Topic
  • No replies
SystemAdmin
SystemAdmin
9855 Posts

Pinned topic WebSEAL 6.1.1 can not create and show junction

‏2012-11-19T05:39:48Z |
Platform: Solaris on x86, release 5.10
TAM WebSEAL: v 6.1.1
Setup: WebSEAL (inter TAM comms port: 7234), policy proxy (inter TAM comms port: 7138), policy master (inter TAM comms port: 7135)

when we use either WPM to show junction or use pdadmin command 's t <server name> show <jct>' we get an error:

DPWWM1346E Cannot show junction

using pdadmin server list to list the junctions works fine and equivalent function from WPM lists all junctions as well. network paths between the webseal, proxy and policy master are open. the certs that webseal and policy master use for inter TAM comms are all valid.

we get an error as below when we try to create a tcp junction as well:
DPWIV0154E could not open configuration file (10).

i've checked the webseald.conf file and it exists in /opt/pdweb/etc with ivmgr as the owner and group and with 640 permission.

i've been trying to set up a trace in lower env but the pdadmin trace list command gives an error:

HPDAC1502E aznAPI -- Authorization Failure. (status 0x1005b5de)

the webseal connects to the junctioned back end servers on port 80 fine. webseal restart or flush cache has no effect either on the show and create junctions issue.

there isn't anything on the web re troubleshooting or fixing this issue.

any ideas?