Topic
7 replies Latest Post - ‏2011-07-27T16:31:31Z by SystemAdmin
SystemAdmin
SystemAdmin
693 Posts
ACCEPTED ANSWER

Pinned topic configure ldap

‏2009-03-17T15:27:01Z |
I wonder, is it nessesary to configure LDAP in IBM FileNet Configuration Manager when installing CE? Can it be cause of such error( when open http://localhost:9080/FileNet/Engine ) ?
om.filenet.api.exception.EngineRuntimeException: E_NOT_AUTHENTICATED: The user is not authenticated. at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:127) at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:70) at com.filenet.engine.context.CallState.getSystemSubject(CallState.java:303) at com.filenet.engine.context.CallState.doAsSystem(CallState.java:385) at com.filenet.engine.init.StartupUtility.startASSystem(StartupUtility.java:63) at com.filenet.engine.jca.impl.ConnectionFactoryImpl.start(ConnectionFactoryImpl.java:120) at engine.EngineInit._init(EngineInit.java:71) at engine.EngineInit.init(EngineInit.java:143) at javax.servlet.GenericServlet.init(GenericServlet.java:256) at com.ibm.ws.webcontainer.servlet.ServletWrapper.init(ServletWrapper.java:219) at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.init(ServletWrapper.java:319) at com.ibm.ws.webcontainer.servlet.ServletWrapper.initialize(ServletWrapper.java:1251) at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.initialize(ServletWrapper.java:152) at com.ibm.wsspi.webcontainer.extension.WebExtensionProcessor.createServletWrapper(WebExtensionProcessor.java:99) at com.ibm.ws.webcontainer.webapp.WebApp.getServletWrapper(WebApp.java:886) at com.ibm.ws.webcontainer.webapp.WebApp.getServletWrapper(WebApp.java:808) at com.ibm.ws.webcontainer.webapp.WebApp.initializeTargetMappings(WebApp.java:526) at com.ibm.ws.webcontainer.webapp.WebApp.commonInitializationFinish(WebApp.java:363) at com.ibm.ws.wswebcontainer.webapp.WebApp.initialize(WebApp.java:292) at com.ibm.ws.wswebcontainer.webapp.WebGroup.addWebApplication(WebGroup.java:92) at com.ibm.ws.wswebcontainer.VirtualHost.addWebApplication(VirtualHost.java:157) at com.ibm.ws.wswebcontainer.WebContainer.addWebApp(WebContainer.java:671) at com.ibm.ws.wswebcontainer.WebContainer.addWebApplication(WebContainer.java:624) at com.ibm.ws.webcontainer.component.WebContainerImpl.install(WebContainerImpl.java:335) at com.ibm.ws.webcontainer.component.WebContainerImpl.start(WebContainerImpl.java:551) at com.ibm.ws.runtime.component.ApplicationMgrImpl.start(ApplicationMgrImpl.java:1305) at com.ibm.ws.runtime.component.DeployedApplicationImpl.fireDeployedObjectStart(DeployedApplicationImpl.java:1138) at com.ibm.ws.runtime.component.DeployedModuleImpl.start(DeployedModuleImpl.java:569) at com.ibm.ws.runtime.component.DeployedApplicationImpl.start(DeployedApplicationImpl.java:817) at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:951) at com.ibm.ws.runtime.component.ApplicationMgrImpl$AppInitializer.run(ApplicationMgrImpl.java:2157) at com.ibm.wsspi.runtime.component.WsComponentImpl$_AsynchInitializer.run(WsComponentImpl.java:342) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473) Caused by: javax.security.auth.login.LoginException: ??????????? ??????????? ?????? LoginModules ??? FileNetP8Engine at javax.security.auth.login.LoginContext.init(LoginContext.java:279) at javax.security.auth.login.LoginContext.(LoginContext.java:426) at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:108)
Updated on 2011-07-27T16:31:31Z at 2011-07-27T16:31:31Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    693 Posts
    ACCEPTED ANSWER

    Re: configure ldap

    ‏2009-03-18T16:58:41Z  in response to SystemAdmin
    1. Check the LDAP connection from application server you are using. Test Connection to LDAP should be successful.
    2. Check all FileNet Login Modules are installed.
    3. Best practise is use hostname or IP when using CE URL or Workplace URL instead of using localhsot.
    • SystemAdmin
      SystemAdmin
      693 Posts
      ACCEPTED ANSWER

      Re: configure ldap

      ‏2009-03-20T10:25:44Z  in response to SystemAdmin
      Thank you for you replay! problem was in WebSphere secuirity
      • SystemAdmin
        SystemAdmin
        693 Posts
        ACCEPTED ANSWER

        Re: configure ldap

        ‏2009-06-04T05:46:30Z  in response to SystemAdmin
        hi i am having a similar type of problem i have conten engine installed in aix machine

        i have tested my ldap connection and

        i think i have taken care of security issues of websphere which was mentioned in plan and prepare guide and i am using 4.5 version of filenet
        and when i try to access
        http://reen1.in.ibm.com:9080/FileNet/Engine from windows machine i get following exceptions
        com.filenet.api.exception.EngineRuntimeException: E_NOT_AUTHENTICATED: The user is not authenticated. at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:127) at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:70) at com.filenet.engine.context.CallState.getSystemSubject(CallState.java:303) at com.filenet.engine.context.CallState.doAsSystem(CallState.java:385) at com.filenet.engine.init.StartupUtility.startASSystem(StartupUtility.java:63) at com.filenet.engine.jca.impl.ConnectionFactoryImpl.start(ConnectionFactoryImpl.java:120) at engine.EngineInit._init(EngineInit.java:71) at engine.EngineInit.init(EngineInit.java:143) at javax.servlet.GenericServlet.init(GenericServlet.java:256) at com.ibm.ws.webcontainer.servlet.ServletWrapper.init(ServletWrapper.java:199) at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.init(ServletWrapper.java:319) at com.ibm.ws.webcontainer.servlet.ServletWrapper.initialize(ServletWrapper.java:1230) at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.initialize(ServletWrapper.java:152) at com.ibm.wsspi.webcontainer.extension.WebExtensionProcessor.createServletWrapper(WebExtensionProcessor.java:99) at com.ibm.ws.webcontainer.webapp.WebApp.getServletWrapper(WebApp.java:849) at com.ibm.ws.webcontainer.webapp.WebApp.getServletWrapper(WebApp.java:771) at com.ibm.ws.webcontainer.webapp.WebApp.initializeTargetMappings(WebApp.java:491) at com.ibm.ws.webcontainer.webapp.WebApp.commonInitializationFinish(WebApp.java:328) at com.ibm.ws.wswebcontainer.webapp.WebApp.initialize(WebApp.java:290) at com.ibm.ws.wswebcontainer.webapp.WebGroup.addWebApplication(WebGroup.java:90) at com.ibm.ws.wswebcontainer.VirtualHost.addWebApplication(VirtualHost.java:157) at com.ibm.ws.wswebcontainer.WebContainer.addWebApp(WebContainer.java:665) at com.ibm.ws.wswebcontainer.WebContainer.addWebApplication(WebContainer.java:618) at com.ibm.ws.webcontainer.component.WebContainerImpl.install(WebContainerImpl.java:335) at com.ibm.ws.webcontainer.component.WebContainerImpl.start(WebContainerImpl.java:551) at com.ibm.ws.runtime.component.ApplicationMgrImpl.start(ApplicationMgrImpl.java:1303) at com.ibm.ws.runtime.component.DeployedApplicationImpl.fireDeployedObjectStart(DeployedApplicationImpl.java:1138) at com.ibm.ws.runtime.component.DeployedModuleImpl.start(DeployedModuleImpl.java:569) at com.ibm.ws.runtime.component.DeployedApplicationImpl.start(DeployedApplicationImpl.java:817) at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:949) at com.ibm.ws.runtime.component.ApplicationMgrImpl$AppInitializer.run(ApplicationMgrImpl.java:2122) at com.ibm.wsspi.runtime.component.WsComponentImpl$_AsynchInitializer.run(WsComponentImpl.java:342) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473) Caused by: com.ibm.websphere.security.auth.WSLoginFailedException at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPAServerObject.java:799) at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:453) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:209) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709) at java.security.AccessController.doPrivileged(AccessController.java:246) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706) at javax.security.auth.login.LoginContext.login(LoginContext.java:603) at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLoginHelper.java:376) at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:3406) at com.ibm.ws.security.common.auth.module.WSLoginModuleImpl.login(WSLoginModuleImpl.java:346) at com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy.login(WSLoginModuleProxy.java:122) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:209) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709) at java.security.AccessController.doPrivileged(AccessController.java:246) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706) at javax.security.auth.login.LoginContext.login(LoginContext.java:603) at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:112) ... 32 more Caused by: com.ibm.websphere.security.PasswordCheckFailedException at com.ibm.ws.wim.registry.util.LoginBridge.checkPassword(LoginBridge.java:203) at com.ibm.ws.wim.registry.WIMUserRegistry$1.run(WIMUserRegistry.java:173) at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:4042) at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:4139) at com.ibm.ws.wim.security.authz.jacc.JACCSecurityManager.runAsSuperUser(JACCSecurityManager.java:484) at com.ibm.ws.wim.security.authz.ProfileSecurityManager.runAsSuperUser(ProfileSecurityManager.java:961) at com.ibm.ws.wim.registry.WIMUserRegistry.checkPassword(WIMUserRegistry.java:162) at com.ibm.ws.security.registry.UserRegistryImpl.checkPassword(UserRegistryImpl.java:309) at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPAServerObject.java:774) ... 58 more Caused by: com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWWIM4537E No principal is found from the 'root' principal name. at com.ibm.ws.wim.ProfileManager.loginImpl(ProfileManager.java:3337) at com.ibm.ws.wim.ProfileManager.genericProfileManagerMethod(ProfileManager.java:266) at com.ibm.ws.wim.ProfileManager.login(ProfileManager.java:370) at com.ibm.websphere.wim.ServiceProvider.login(ServiceProvider.java:482) at com.ibm.ws.wim.registry.util.LoginBridge.checkPassword(LoginBridge.java:168) ... 66 more
        ...........plz help me out :(
        • mmba7
          mmba7
          5 Posts
          ACCEPTED ANSWER

          Re: configure ldap

          ‏2009-06-22T19:26:34Z  in response to SystemAdmin
          hi
          i am having the same problem as solo123
          any news how to resolve this issue ?
          thnkx
        • SystemAdmin
          SystemAdmin
          693 Posts
          ACCEPTED ANSWER

          Re: configure ldap

          ‏2009-06-23T10:31:21Z  in response to SystemAdmin
          As far I can observe:
          - com.ibm.websphere.security.PasswordCheckFailedException
          - No principal is found from the 'root' principal name

          Verify the LDAP config again! Seams that the username or password is not corect (in LDAP context).
      • SubratSuman
        SubratSuman
        2 Posts
        ACCEPTED ANSWER

        Re: configure ldap

        ‏2011-07-27T15:58:58Z  in response to SystemAdmin
        Hi,

        Can somebody tell whether it is necessary to install/configure LDAP for completing the CE installation.

        Can CE be installed without any directory server ( escaping the "Configure LDAP" step in congiguration manager )?
        Please do reply ....

        Thanks in advance !!
        • SystemAdmin
          SystemAdmin
          693 Posts
          ACCEPTED ANSWER

          Re: configure ldap

          ‏2011-07-27T16:31:31Z  in response to SubratSuman
          CE server has to be able to communicate with a directory to resolve users and groups for authorization checks (not authentication; that's handled by the application server).