IC5Notice: We have upgraded developerWorks Community to the latest version of IBM Connections. For more information, read our upgrade FAQ.
Topic
  • 6 replies
  • Latest Post - ‏2012-09-20T21:49:37Z by SystemAdmin
SystemAdmin
SystemAdmin
693 Posts

Pinned topic Connecting to Filenet from IBM BPM using Java Api

‏2012-05-07T10:47:03Z |
Hi

I've built an application (.jar) that can connects to Filenet CE if i run it stand-alone. When I import it to my IBM Business Process Manager (running on websphere) i got this error:

Caused by: com.filenet.api.exception.EngineRuntimeException: FNRCE0040E: E_NOT_AUTHENTICATED: The user is not authenticated. errorStack={
at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:121)
at com.filenet.api.util.UserContext.createSubject(UserContext.java:279)
at functions.CEConnection.establishConnection(CEConnection.java:71)
....
Caused by: javax.security.auth.login.LoginException: No LoginModules configured for FileNetP8WSI
at javax.security.auth.login.LoginContext.init(LoginContext.java:279)
at javax.security.auth.login.LoginContext.(LoginContext.java:426)
at com.filenet.apiimpl.core.UserPasswordToken$1.run(UserPasswordToken.java:141)
at java.security.AccessController.doPrivileged(AccessController.java:251)
at com.filenet.apiimpl.core.UserPasswordToken.getPrivilegedLoginContext(UserPasswordToken.java:146)
at com.filenet.apiimpl.core.UserPasswordToken.getSubject(UserPasswordToken.java:106)
... 67 more
}
My code line for invoke the connection is the following:

con = Factory.Connection.getConnection(uri);
Subject sub = UserContext.createSubject(con,userName,password,stanza);
uc.pushSubject(sub);

The stanza used is: FileNetP8WSI

Can anyone help me?

Thanks
Updated on 2012-09-20T21:49:37Z at 2012-09-20T21:49:37Z by SystemAdmin
  • drdamour
    drdamour
    40 Posts

    Re: Connecting to Filenet from IBM BPM using Java Api

    ‏2012-05-07T18:49:09Z  
    right from your stack trace: " javax.security.auth.login.LoginException: No LoginModules configured for FileNetP8WSI"

    have you set up your JAAS on the BPM WAS to have a FileNetP8WSI stanza? one way to do this is to specify the java.security.auth.login.config system property as a JVM argument. You can also define stanza's within WAS itself (which is what i prefer to do).

    also, i think it's necessary to setup your credentials before calling get connection.

    Finally, have you considered syncing the LTPA keys between your IBM BPM server and your CE server, this way you don't need to capture the username and password in your code, you can just establish your connection.


    I am Just a new Boy,
    A Stranger in this Town,
    Where are All the Good Times,
    Who's Gonna Show this Stranger Around?
    Check out our Agile ACM Catalogue: Widgets, APIs, & Components for Building Solutions
  • SystemAdmin
    SystemAdmin
    693 Posts

    Re: Connecting to Filenet from IBM BPM using Java Api

    ‏2012-05-08T10:00:18Z  
    • drdamour
    • ‏2012-05-07T18:49:09Z
    right from your stack trace: " javax.security.auth.login.LoginException: No LoginModules configured for FileNetP8WSI"

    have you set up your JAAS on the BPM WAS to have a FileNetP8WSI stanza? one way to do this is to specify the java.security.auth.login.config system property as a JVM argument. You can also define stanza's within WAS itself (which is what i prefer to do).

    also, i think it's necessary to setup your credentials before calling get connection.

    Finally, have you considered syncing the LTPA keys between your IBM BPM server and your CE server, this way you don't need to capture the username and password in your code, you can just establish your connection.


    I am Just a new Boy,
    A Stranger in this Town,
    Where are All the Good Times,
    Who's Gonna Show this Stranger Around?
    Check out our Agile ACM Catalogue: Widgets, APIs, & Components for Building Solutions
    thanks for your reply!!i copied the jaas.conf from CE server to BPM WAS and define that java argument and everything went fine.

    Can you please tell me how can i define the stanza within WAS?and in what WAS, BPM or CE?

    thanks a lot
  • drdamour
    drdamour
    40 Posts

    Re: Connecting to Filenet from IBM BPM using Java Api

    ‏2012-05-08T16:13:30Z  
    thanks for your reply!!i copied the jaas.conf from CE server to BPM WAS and define that java argument and everything went fine.

    Can you please tell me how can i define the stanza within WAS?and in what WAS, BPM or CE?

    thanks a lot
    In WAS 7 Seurity->Global Security->Java Authenticatoin and Authorization Service JAAS->Application Logins

    If you look on the CE server you'll see many are already there. These are generated during the Configuration Managers "Configure Login Modules" task

    you could replicate them by hand on the client server, but i like to cheat and just run that task against the client WAS.

    since CE is a client of itself, it needs those on the WAS (but they'll already be there) and any other client runtime. So the BPM WAS you could do. then you don't need the java system property argument. It's all a matter or preference, i just prefer configuration of the container over properties to the JVM


    I am Just a new Boy,
    A Stranger in this Town,
    Where are All the Good Times,
    Who's Gonna Show this Stranger Around?
    Check out our Agile ACM Catalogue: Widgets, APIs, & Components for Building Solutions
  • SystemAdmin
    SystemAdmin
    693 Posts

    Re: Connecting to Filenet from IBM BPM using Java Api

    ‏2012-05-12T22:25:08Z  
    • drdamour
    • ‏2012-05-07T18:49:09Z
    right from your stack trace: " javax.security.auth.login.LoginException: No LoginModules configured for FileNetP8WSI"

    have you set up your JAAS on the BPM WAS to have a FileNetP8WSI stanza? one way to do this is to specify the java.security.auth.login.config system property as a JVM argument. You can also define stanza's within WAS itself (which is what i prefer to do).

    also, i think it's necessary to setup your credentials before calling get connection.

    Finally, have you considered syncing the LTPA keys between your IBM BPM server and your CE server, this way you don't need to capture the username and password in your code, you can just establish your connection.


    I am Just a new Boy,
    A Stranger in this Town,
    Where are All the Good Times,
    Who's Gonna Show this Stranger Around?
    Check out our Agile ACM Catalogue: Widgets, APIs, & Components for Building Solutions
    drdamour wrote:
    also, i think it's necessary to setup your credentials before calling get connection.

    No, the Connection object doesn't care about credentials at all. At the time an RPC happens, the connectivity information from Connection is married up with the security information from UserContext (or the container's ambient security context).
  • drdamour
    drdamour
    40 Posts

    Re: Connecting to Filenet from IBM BPM using Java Api

    ‏2012-05-14T17:11:44Z  
    drdamour wrote:
    also, i think it's necessary to setup your credentials before calling get connection.

    No, the Connection object doesn't care about credentials at all. At the time an RPC happens, the connectivity information from Connection is married up with the security information from UserContext (or the container's ambient security context).
    thanks for the clarification, that makes sense now that you say it.
  • SystemAdmin
    SystemAdmin
    693 Posts

    Re: Connecting to Filenet from IBM BPM using Java Api

    ‏2012-09-20T21:49:37Z  
    • drdamour
    • ‏2012-05-07T18:49:09Z
    right from your stack trace: " javax.security.auth.login.LoginException: No LoginModules configured for FileNetP8WSI"

    have you set up your JAAS on the BPM WAS to have a FileNetP8WSI stanza? one way to do this is to specify the java.security.auth.login.config system property as a JVM argument. You can also define stanza's within WAS itself (which is what i prefer to do).

    also, i think it's necessary to setup your credentials before calling get connection.

    Finally, have you considered syncing the LTPA keys between your IBM BPM server and your CE server, this way you don't need to capture the username and password in your code, you can just establish your connection.


    I am Just a new Boy,
    A Stranger in this Town,
    Where are All the Good Times,
    Who's Gonna Show this Stranger Around?
    Check out our Agile ACM Catalogue: Widgets, APIs, & Components for Building Solutions
    Hi. I'm looking for a way to avoid to manage FileNet's user and password on my java code (as you suggested in the previous post). I couldn't understand what we have to configure on WAS (IBM BPM base) to achieve it. Can you send me any material about how we can "syncing the LTPA keys between your IBM BPM server and your CE server"? or other way to avoid to use filenet's user/pass on my "BPM aplication source code" http://Subject sub = UserContext.createSubject(con,userName,password,stanza);