IBM Support

After installing a Maximo 7.6 Feature Pack Interim Fix, Industry Solution, Add-On, users cannot log into Maximo

Question & Answer


Question

After the Maximo administrator installs a Maximo 7.6 Feature Pack, Interim Fix, Feature Pack, or Add-On, users cannot log in to Maximo, which displays an error. For example:
Login Error - The username or password you entered is incorrect. If you need your password reset, please contact our system admins.
BMXAA0026E - The action could not be performed because the application server security is enabled. Proper authorization is required to perform this action. Report this error to your system administrator.

Cause

Application Security change happens using Tivoli's process automation configuration tool (Configuration Tool or ConfigTool, and there was a problem with the database connection: for example, the database connect fails. If you exit the ConfigTool running, fix the connection problem, and start the Config Tool again, it can read the value of the mxe.useAppServerSecurity property from the database, and this problem does not happen.

At during Config Tool launch, it loads all saved data, including that from the database, and caches the data. The default value loaded for mxe.useAppServerSecurity is 1 (enabled). The Tool works with the cache as it applies selected actions. If you fixed the database connection problem but did not exit, the Configuration Tool continues to work with the cached data.

Answer

If Application Server Security is not meant to be enabled in the environment
Method 1
  1. Log into the Maximo application administration workstation as a member of the local Administrators group.
  2. Open an administrative command prompt.
  3. Navigate to the \IBM\SMP\ConfigTool\scripts directory.
  4. Run this script:
reconfigurePae -action disableAppSecurity
Running this script can fail. If it does, go to Method 2 to modify Maximo manually.
Method 2
Modify and save the following web.xml files, then rebuild and redeploy the Maximo EAR file.

The following is the list of web.xml files to be altered:

  • \IBM\SMP\maximo\applications\maximo\maximouiweb\webmodule\WEB-INF\web.xml
  • \IBM\SMP\maximo\applications\maximo\maxrestweb\webmodule\WEB-INF\web.xml
  • \IBM\SMP\maximo\applications\maximo\meaweb\webmodule\WEB-INF\web.xml
  • \IBM\SMP\maximo\applications\maximo\mboweb\webmodule\WEB-INF\web.xml

If Application Server Security is meant to be enabled in the environment

  1. Uncomment the <security-constraint> tags in all web.xml files, and make sure that the value of the useAppServerSecurity tag is set to 1.
  2. Set the <welcome-file> tag to the following:
<welcome-file>/ui/maximo.jsp</welcome-file>
  1. Using a SQL query tool, check the value of mxe.useAppServerSecurity:
SELECT PROPVALUE FROM MAXPROPVALUE WHERE PROPNAME='mxe.useAppServerSecurity';
If the value is 1 and Application Server Security is to be enabled, run the following update:
UPDATE MAXPROPVALUE SET PROPVALUE=1 WHERE PROPNAME='mxe.useAppServerSecurity';
  1. Comment out the <security-constraint> tags in all web.xml files, and make sure that value of the useAppServerSecurity tag is set to 0.
  2. Set the <welcome-file> tag to the following:
<welcome-file>/ui/maximo.jsp?welcome=true</welcome-file>
  1. Using a SQL query tool, check the value of mxe.useAppServerSecurity:
SELECT PROPVALUE FROM MAXPROPVALUE WHERE PROPNAME='mxe.useAppServerSecurity';
If the value is 1 and Application Server Security is not meant to be enabled, run the following update:
UPDATE MAXPROPVALUE SET PROPVALUE=0 WHERE PROPNAME='mxe.useAppServerSecurity';
Alternatively, if the Maximo directory was backed up before the change, replace the updated web.xml files with the old versions. Rebuild and redeploy the Maximo EAR.
Another workaround if Application Server Security is not meant to be enabled in the environment. Using the TPAE Configuration Tool (\IBM\SMP\ConfigTool\ConfigUI.exe), click Change Application Security Model. Using this method changes the security model to use application internal authentication and authorization (mxe.useAppServerSecurity=0). Check the boxes to build and deploy the application EAR files. Click apply. Using this method modifies the database and changes the web.xml files so that Application Server Security is not enabled.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSLKT6","label":"IBM Maximo Asset Management"},"Component":"System Related","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.6, 7.6.1","Edition":"Edition Independent","Line of Business":{"code":"LOB59","label":"Sustainability Software"}},{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSWT9A","label":"IBM Control Desk"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.6;7.6.1","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Document Information

Modified date:
28 October 2021

UID

swg21965424

Page Feedback