Topic
1 reply Latest Post - ‏2013-11-18T12:07:31Z by varchtah
varchtah
varchtah
2 Posts
ACCEPTED ANSWER

Pinned topic FNRCS0001E: SECURITY_ANONYMOUS_DISALLOWED

‏2013-10-23T09:22:54Z |

Hi,

Setup is Proof of Concept installation for connecting Enterprise Records 5.1 with Content Manager 8.4.3 through Content Integrator 8.6  and CFS-CI 5.2

we opened PMR for this but this keeps dragging on since early September 

-Linux environment - RHEL 6.4 with Filenet CPE 5.2,   WorkplaceXT 1.1.5Enterprise Records 5.1 ,  WAS 8DB2 9.7

-AIX environment- AIX 5.3 , Content Manager 8.4.3, DB2 9.7, WAS 6 

 

Content Integrator 8.6 installed on RHEL 6.4 environment (on CPE 5.2 box with WAS and DB2)  with following documentation:

-IBM Redbook Federated Content Management :Accessing Content from Disparate Repositories with IBM Content Federation Services and IBM Content Integrator (2010)

-Content Integrator 8.6 Info Center

Problem starts when testing connection connector to P8 : Configuring the IBM FileNet P8 connector for a WebSphere Application Server with an RMI proxy connector

 error:

com.filenet.api.exception.EngineRuntimeException: Access to Content Engine was not allowed because the request was made anonymously instead of by an authenticated user. The application server reported that the user was anonymous.

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:56)

at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:39)

at java.lang.reflect.Constructor.newInstance(Constructor.java:527)

at com.ibm.rmi.io.NoArgNewInstanceAction.run(NoArgNewInstanceAction.java:43)

at java.security.AccessController.doPrivileged(AccessController.java:254)

at com.ibm.rmi.io.IIOPInputStream.allocateNewExternalizableObject(IIOPInputStream.java:2616)

at com.ibm.rmi.io.IIOPInputStream.readExternalizable(IIOPInputStream.java:1266)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObjectInternal(IIOPInputStream.java:534)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObjectLoop(IIOPInputStream.java:620)

at com.ibm.rmi.io.IIOPInputStream.inputObjectUsingClassDesc(IIOPInputStream.java:1694)

at com.ibm.rmi.io.IIOPInputStream.inputObjectClassDesc(IIOPInputStream.java:1646)

at com.ibm.rmi.io.IIOPInputStream.readSerializable(IIOPInputStream.java:1322)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObjectInternal(IIOPInputStream.java:536)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObject(IIOPInputStream.java:572)

at com.ibm.rmi.io.ValueHandlerImpl.readValue(ValueHandlerImpl.java:210)

at com.ibm.rmi.iiop.CDRReader.read_value(CDRReader.java:2099)

at com.filenet.apiimpl.transport.ejbstubs._Engine_Stub.getObjects(Unknown Source)

at com.filenet.apiimpl.transport.ejb.EJBSession$EJBImpl._getObjects(EJBSession.java:621)

at com.filenet.apiimpl.transport.ejb.EJBSession$EJBImpl.run(EJBSession.java:525)

at java.security.AccessController.doPrivileged(AccessController.java:288)

at javax.security.auth.Subject.doAs(Subject.java:573)

at com.ibm.websphere.security.auth.WSSubject.doAs(WSSubject.java:195)

at com.ibm.websphere.security.auth.WSSubject.doAs(WSSubject.java:152)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at com.filenet.apiimpl.util.J2EEUtilWS.doAs(J2EEUtilWS.java:220)

at com.filenet.apiimpl.transport.ejb.EJBSession$EJBImpl.getObjects(EJBSession.java:554)

at com.filenet.apiimpl.transport.ejb.EJBSession.getObjects(EJBSession.java:456)

at com.filenet.apiimpl.util.SessionHandle.getObjects(SessionHandle.java:381)

at com.filenet.apiimpl.core.Session.callGetObjects(Session.java:92)

at com.filenet.apiimpl.core.Session.getObjects(Session.java:360)

at com.filenet.api.core.RetrievingBatch.retrieveBatch(RetrievingBatch.java:135)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge.getFNObjectStore(P8CMBridge.java:688)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge.logon(P8CMBridge.java:855)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge$P8CMBridgeInvocationHandler.invoke(P8CMBridge.java:494)

at $Proxy0.logon(Unknown Source)

at com.venetica.vbr.ejb.bridge.rmibridge.RMIBridgeProxyImpl.logon(RMIBridgeProxyImpl.java:179)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:322)

at sun.rmi.transport.Transport$1.run(Transport.java:171)

at java.security.AccessController.doPrivileged(AccessController.java:288)

at sun.rmi.transport.Transport.serviceCall(Transport.java:167)

at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:547)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:802)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:661)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:897)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:919)

at java.lang.Thread.run(Thread.java:737)

com.venetica.vbr.client.BridgeUnavailableException: COEC0120E: Repository IBM FileNet P8 Content Manager Connector 1 is not available.

at com.venetica.vbr.client.User.logon(User.java:924)

at com.venetica.vbr.client.Repository.encryptedLogon(Repository.java:1405)

at com.venetica.vbr.client.Repository.logon(Repository.java:1435)

at com.venetica.vbr.tools.admin.LogonDlg$LogonThread.run(LogonDlg.java:268)

Caused by: com.venetica.vbr.client.BridgeCreationException: COEN0001E: The connector configuration property objectStoreName is not set correctly. Use the Administration Tool to provide a valid value for the specified connector configuration property.

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge.logon(P8CMBridge.java:858)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge$P8CMBridgeInvocationHandler.invoke(P8CMBridge.java:494)

at $Proxy0.logon(Unknown Source)

at com.venetica.vbr.ejb.bridge.rmibridge.RMIBridgeProxyImpl.logon(RMIBridgeProxyImpl.java:179)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:322)

at sun.rmi.transport.Transport$1.run(Transport.java:171)

at java.security.AccessController.doPrivileged(AccessController.java:288)

at sun.rmi.transport.Transport.serviceCall(Transport.java:167)

at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:547)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:802)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:661)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:897)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:919)

at java.lang.Thread.run(Thread.java:737)

at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:267)

at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:245)

at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:154)

at com.venetica.vbr.ejb.bridge.rmibridge.RMIBridgeProxyImpl_Stub.logon(RMIBridgeProxyImpl_Stub.java:1579)

at com.venetica.vbr.ejb.bridge.rmibridge.RMIBridge.logon(RMIBridge.java:296)

at com.venetica.vbr.ejb.access.DefaultConnectorConnectionFactory.logon(DefaultConnectorConnectionFactory.java:172)

at com.venetica.vbr.ejb.access.AccessServices.logon(AccessServices.java:279)

at com.venetica.vbr.client.User.logon(User.java:904)

... 3 more

Caused by: com.filenet.api.exception.EngineRuntimeException: Access to Content Engine was not allowed because the request was made anonymously instead of by an authenticated user. The application server reported that the user was anonymous.

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:56)

at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:39)

at java.lang.reflect.Constructor.newInstance(Constructor.java:527)

at com.ibm.rmi.io.NoArgNewInstanceAction.run(NoArgNewInstanceAction.java:43)

at java.security.AccessController.doPrivileged(AccessController.java:254)

at com.ibm.rmi.io.IIOPInputStream.allocateNewExternalizableObject(IIOPInputStream.java:2616)

at com.ibm.rmi.io.IIOPInputStream.readExternalizable(IIOPInputStream.java:1266)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObjectInternal(IIOPInputStream.java:534)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObjectLoop(IIOPInputStream.java:620)

at com.ibm.rmi.io.IIOPInputStream.inputObjectUsingClassDesc(IIOPInputStream.java:1694)

at com.ibm.rmi.io.IIOPInputStream.inputObjectClassDesc(IIOPInputStream.java:1646)

at com.ibm.rmi.io.IIOPInputStream.readSerializable(IIOPInputStream.java:1322)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObjectInternal(IIOPInputStream.java:536)

at com.ibm.rmi.io.IIOPInputStream.simpleReadObject(IIOPInputStream.java:572)

at com.ibm.rmi.io.ValueHandlerImpl.readValue(ValueHandlerImpl.java:210)

at com.ibm.rmi.iiop.CDRReader.read_value(CDRReader.java:2099)

at com.filenet.apiimpl.transport.ejbstubs._Engine_Stub.getObjects(Unknown Source)

at com.filenet.apiimpl.transport.ejb.EJBSession$EJBImpl._getObjects(EJBSession.java:621)

at com.filenet.apiimpl.transport.ejb.EJBSession$EJBImpl.run(EJBSession.java:525)

at java.security.AccessController.doPrivileged(AccessController.java:288)

at javax.security.auth.Subject.doAs(Subject.java:573)

at com.ibm.websphere.security.auth.WSSubject.doAs(WSSubject.java:195)

at com.ibm.websphere.security.auth.WSSubject.doAs(WSSubject.java:152)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at com.filenet.apiimpl.util.J2EEUtilWS.doAs(J2EEUtilWS.java:220)

at com.filenet.apiimpl.transport.ejb.EJBSession$EJBImpl.getObjects(EJBSession.java:554)

at com.filenet.apiimpl.transport.ejb.EJBSession.getObjects(EJBSession.java:456)

at com.filenet.apiimpl.util.SessionHandle.getObjects(SessionHandle.java:381)

at com.filenet.apiimpl.core.Session.callGetObjects(Session.java:92)

at com.filenet.apiimpl.core.Session.getObjects(Session.java:360)

at com.filenet.api.core.RetrievingBatch.retrieveBatch(RetrievingBatch.java:135)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge.getFNObjectStore(P8CMBridge.java:688)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge.logon(P8CMBridge.java:855)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at com.venetica.vbr.ejb.bridge.p8cm.P8CMBridge$P8CMBridgeInvocationHandler.invoke(P8CMBridge.java:494)

at $Proxy0.logon(Unknown Source)

at com.venetica.vbr.ejb.bridge.rmibridge.RMIBridgeProxyImpl.logon(RMIBridgeProxyImpl.java:179)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)

at java.lang.reflect.Method.invoke(Method.java:611)

at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:322)

at sun.rmi.transport.Transport$1.run(Transport.java:171)

at java.security.AccessController.doPrivileged(AccessController.java:288)

at sun.rmi.transport.Transport.serviceCall(Transport.java:167)

at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:547)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:802)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:661)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:897)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:919)

at java.lang.Thread.run(Thread.java:737)

 

 

RMIBridge.sh :

export VBR_RMIPORT=1252

export WAS_HOME=/opt/IBM/WebSphere/AppServer

export JAVA_HOME=${WAS_HOME}\java

export PATH=${JAVA_HOME}\bin:${PATH}

export JNDI_CLIENT_PROVIDER=iiop://oeisfntl04.ont.belastingdienst.nl:2809

export JNDI_CLIENT_FACTORY=com.ibm.websphere.naming.WsnInitialContextFactory

export CE_HOME=/opt/IBM/FileNet/ContentEngine

# Launch the RMI connector server external VM service

java -showversion \

-Xms256m -Xmx256m \

-classpath "$VBR_ALLJARS" \

-Dvbr.home="$VBR_HOME" \

-Djava.naming.factory.initial=$JNDI_CLIENT_FACTORY \

-Djava.naming.provider.url=$JNDI_CLIENT_PROVIDER \

-Djava.ext.dirs=$WAS_HOME/java/jre/lib/ext:$WAS_HOME/java/jre/lib:$WAS_HOME/classes:$WAS_HOME/lib:$WAS_HOME/lib/ext:$WAS_HOME/plugins \

-Xbootclasspath/p:$WAS_HOME/lib/ibmorb.jar:$WAS_HOME/profiles/default/properties \

-Djava.security.auth.login.config=$CE_HOME/config/samples/jaas.conf.WebSphere \

-Dvbr.services.startregistry=true \

-Dvbr.log.info=RMI_$VBR_RMIPORT \

-Dvbr.services.registryport=$VBR_RMIPORT \

-Dvbr.ejb.bridge.rmibridge.rmiurl=rmi://localhost:$VBR_RMIPORT/RMIBridgeServer \

com.venetica.vbr.ejb.bridge.rmibridge.RMIBridgeFactoryLauncher

 

sas.client.props:

 

com.ibm.CORBA.authenticationTarget=BasicAuth

com.ibm.CORBA.authenticationRetryEnabled=true

com.ibm.CORBA.authenticationRetryCount=3

com.ibm.CORBA.validateBasicAuth=true

com.ibm.CORBA.securityServerHost=oeisfntl04.ont.belastingdienst.nl

com.ibm.CORBA.securityServerPort=9080

com.ibm.CORBA.loginTimeout=300

com.ibm.CORBA.loginSource=none

# RMI/IIOP user identity

com.ibm.CORBA.loginUserid=

com.ibm.CORBA.loginPassword=

 

# Does this client support stateful sessions?

com.ibm.CSI.performStateful=true

# Does this client support/require BasicAuth (userid/password) client authentication?

com.ibm.CSI.performClientAuthenticationRequired=false

com.ibm.CSI.performClientAuthenticationSupported=true

# Does this client support/require SSL client authentication?

com.ibm.CSI.performTLClientAuthenticationRequired=true

com.ibm.CSI.performTLClientAuthenticationSupported=false

# Note: You can perform BasicAuth (uid/pw) and SSL client authentication (certificate)

# simultaneously, however, the BasicAuth identity will always take precedence at the server.

# Does this client support/require SSL connections?

com.ibm.CSI.performTransportAssocSSLTLSRequired=false

com.ibm.CSI.performTransportAssocSSLTLSSupported=false

# Does this client support/require 40-bit cipher suites when using SSL?

com.ibm.CSI.performMessageIntegrityRequired=true

com.ibm.CSI.performMessageIntegritySupported=true

# Note: This property is only valid when SSL connections are supported or required.

# Does this client support/require 128-bit cipher suites when using SSL?

com.ibm.CSI.performMessageConfidentialityRequired=false

com.ibm.CSI.performMessageConfidentialitySupported=true

 

Best regards,

  • varchtah
    varchtah
    2 Posts
    ACCEPTED ANSWER

    Re: FNRCS0001E: SECURITY_ANONYMOUS_DISALLOWED

    ‏2013-11-18T12:07:31Z  in response to varchtah

    Hi,

     

     

     

     

     

    This was solved by adding line : (after -Dvbr.log.info=RMI_$VBR_RMIPORT \)

    -Dcom.ibm.CORBA.ConfigURL=file:/$WAS_HOME\profiles\AppSrv01\properties\sas.client.props \

    For sas.client.props, please unset the following values ( leave them blank ) :

    com.ibm.CORBA.securityServerHost=
    com.ibm.CORBA.securityServerPort=


    Best regards,