
I do not understand why it is looking for AMConfig.properties file in domain1? This file exist in domain2 and not in domain1. Secondly, it also throws NoClassDefFoundError Exception. However, config.xml file sets classpath as :
<java-config classpath-suffix="${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/lib/agent.jar${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/lib/openssoclientsdk.jar${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/locale${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/Agent_001/config" debug-enabled="false" debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9009" env-classpath-ignored="true" java-home="${com.sun.aas.javaRoot}" javac-options="-g" rmic-options="-iiop -poa -alwaysgenerate -keepgenerated -g" system-classpath="">
I am not sure whether both these problems are related or independent.
Thanks in advance,
Vinit -
AM Client program throwing "Cannot create application SSO token"
I am trying to run the policyevaluator client program (from both standalone and as a web app), when I run it , it throws the following exception..
com.sun.identity.policy.PolicyException: Cannot create application SSO token.
at com.sun.identity.policy.client.PolicyEvaluator.getNewAppSSOToken(PolicyEvaluator.java:470)
at com.sun.identity.policy.client.PolicyEvaluator.init(PolicyEvaluator.java:188)
at com.sun.identity.policy.client.PolicyEvaluator.<init>(PolicyEvaluator.java:163)
at com.sun.identity.policy.client.PolicyEvaluatorFactory.getPolicyEvaluator(PolicyEvaluatorFactory.java:145)
at com.sun.identity.policy.client.PolicyEvaluatorFactory.getPolicyEvaluator(PolicyEvaluatorFactory.java:102)
at test.PolicyEvaluatorClient.main(PolicyEvaluatorClient.java:68)
Can anybody throw some light on how to fix this problem... your help will be greatly appreciated..
Thanks,I am trying to run the policyevaluator client program (from both standalone and as a web app), when I run it , it throws the following exception..
com.sun.identity.policy.PolicyException: Cannot create application SSO token.
at com.sun.identity.policy.client.PolicyEvaluator.getNewAppSSOToken(PolicyEvaluator.java:470)
at com.sun.identity.policy.client.PolicyEvaluator.init(PolicyEvaluator.java:188)
at com.sun.identity.policy.client.PolicyEvaluator.<init>(PolicyEvaluator.java:163)
at com.sun.identity.policy.client.PolicyEvaluatorFactory.getPolicyEvaluator(PolicyEvaluatorFactory.java:145)
at com.sun.identity.policy.client.PolicyEvaluatorFactory.getPolicyEvaluator(PolicyEvaluatorFactory.java:102)
at test.PolicyEvaluatorClient.main(PolicyEvaluatorClient.java:68)
Can anybody throw some light on how to fix this problem... your help will be greatly appreciated..
Thanks, -
Policy Agent 2.2 with Tomcat connector (isapi_redirect.dll)?
Dear All,
We have installed Policy agent 2.2 for IIS6 to enable SSO with SUN Access Manager 7.1. Policy agent 2.2 was installed in IIS6 as wild card application mapping extension.
Our IIS6 also contains Apache tomcat connector (isapi_redirect.dll) as it needs to front JBOSS application server.
When we access protected resource Policy agent presents login screen. With the correct login details, policy agent authenticates successfully with SAM 7.1 and creates SSO token, which is good. But policyagent creates "goto" URL as /tomcat/isapi_redirect.dll rather than the original resource that user asked for as below?
2010-12-23 18:57:57.397 Info 3220:1e5b0d0 PolicyAgent: do_redirect(): redirect_header = Location: http://am-server.com:8080/amserver/login?goto=http%3A%2F%2Ftest-server%3A80%2Ftomcat%2Fisapi_redirect.dll
Any ideas on how to configure Policy agent for IIS6 when it has isapi_redirect.dll already installed on it.
Thanks,
SuryaHello Surya
Did you find a solution for this issue? How did you solve it?
Thank you
Prashanth
Edited by: user8605028 on Jun 15, 2011 1:24 PM -
This log -------------policy agent 2.1 for iis5.0
Sun Java System Identity Server Policy Agent 2.1 for Microsoft IIS 5.0
Sun\Identity_Server\Agents\2.1\debug\C__Inetpub_wwwroot\amAgent
2004-07-25 18:06:22.156 Warning 1064:00D01120 PolicyAgent: OnPreprocHeaders(): Identity Server Cookie not found.
2004-07-25 18:06:22.156 Error 1064:00D01120 PolicyAgent: do_redirect() ServerSupportFunction did not succeed: Attempted status = 302 Found
2004-07-25 18:06:22.156 Warning 1064:00D01120 PolicyAgent: OnPreprocHeaders(): No cookies found.
2004-07-25 18:06:22.156 Error 1064:00D01120 PolicyAgent: do_redirect() ServerSupportFunction did not succeed: Attempted status = 302 Found
2004-07-25 18:07:53.921 Error 1064:00D01120 PolicyEngine: am_policy_evaluate: InternalException in Service::getPolicyResult with error message:Policy not found for resource: http://guorui.mygodsun.com:49153/index.asp and code:7
2004-07-25 18:07:53.921 Warning 1064:00D01120 PolicyAgent: am_web_is_access_allowed(http://guorui.mygodsun.com:49153/index.asp, GET) denying access: status = no policy found (7)
2004-07-25 18:07:53.937 128 1064:00D01120 RemoteLog: User amAdmin was denied access to http://guorui.mygodsun.com:49153/index.asp.
2004-07-25 18:07:54.062 Error 1064:00D01120 PolicyAgent: do_redirect(): Error while calling am_web_get_redirect_url(): status = success
2004-07-25 18:07:54.078 Error 1064:00D01120 PolicyAgent: do_redirect() WriteClient did not succeed: Attempted message = HTTP/1.1 403 Forbidden
Content-Length: 13
Content-Type: text/plain
403 Forbidden
from that log,help me
my:
Sun Java System Identity Server 6.1
Sun Java System Directory Server 5.2
Sun Java System Identity Server Policy Agent 2.1 for Microsoft IIS 5.0
help me for that how config?
what error ?
thanks!Sorr for so many people faced the sam or similar issues. I just joined this support a short while. If you think any old problem which is still critical to you, please repost. We shall try our best to give you assistance. Jerry
Here are some of tips for debugging Web agent.
From the AMAgent.properties, are both IIS and AM are in the same domain? If they are not, then you need to use CDSSO. Also please check in AM, under "Service Configuration-> Platform -> Cookie Domains" , whether cookie is set for the entire domain which includes AM and IIS ("test.com") or just the AM machine name.
Also check whether correct value for "Agent-Identity Server Shared Secret" is entered. This should be your internal ldap password (amldapuser). In the AMAgent.properties for the below property the password will be encrypted and assigned: "com.sun.am.policy.am.password".
Could you also check if the Identity servver and the IIS web server are time synchronized. The problem may be that agent requests policy decisions and the response from server may be timed out due to non-syncrhonized clock.
Don't forget to restart the whole IIS service using internet
management console after making agent changes.
Some of the common error codes:
20: Application authentication failed. This occurs when Agent cannot sucessfully authenticate with Identity Server. This is mainly due to incorrect password for agent entered during agent installation. Please refer to another faq describing how to change password.
7: Policy not found. This error occurs typically if there are no policies defined on Identity server for the given web server URL. Otherwise, there may be time skew between Identity Server and Agent. So, polices fetched from Identity Server is instantly flushed by Agent and attempted to refetch over and over again. This can be solved by running rdate or similar command to synchronize time between the two machines. It is recommended to run NNTP server syncrhonize times between your Identity systems. -
Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1
Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1
Does anybody has a working combination of the above ? I get a ID login page and after that I always get a access denied page. I get this exception on the agent logs:
2004-10-14 16:28:00.917 Warning 6347:c1818 PolicyAgent: in get_cookie: no cooki
e in ap_table
2004-10-14 16:28:01.895 Warning 6359:c1818 PolicyAgent: Invalid URL for propert
y (com.sun.am.policy.agents.accessDeniedURL) specified
2004-10-14 16:28:56.742 Warning 6349:c1818 PolicyAgent: am_web_is_access_allowe
d(http://xx.xx.xx.net:8080/, GET) denying access: status = access de
nied (20)
2004-10-14 16:28:56.743 128 6349:c1818 RemoteLog: User testuser1 was denie
d access to http://xx.xx.xx.net:8080/.
2004-10-14 16:28:56.831 -1 6349:c1818 PolicyAgent: URL Access Agent: acces
s denied to testuser1
We can ignore Invalid URL property part because its just looking for a custom url in place there. I have cookies enabled in my browser. I even turned on the prompt option. No luck yet.
Any suggestions would be of great help.
Thanks,
Sunil.From your description, since the agent installs file with a different JRE, I would suspect it has something to do with the availability of JCE provider in the first JRE. By default, WebSphere's JRE is equipped with IBM JCE provider which is what the agent uses to encrypt the necessary
information. If this provider is not configured correctly it could result in the error that you are seeing. Please check the WebSphere installation and make sure that the JRE used by it has the necessary IBM JCE provider configured. The java.security file for this should contain something like:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.jsse.IBMJSSEProvider
security.provider.4=com.ibm.security.cert.IBMCertPath
security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
Also, make sure that when you are installing the agent you specify the Java Home as prompted by the agent to point to the location where this JRE is installed. Typically this is under WebSphere/AppServer/java directory. HTH, Jerry -
Policy Agent 2.2 for Apache HTTP Server
hi,
I'm trying to configure Policy Agent 2.2 for apache http server.
The agent seems to be installed properly, in fact when I access the protected resource, I get the Access Manager login page.
Then I log into access manager, but I'm redirected to an error page.
Looking in log files I can see:
agent's "amAgent" log file:
Debug 10763:f8fe0 AuthService: HTTP Status = 200 (OK)
Debug 10763:f8fe0 AuthService: Http::Response::readAndParse(): No content length in response.
Debug 10763:f8fe0 ServiceEngine: Service::do_agent_auth_login(): Setting password callback.
Debug 10763:f8fe0 ServiceEngine: Service::do_agent_auth_login(): Setting name callback to 'apache2Agent'.
Debug 10763:f8fe0 AuthService: BaseService::sendRequest Cookie and Headers =Host: crmzone.company.icteam.it
Cookie: JSESSIONID=193E5E1590C924A42B95A00A51DC0479;amlbcookie=01
Debug 10763:f8fe0 AuthService: BaseService::sendRequest Content-Length =Content-Length: 620
Debug 10763:f8fe0 AuthService: BaseService::sendRequest Header Suffix =Accept: text/xml
Content-Type: text/xml; charset=UTF-8
Debug 10763:f8fe0 AuthService: HTTP Status = 200 (OK)
Debug 10763:f8fe0 AuthService: Http::Response::readAndParse(): No content length in response.
Error 10763:f8fe0 AuthService: AuthService::processLoginStatus() Exception message=[Application user ID is not valid.] errorCode='107' templateName=login_failed_template.jsp.
Error 10763:f8fe0 PolicyEngine: am_policy_evaluate: InternalException in AuthService::processLoginStatus() with error message:Exception message=[Application user ID is not valid.] errorCode='107' templateName=login_failed_template.jsp and code:3
Warning 10763:f8fe0 PolicyAgent: am_web_is_access_allowed()(http://10.0.0.31:80/SugarOS-Full-4.5.0f, GET) denying access: status = Access Manager authentication service failure
Debug 10763:f8fe0 PolicyAgent: am_web_is_access_allowed(): Successfully logged to remote server for GET action by user unknown user to resource http://10.0.0.31:80/SugarOS-Full-4.5.0f.
Info 10763:f8fe0 PolicyAgent: am_web_is_access_allowed()(http://10.0.0.31:80/SugarOS-Full-4.5.0f, GET) returning status: Access Manager authentication service failure.
Info 10763:f8fe0 PolicyAgent: process_request(): Access check for URL http://10.0.0.31/SugarOS-Full-4.5.0f returned Access Manager authentication service failure.
Debug 10763:f8fe0 PolicyAgent: process_request(): returning web result AM_WEB_RESULT_ERROR, data []
Debug 10763:f8fe0 PolicyAgent: am_web_process_request(): Rendering web result AM_WEB_RESULT_ERROR
Debug 10763:f8fe0 PolicyAgent: am_web_process_request(): render result function returned AM_SUCCESS.
Access Manager's "amAuthentication.error" log file:
"Login Failed|module_instance|Application" Application AUTHENTICATION-268 dc=opensso,dc=java,dc=net "Not Available" INFO apache2Agent 10.0.0.31 "cn=dsameuser,ou=DSAME Users,dc=opensso,dc=java,dc=net" CRMzone
I tried to change the name of the agent either in its AMAgent.properties or in Access Manager "Agents" configuration page.
I also used "crypt_util" to generate a new passoword, but nothing seems to happen.
Where should I look to get more info about this problem? Specific log file?
Is it due to wrong name/id/password of the agent? I really checked them many times...
Thanks
FabioI think the error message "Application user ID is not valid" is pretty self evident.
Log into the amconsole and go to the root realm/organization. Make sure the Agent profile exists and reset the password again to know value. If you created the agent profile in a sub realm/organization, you will need to make sure the subrealm/organization is set in the AMAgent.properties since the default value is / for the root realm/organization. Update the AMAgent.properties file will the Agent ID and the password generated by the crypt_it tool (com.sun.am.policy.am.username, com.sun.am.policy.am.password)
If that doesn't work, check the amApplication debug log and then look at the ldap server access logs to see why the auth bind failed. -
SUn Policy Agent 2.2 for Weblogic 92
We are using SUN POlicy agent 2.2. (for Weblogic) for Access Manager 6.3
For this particular application I intermittantly get SSOToken invald message
Its a sporadic behavior (sometimes work sometime does not)
error -
02/02/2007 12:22:41:057 PM EST: Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]
SSOTokenValidator.validate(): Exception caught
com.iplanet.sso.SSOException: AQIC5wM2LY4Sfcw k8CIsj Jujq92ltM5fNZJxh2qFYpAyw=@AAJTSQACMDE=# Invalid session ID.AQIC5wM2LY4Sfcw k8CIsj Jujq92ltM5fNZJxh2qFYpAyw=@AAJTSQACMDE=#check the patch level of AM 6.3, it should be higher than 1
-
Sun One Identity Server Policy Agent 2.0 for IIS 5.0
Hi,
I try to use Sun Indentity Server with IIS, so I installed policy agent 2.0 for IIS 5.0. my operating system is Windows 2000 professional. I can see the ISAPI fiiter is loaded, but when I try to test the installation by access a testing page, like http://localhost/test.asp, I can not go anywhere, the sun identity server log in page is not loaded. I checked the debug log file, there are just two warning message:
2003-02-12 11:11:52.314 Warning 1316:00A548E8 PolicyAgent: Invalid URL for property (com.sun.am.policy.agents.accessDeniedURL) specified
2003-02-12 11:11:52.798 Warning 1316:00A548E8 PolicyAgent: FqdnHandler::FqdnHandler() No value specified for fqdnMap.
Could someone help me out here? Any suggestion will be appreciated.
Thanks,
Harold ChenWell, it's in the Agent's installation guide, section "Read me first", "Setting Fully Qualified Domain Name". :)
-
Problem in POST data preserve in Policy Agent 2.2 for SJSWS 6.1
Hi
I am using Policy Agent 2.2 for SJSWS 6.1
I have a requirement to preserve the POST data when during the following situation.
Consider a situation where in the user has logged in to our webapp and the user remains in a page which has a form with Post method .
Mean while the session (of AM) times out and now the user enters the data in the data and submits the form.
The user will be redirected to the login page and then the requested service should be performed, which is not happening in this case(POST). Suppose in if the form used a GET method this works fine.
I have tried by configuring the following property in AMAgent.properties file.
com.sun.am.policy.agents.config.postdata.preserve.enable = true
But it doesn't work. When I tried to troubleshoot, I learned from the following resource that, POST data preservation is only supported on Policy Agent 2.2 for Sun Java System Web Server 7.0 Is it not supported on 6.1?
http://docs.sun.com/app/docs/doc/820-1130/gaueu
I get the following error in the log file of SJSWS.
trying to POST /dummypost/sunpostpreserve2007-09-2804:48:53.379, send-file reports: HTTP4142: can't find /opt/SUNWwbsvr/docs/dummypost/sunpostpreserve2007-09-2804:48:53.379 (File not found)
I have verified that the following entry is made in the obj.conf
PathCheck fn=validate_session_policy
<Object ppath="*/dummypost/sunpostpreserve*">
Service type=text/* method=(GET) fn=append_post_data
</Object>
<Object ppath="*/UpdateAgentCacheServlet*">
Service type=text/* method=(POST) fn=process_notification
</Object>
I am using the PA 2.2 which says that the following bug is fixed.
Bug(s) fixed in 2.2 RTM Hotpatch 8
==================================
Bug#: 6545159
Agent type: Sun Java System Web Server agent
Description: CDSSO mode wipes out form post data
Appreciate your help.
thanks & regards
MadhuHi
Now I get 404 error and the logs in amAgent is
2007-10-03 04:56:20.922 Error 22356:a51e558 PolicyAgent: Error Registering POST content body
2007-10-03 04:56:20.922MaxDebug 22356:a51e558 PolicyAgent: Register POST content body : (null)
2007-10-03 04:56:20.923 Debug 22356:a51e558 PolicyAgent: Register POST data key :2007-10-0304:56:20.922
2007-10-03 04:56:20.923 Error 22356:a51e558 PolicyAgent: am_web_postcache_insert(): Unknown exception encountered.
2007-10-03 04:56:20.923 Warning 22356:a51e558 PolicyAgent: Register POST data insert into hash table failed:2007-10-0304:56:20.922
And in the errors log file of SJSWS is+_
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="uri-clean" Directive="PathCheck"
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="uri-clean" Directive="PathCheck" returned 0 (REQ_PROCEED)
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="find-pathinfo" Directive="PathCheck"
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="find-pathinfo" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="find-index-j2ee" Directive="PathCheck"
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="find-index-j2ee" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="find-index" index-names="index.html,home.html,index.jsp" Directive="PathCheck"
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="find-index" index-names="index.html,home.html,index.jsp" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:05:13:05] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="validate_session_policy" Directive="PathCheck"
[03/Oct/2007:05:13:05] fine (22515): Updating accelerator cache
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="validate_session_policy" Directive="PathCheck" returned 0 (REQ_PROCEED)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="type-j2ee" Directive="ObjectType"
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="type-j2ee" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="type-by-extension" Directive="ObjectType"
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="type-by-extension" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="force-type" type="text/plain" Directive="ObjectType"
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="force-type" type="text/plain" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing method="(GET|HEAD|POST)" type="*~magnus-internal/*" fn="send-file" Directive="Service"
[03/Oct/2007:05:13:14] warning (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, send-file reports: HTTP4142: can't find /opt/WMS/rel/www/webserver7/https-localhost.localdomain/docs/dummypost/sunpostpreserve2007-10-0304:56:20.922 (File not found)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: method="(GET|HEAD|POST)" type="*~magnus-internal/*" fn="send-file" Directive="Service" returned -1 (REQ_ABORTED)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="error-j2ee" Directive="Error"
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="error-j2ee" Directive="Error" returned -2 (REQ_NOACTION)
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: executing fn="flex-log" Directive="AddLog"
[03/Oct/2007:05:13:14] finest (22515): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0304:56:20.922, func_exec reports: fn="flex-log" Directive="AddLog" returned 0 (REQ_PROCEED)
thanks
Madhu -
Policy Agent 2.1 for IBM WebSphere Application Server 5.0 can't install
I install Policy Agent 2.1 for IBM WebSphere Application Server 5.0
But Can't install success
resone:
Base Installation completed Successfully
WebSphere 5.0 Agent ClassPath : C:/Sun/IdentityServer/j2ee_agents/lib/am_sdk.jar;C:/Sun/IdentityServer/j2ee_agents/lib/am_services.jar;C:/Sun/IdentityServer/j2ee_agents/lib/am_sso_provider.jar;C:/Sun/IdentityServer/j2ee_agents/lib/am_logging.jar;C:/Sun/IdentityServer/j2ee_agents/config/F__Program Files_WebSphere_AppServer_config_cells_tmbsp103_nodes_tmbsp103_servers_server1;C:/Sun/IdentityServer/j2ee_agents/locale
WebSphere 5.0 Agent Boot ClassPath : C:/Sun/IdentityServer/j2ee_agents/lib/jdk_logging.jar
WebSphere 5.0 Agent JVM options : -Damconfig=AMAgent -Dmax_conn_pool=10 -Dmin_conn_pool=1 -Dcom.iplanet.coreservices.configpath=C:/Sun/IdentityServer/j2ee_agents/config/F__Program Files_WebSphere_AppServer_config_cells_tmbsp103_nodes_tmbsp103_servers_server1/ums -Djava.util.logging.manager=com.sun.identity.log.LogManager -Djava.util.logging.config.file=C:/Sun/IdentityServer/j2ee_agents/config/F__Program Files_WebSphere_AppServer_config_cells_tmbsp103_nodes_tmbsp103_servers_server1/AMAgent.properties -Djava.protocol.handler.pkgs=com.ibm.net.ssl.internal.www.protocol -Dws.ext.dirs=C:/Sun/IdentityServer/j2ee_agents/lib
The server.policy file was configured successfully.
Global Security Settings Configured Successfully.
sas.client.props file Configuration FAILED.
soap.client.props file Configuration FAILED.
sas.client.props /soap.client.props two file how to Configuration ??From your description, since the agent installs file with a different JRE, I would suspect it has something to do with the availability of JCE provider in the first JRE. By default, WebSphere's JRE is equipped with IBM JCE provider which is what the agent uses to encrypt the necessary
information. If this provider is not configured correctly it could result in the error that you are seeing. Please check the WebSphere installation and make sure that the JRE used by it has the necessary IBM JCE provider configured. The java.security file for this should contain something like:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.jsse.IBMJSSEProvider
security.provider.4=com.ibm.security.cert.IBMCertPath
security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
Also, make sure that when you are installing the agent you specify the Java Home as prompted by the agent to point to the location where this JRE is installed. Typically this is under WebSphere/AppServer/java directory. HTH, Jerry -
Unable to install policy agent 2.2 for Webserver 6.1 on Windows 2003
Hi everybody,
I've installed Java Enterprise Server (last version) on Windows 2003 with these components:
- Directory Server
- Access Manager
- Webserver
- Administration Server
Everything works good, I can access all those components.
Now I want to use Policy Agent 2.2. So I've downloaded it and I've tried to install...
But during the installation process, an error message appear when I select the Web Server instance directory to protect.
It says: "invalid web server instance - on windows, Access Manager Policy Agent only supports Web Server 6.0 and 6.1.....".
The problem is that I work with WebServer 6.1....
I really don't know what to do now... This message prevent me to go further.
What's the problem? How can I avoid this?
Thanks for your help!
AdrienOkay, here's what it says:
"The upgrade patch cannot be installed by the Windows Installer service because the program to be upgraded may be missing, ot the updgrade pathc may update a different version of the program. Verify that the program to be upgraded exists on your computer and that you have the correct update patch".
I don't even know what program I'm supposed to have.
Ideas, anyone? -
Access Manager Policy Agent 2.2 for Oracle 10g
I Installed AM Policy Agent 2.2 on Oracle App Server 10g (10.1.3). After install I don't get the redirect to the AM login page. The agent does not appear to be activated. When I restart the Oracle App server I expect to see logs entries from the agent in <agenthome>/logs/debug, but I don't get any log entries.
The agent was installed as oracle (same as the 10g server).
Entries in the 10g global application.xml for the agent:
ibrary path="/opt/AMAgent/j2ee_agents/am_oracle1012_agent/agent_001/config">
</library>
<library path="/opt/AMAgent/j2ee_agents/am_oracle1012_agent/locale">
</library>
<library path="/opt/AMAgent/j2ee_agents/am_oracle1012_agent/lib/agent.jar">
</library>
<library path="/opt/AMAgent/j2ee_agents/am_oracle1012_agent/lib/amclientsdk.jar">
</library>
AMAgent.properties settings:
com.iplanet.services.debug.level=message
com.sun.identity.agents.config.filter.mode = URL_POLICY
My goal is to protect all apps with SSO and basic url policies.
Any ideas on what I'm doing wrong? missing?Hi,
have you added the agent filter for the application you are trying to protect
<filter>
<filter-name>Agent</filter-name>
<display-name>Agent</display-name>
<filter-class>
com.sun.identity.agents.filter.AmAgentFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>Agent</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping> -
Problem in POST data preserve in Policy Agent 2.2 for SJSWS 7.0
Hi
Appreciate your help.
I am using SJSWS 7.0 U1 and the PA for the same.
I have a requirement to preserve the POST data when during the following situation.
Consider a situation where in the user has logged in to our webapp and the user remains in a page which has a form with Post method .
Mean while the session (of AM) times out and now the user enters the data in the data and submits the form.
The user will be redirected to the login page and then the requested service should be performed, which is not happening in this case(POST). Suppose in if the form used a GET method this works fine.
I get 500 internal server in the browser.
I have set the following property to true in AMAgent.properties to true.
com.sun.am.policy.agents.config.postdata.preserve.enable
My obj.conf has the following entry.
<Object ppath="*/dummypost/sunpostpreserve*">
Service type=text/* method=(GET|HEAD|POST) fn=append_post_data
(note It had only GET originally)
</Object>
<Object ppath="*/UpdateAgentCacheServlet*">
Service type=text/* method=(POST) fn=process_notification
</Object>
The amAgent Logfile has the following errors
2007-10-03 07:03:05.735 Error 22984:92e14d8 PolicyAgent: Error Registering POST content body
2007-10-03 07:03:05.735MaxDebug 22984:92e14d8 PolicyAgent: Register POST content body : (null)
2007-10-03 07:03:05.735 Debug 22984:92e14d8 PolicyAgent: Register POST data key :2007-10-0307:03:05.735
2007-10-03 07:03:05.735 Error 22984:92e14d8 PolicyAgent: am_web_postcache_insert(): Unknown exception encountered.
2007-10-03 07:03:05.735 Warning 22984:92e14d8 PolicyAgent: Register POST data insert into hash table failed:2007-10-0307:03:05.735
2007-10-03 07:03:09.093MaxDebug 22984:92e14d8 PolicyAgent: validate_session_policy(): Completed handling request with status: success.
2007-10-03 07:03:09.093 Debug 22984:92e14d8 PolicyAgent: POST Magic Query Value : 2007-10-0307:03:05.735
2007-10-03 07:03:09.093 Debug 22984:92e14d8 PolicyAgent: Found magic URI but entry not in POST Hash table :2007-10-0307:03:05.735
And the errors log in the SJSWS.
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="uri-clean" Directive="PathCheck" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="find-pathinfo" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="find-pathinfo" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="find-index-j2ee" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="find-index-j2ee" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="find-index" index-names="index.html,home.html,index.jsp" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="find-index" index-names="index.html,home.html,index.jsp" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="validate_session_policy" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="validate_session_policy" Directive="PathCheck" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="type-j2ee" Directive="ObjectType"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="type-j2ee" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="type-by-extension" Directive="ObjectType"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="type-by-extension" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="force-type" type="text/plain" Directive="ObjectType"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="force-type" type="text/plain" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing type="text/*" method="(GET|HEAD|POST)" fn="append_post_data" Directive="Service"
[03/Oct/2007:06:50:39] failure (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: HTTP2302: Function append_post_data aborted the request without setting the status code
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: type="text/*" method="(GET|HEAD|POST)" fn="append_post_data" Directive="Service" returned -1 (REQ_ABORTED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="error-j2ee" Directive="Error"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="error-j2ee" Directive="Error" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="flex-log" Directive="AddLog"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="flex-log" Directive="AddLog" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:40] fine (22984): Updating accelerator cache
regards
Madhu MHi
Appreciate your help.
I am using SJSWS 7.0 U1 and the PA for the same.
I have a requirement to preserve the POST data when during the following situation.
Consider a situation where in the user has logged in to our webapp and the user remains in a page which has a form with Post method .
Mean while the session (of AM) times out and now the user enters the data in the data and submits the form.
The user will be redirected to the login page and then the requested service should be performed, which is not happening in this case(POST). Suppose in if the form used a GET method this works fine.
I get 500 internal server in the browser.
I have set the following property to true in AMAgent.properties to true.
com.sun.am.policy.agents.config.postdata.preserve.enable
My obj.conf has the following entry.
<Object ppath="*/dummypost/sunpostpreserve*">
Service type=text/* method=(GET|HEAD|POST) fn=append_post_data
(note It had only GET originally)
</Object>
<Object ppath="*/UpdateAgentCacheServlet*">
Service type=text/* method=(POST) fn=process_notification
</Object>
The amAgent Logfile has the following errors
2007-10-03 07:03:05.735 Error 22984:92e14d8 PolicyAgent: Error Registering POST content body
2007-10-03 07:03:05.735MaxDebug 22984:92e14d8 PolicyAgent: Register POST content body : (null)
2007-10-03 07:03:05.735 Debug 22984:92e14d8 PolicyAgent: Register POST data key :2007-10-0307:03:05.735
2007-10-03 07:03:05.735 Error 22984:92e14d8 PolicyAgent: am_web_postcache_insert(): Unknown exception encountered.
2007-10-03 07:03:05.735 Warning 22984:92e14d8 PolicyAgent: Register POST data insert into hash table failed:2007-10-0307:03:05.735
2007-10-03 07:03:09.093MaxDebug 22984:92e14d8 PolicyAgent: validate_session_policy(): Completed handling request with status: success.
2007-10-03 07:03:09.093 Debug 22984:92e14d8 PolicyAgent: POST Magic Query Value : 2007-10-0307:03:05.735
2007-10-03 07:03:09.093 Debug 22984:92e14d8 PolicyAgent: Found magic URI but entry not in POST Hash table :2007-10-0307:03:05.735
And the errors log in the SJSWS.
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="uri-clean" Directive="PathCheck" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="find-pathinfo" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="find-pathinfo" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="find-index-j2ee" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="find-index-j2ee" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="find-index" index-names="index.html,home.html,index.jsp" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="find-index" index-names="index.html,home.html,index.jsp" Directive="PathCheck" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="validate_session_policy" Directive="PathCheck"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="validate_session_policy" Directive="PathCheck" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="type-j2ee" Directive="ObjectType"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="type-j2ee" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="type-by-extension" Directive="ObjectType"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="type-by-extension" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="force-type" type="text/plain" Directive="ObjectType"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="force-type" type="text/plain" Directive="ObjectType" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing type="text/*" method="(GET|HEAD|POST)" fn="append_post_data" Directive="Service"
[03/Oct/2007:06:50:39] failure (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: HTTP2302: Function append_post_data aborted the request without setting the status code
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: type="text/*" method="(GET|HEAD|POST)" fn="append_post_data" Directive="Service" returned -1 (REQ_ABORTED)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="error-j2ee" Directive="Error"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="error-j2ee" Directive="Error" returned -2 (REQ_NOACTION)
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: executing fn="flex-log" Directive="AddLog"
[03/Oct/2007:06:50:39] finest (22984): for host 27.63.254.1 trying to POST /dummypost/sunpostpreserve2007-10-0306:50:35.348, func_exec reports: fn="flex-log" Directive="AddLog" returned 0 (REQ_PROCEED)
[03/Oct/2007:06:50:40] fine (22984): Updating accelerator cache
regards
Madhu M
Maybe you are looking for
-
PP Experts, Its my understanding that PP-Kanban is not currently compatible with project stock. To take that a step further some of my colleagues have gone so far as to say that Kanban does not make sense with project stock. I'm not sure that i 100
-
Vista Installation seems to work, until application won't launch - stuck in permissions
Hey there In an effort to use an AIR application (CurationSoft) I installed AIR. BUT then when I go to launch the application the following message pops up and nothing happens: I've tried a multitude of combinations: uninstalling both, allowing the a
-
User creating problem in oracle9i lite.
Platform for Mobile Server : Windows 2000 advanced server. 9i lite ver. 5.0.1 Database : Oracle 9.0.1.1.1 Hi i'm logging into mobile server control center as administrator. And i create users for the applications. But when i try to list the users, th
-
Links category in Page Properties
In most of my pages, the Page Properties does not list "Links" in Categories, so I am unable to change properties of links - like eliminating underlining, or changing the color of visited links, etc. The affected pages have Appearance, Title/Encoding
-
TS3276 Under accounts there is nothing in password
Hi In mail there is a mesage showing as in the figer one is showing with a ! next to it but nothing is showing in the main body, also I have tried to send an e-mail out but that is in the out box not going out. I have just tried the Mail on my iPad b