Topic
  • 8 replies
  • Latest Post - ‏2009-02-25T16:55:18Z by SystemAdmin
s.berry
s.berry
15 Posts

Pinned topic Token Expired Exception

‏2009-01-26T09:11:48Z |
I'm using the WebSphere Scheduler Service to run a task continuously. After some period of time, I get this exception: com.ibm.websphere.security.auth.TokenExpiredException . I don't know if this has to do with using the scheduler. Here is the full stack trace of the exception:
1/25/09 17:59:01:674 IST 00000057 LTPAServerObj W SECJ0371W: Validation of the LTPA token failed because the token expired with the following info: Token expiration Date: Sun Jan 25 17:58:36 IST 2009, current Date: Sun Jan 25 17:59:01 IST 2009.
1/25/09 17:59:02:971 IST 00000057 Core E CWSCA2001E: The SCA message-driven bean returned the following exception: "com.ibm.websphere.sca.ServiceRuntimeException: caused by: Major Code[0] Minor Code[0] Message Token expiration Date: Sun Jan 25 17:58:36 IST 2009, current Date: Sun Jan 25 17:59:01 IST 2009".
1/25/09 17:59:02:971 IST 00000057 ExceptionUtil E CNTR0020E: EJB threw an unexpected (non-declared) exception during invocation of method "onMessage" on bean "BeanId(CommercialWareQueueApp#CommercialWareQueueEJB.jar#ServiceSIBusMessageBean, null)". Exception data: com.ibm.websphere.security.auth.TokenExpiredException: Token expiration Date: Sun Jan 25 17:58:36 IST 2009, current Date: Sun Jan 25 17:59:01 IST 2009
at com.ibm.ws.security.ltpa.LTPAToken.isValid(LTPAToken.java:248)
at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken(LTPAServerObject.java:1004)
at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken(LTPAServerObject.java:901)
at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken(LTPAServerObject.java:870)
at com.ibm.ws.security.ltpa.LTPAServerObject.validate(LTPAServerObject.java:1234)
at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:607)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:209)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709)
at java.security.AccessController.doPrivileged(AccessController.java:246)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706)
at javax.security.auth.login.LoginContext.login(LoginContext.java:603)
at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:188)
at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:2942)
at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:2730)
at com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextLTPAImpl.acceptSecContext(WSSecurityContextLTPAImpl.java:304)
at com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextLTPAImpl.acceptSecContext(WSSecurityContextLTPAImpl.java:222)
at com.ibm.ws.sca.internal.managed.security.SecurityContextManager.restoreAuthenticationToken(SecurityContextManager.java:668)
at com.ibm.ws.sca.internal.managed.security.SecurityManagerImpl.restoreAuthenticationToken(SecurityManagerImpl.java:258)
at com.ibm.ws.sca.internal.securitycontext.handler.AbstractSecurityContextHandler$1.run(AbstractSecurityContextHandler.java:139)
at java.security.AccessController.doPrivileged(AccessController.java:246)
at com.ibm.ws.sca.internal.securitycontext.handler.AbstractSecurityContextHandler.retrieveSecurityInfoFromMessage(AbstractSecurityContextHandler.java:119)
at com.ibm.ws.sca.internal.securitycontext.handler.TargetSecurityContextHandler.processMessage(TargetSecurityContextHandler.java:80)
at com.ibm.ws.sca.internal.message.impl.MessageDispatcherImpl.processMessage(MessageDispatcherImpl.java:1298)
at com.ibm.ws.sca.internal.message.impl.ManagedMessageImpl.process(ManagedMessageImpl.java:834)
at com.ibm.ws.sca.internal.async.impl.AbstractAsyncInboundHandler.processMessage(AbstractAsyncInboundHandler.java:122)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.processMessage(ServiceSIBusMessageBean.java:282)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.access$000(ServiceSIBusMessageBean.java:54)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean$1.onMessage(ServiceSIBusMessageBean.java:79)
at com.ibm.wbiserver.manualrecovery.ejb.RecoveryMDBHandler.processMessage(RecoveryMDBHandler.java:126)
at com.ibm.wbiserver.manualrecovery.ejb.RecoveryMDBHandler.onMessage(RecoveryMDBHandler.java:82)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.onMessage(ServiceSIBusMessageBean.java:132)
at sun.reflect.GeneratedMethodAccessor333.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.ibm.ejs.container.MessageEndpointHandler.invokeMdbMethod(MessageEndpointHandler.java:1018)
at com.ibm.ejs.container.MessageEndpointHandler.invoke(MessageEndpointHandler.java:747)
at $Proxy52.onMessage(Unknown Source)
at com.ibm.ws.sib.ra.inbound.impl.SibRaEndpointInvokerImpl.invokeEndpoint(SibRaEndpointInvokerImpl.java:156)
at com.ibm.ws.sib.ra.inbound.impl.SibRaDispatcher.dispatch(SibRaDispatcher.java:768)
at com.ibm.ws.sib.ra.inbound.impl.SibRaSingleProcessListener$SibRaWork.run(SibRaSingleProcessListener.java:584)
at com.ibm.ejs.j2c.work.WorkProxy.run(WorkProxy.java:419)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473)

SCA context:
Interaction: invokeAsync,startQueue => {CommercialWareQueue}QueueHome.component
Handler: com/ibm/ws/sca/internal/securitycontext/handler/TargetSecurityContextHandler (com.ibm.ws.sca.internal.securitycontext.handler.TargetSecurityContextHandler,com/ibm/wsspi/sca/extensions/WireTargetGroup2)

Wrapped by:
com.ibm.websphere.sca.ServiceRuntimeException: caused by: Major Code[0] Minor Code[0] Message Token expiration Date: Sun Jan 25 17:58:36 IST 2009, current Date: Sun Jan 25 17:59:01 IST 2009
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.processMessage(ServiceSIBusMessageBean.java:336)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.access$000(ServiceSIBusMessageBean.java:54)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean$1.onMessage(ServiceSIBusMessageBean.java:79)
at com.ibm.wbiserver.manualrecovery.ejb.RecoveryMDBHandler.processMessage(RecoveryMDBHandler.java:126)
at com.ibm.wbiserver.manualrecovery.ejb.RecoveryMDBHandler.onMessage(RecoveryMDBHandler.java:82)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.onMessage(ServiceSIBusMessageBean.java:132)
at sun.reflect.GeneratedMethodAccessor333.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.ibm.ejs.container.MessageEndpointHandler.invokeMdbMethod(MessageEndpointHandler.java:1018)
at com.ibm.ejs.container.MessageEndpointHandler.invoke(MessageEndpointHandler.java:747)
at $Proxy52.onMessage(Unknown Source)
at com.ibm.ws.sib.ra.inbound.impl.SibRaEndpointInvokerImpl.invokeEndpoint(SibRaEndpointInvokerImpl.java:156)
at com.ibm.ws.sib.ra.inbound.impl.SibRaDispatcher.dispatch(SibRaDispatcher.java:768)
at com.ibm.ws.sib.ra.inbound.impl.SibRaSingleProcessListener$SibRaWork.run(SibRaSingleProcessListener.java:584)
at com.ibm.ejs.j2c.work.WorkProxy.run(WorkProxy.java:419)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473)
Caused by: Major Code[0] Minor Code[0] Message Token expiration Date: Sun Jan 25 17:58:36 IST 2009, current Date: Sun Jan 25 17:59:01 IST 2009
at com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextLTPAImpl.acceptSecContext(WSSecurityContextLTPAImpl.java:316)
at com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextLTPAImpl.acceptSecContext(WSSecurityContextLTPAImpl.java:222)
at com.ibm.ws.sca.internal.managed.security.SecurityContextManager.restoreAuthenticationToken(SecurityContextManager.java:668)
at com.ibm.ws.sca.internal.managed.security.SecurityManagerImpl.restoreAuthenticationToken(SecurityManagerImpl.java:258)
at com.ibm.ws.sca.internal.securitycontext.handler.AbstractSecurityContextHandler$1.run(AbstractSecurityContextHandler.java:139)
at java.security.AccessController.doPrivileged(AccessController.java:246)
at com.ibm.ws.sca.internal.securitycontext.handler.AbstractSecurityContextHandler.retrieveSecurityInfoFromMessage(AbstractSecurityContextHandler.java:119)
at com.ibm.ws.sca.internal.securitycontext.handler.TargetSecurityContextHandler.processMessage(TargetSecurityContextHandler.java:80)
at com.ibm.ws.sca.internal.message.impl.MessageDispatcherImpl.processMessage(MessageDispatcherImpl.java:1298)
at com.ibm.ws.sca.internal.message.impl.ManagedMessageImpl.process(ManagedMessageImpl.java:834)
at com.ibm.ws.sca.internal.async.impl.AbstractAsyncInboundHandler.processMessage(AbstractAsyncInboundHandler.java:122)
at com.ibm.wsspi.sca.async.bean.impl.ServiceSIBusMessageBean.processMessage(ServiceSIBusMessageBean.java:282)
... 16 more
Caused by: com.ibm.websphere.security.auth.WSLoginFailedException: Token expiration Date: Sun Jan 25 17:58:36 IST 2009, current Date: Sun Jan 25 17:59:01 IST 2009
at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken(LTPAServerObject.java:1048)
at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken(LTPAServerObject.java:901)
at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken(LTPAServerObject.java:870)
at com.ibm.ws.security.ltpa.LTPAServerObject.validate(LTPAServerObject.java:1234)
at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:607)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:209)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709)
at java.security.AccessController.doPrivileged(AccessController.java:246)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706)
at javax.security.auth.login.LoginContext.login(LoginContext.java:603)
at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:188)
at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:2942)
at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:2730)
at com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextLTPAImpl.acceptSecContext(WSSecurityContextLTPAImpl.java:304)
... 27 more
Updated on 2009-02-25T16:55:18Z at 2009-02-25T16:55:18Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    6089 Posts

    Re: Token Expired Exception

    ‏2009-01-26T13:55:11Z  
    What topology - Standalone, Cell (Bronze, Silver, Goldenhttp:// Chapter three in WebSphere Business Process Management V6.1.2 Production Topologies (SG24-7665-00)) What version 6.1.2, 6.2?
  • s.berry
    s.berry
    15 Posts

    Re: Token Expired Exception

    ‏2009-01-26T14:53:39Z  
    I'm using version 6.2, but I'm not sure of the topology. I have a remote stateless session EJB that is invoked by the scheduler. the EJB invokes a long-running business process through a stand-alone reference using the invokeAsync() method which returns a ticket. whenever the EJB is invoked again by the scheduler, it calls the invokeResponse() method passing it the previous ticket to check whether the business process has replied or not. this works fine for a while, but then I get the TokenExpiredException. Using the choreographer explorer, I can see that the business process has finished and replied, but the EJB doesn't get the reply anymore when when calling invokeResponse(ticket).
  • SystemAdmin
    SystemAdmin
    6089 Posts

    Re: Token Expired Exception

    ‏2009-02-05T16:04:15Z  
    Try to disable the application security in the admin console. I had a similar problem in WPS 6.2.
  • s.berry
    s.berry
    15 Posts

    Re: Token Expired Exception

    ‏2009-02-08T14:41:21Z  
    Yes I notices that disabling security eliminates the problem, but I don't think that's the right thing to do. How do we design processes that handle websphere security? I believe that's what we should be after. Any useful information?
  • SystemAdmin
    SystemAdmin
    6089 Posts

    Re: Token Expired Exception

    ‏2009-02-10T15:40:33Z  
    s.berry,
    I am having a similar issue. All works great in my sandbox but in our dev environment it fails and we have security turned on.

    2/9/09 23:03:53:761 EST 00000037 AlarmListener E SCHD0063E: A task with ID 51 failed to run on Scheduler PESCHEDULER (sched/ProcessEngine) because of an exception: com.ibm.websphere.security.auth.WSLoginFailedException: Username and/or password is null..

    Were you able to figure out how to integrate security.

    Thanks
  • SystemAdmin
    SystemAdmin
    6089 Posts

    Re: Token Expired Exception

    ‏2009-02-10T17:20:43Z  
    Try to disable the application security in the admin console. I had a similar problem in WPS 6.2.
    dwforums@us.ibm.com wrote:
    > Try to disable the application security in the admin console. I had a similar problem in WPS 6.2.

    I thought that those Token Expired exceptions are a WebSphere
    Application Server issue when the system clocks of the servers are not
    in sync. Thus when a Token is created from a system with a 'past' date
    the system in the 'future' thinks its too old to be valid.
  • Chandrakant@IBMDevWorks
    17 Posts

    Re: Token Expired Exception

    ‏2009-02-19T17:40:27Z  
    hi There
    In admin console go to
    I left panel go to
    Security->Secure administration,applications,and infrastructure->Authentication mechanisms and expiration->click on "Generate Keys"
    Restart server.
    your problem must be solved.
  • SystemAdmin
    SystemAdmin
    6089 Posts

    Re: Token Expired Exception

    ‏2009-02-25T16:55:18Z  
    hi There
    In admin console go to
    I left panel go to
    Security->Secure administration,applications,and infrastructure->Authentication mechanisms and expiration->click on "Generate Keys"
    Restart server.
    your problem must be solved.
    Hi,
    for me the problem does not seem to be an invalid key. According to the exception the LTPA token has expired. This means, that the scheduler should acquire a new LTPA token, but tries to further use the old expired token. Increasing the time the token is valid should only move the problem to a later point, where the token will get invalid again. Somehow the scheduler must aquire a new token, when the old gets invalid

    Markus