Our TDI and WAS are in different locations.Through TDI we are able to invoke ISIM connection but unable to call a passwordReset() method.
We get below error:
com.ibm.itim.apps.ApplicationException: CORBA NO_PERMISSION 0x0 No; nested exception is:
>> SERVER (id=2dd4c35a, host=************) TRACE START:
>> org.omg.CORBA.NO_PERMISSION: java.rmi.AccessException: ; nested exception is:
com.ibm.websphere.csi.CSIAccessException: SECJ0053E: Authorization failed for ??? while invoking (Home)ITIM#api_ejb.jar#enroleejb.SearchAuthorityHome create::2 null vmcid: 0x0 minor code: 0 completed: No
>> at com.ibm.ws.security.core.SecurityCollaborator.performAuthorization(SecurityCollaborator.java:685)
>> at com.ibm.ws.security.core.EJSSecurityCollaborator.preInvoke(EJSSecurityCollaborator.java:275)
>> at com.ibm.ejs.container.EJSContainer.preInvokeAfterActivate(EJSContainer.java:4066)
>> at com.ibm.ejs.container.EJSContainer.preInvoke(EJSContainer.java:3273)
We referred to the technote:
I am hoping is some has tried this then they might be familiar with this issue. Please share your inputs.Also, as per the technote "If ITDI is on a separate machine from WebSphere, you will need to edit the "ssl.client.props" file to refer to local copies of the key and truststores."
In this situation do we need to create new keystores/truststores in TDI or use the existing ones ? Also is there any certificate import is required here? As this was required when setting up WAS to WAS communication, so is it also required in setting up connection between remote Application and ISIM WAS?