NO_PERMISSION exception when connecting to a FileNet P8 server

When starting the IBM® WebSphere® Application Server on the IBM eDiscovery Manager server, the connection to a IBM FileNet® P8 server failed.

Symptoms

The eDiscovery Manager web client fails to start, which prevents browsers from loading the eDiscovery Manager login page. The following messages appear on the WebSphere Application Server console and log file:

[2/23/09 17:39:18:648 PST] 00000017 SystemErr R javax.naming.NoPermissionException: \
NO_PERMISSION exception caught [Root exception is org.omg.CORBA.NO_PERMISSION:
>> SERVER (id=4506ec2f, host=p8ce400vm101.p8rm40.filenet.com) TRACE START:
>> org.omg.CORBA.NO_PERMISSION: Subject is null. Authentication Failed. vmcid: \
0x49424000 minor code: 300 completed: No

Causes

eDiscovery Manager was unable to connect to an IBM FileNet P8 server because the cross-cell authentication is not current.

Resolving the problem

Export the LTPA key for cross-cell single sign-on (SSO) from the FileNet P8 server and import it to the eDiscovery Manager application server:

Administrator response:

Start the WebSphere Application Server administrative console on the FileNet P8 server.
Click Security > Global security.
Under Authentication, Authentication mechanisms and expiration, click LTPA.
Under Cross-cell single sign-on, enter the password that is used to encrypt the LTPA keys.
Enter a fully-qualified path and file name for the location where you want the exported LPTA keys to reside, for example: C:\LTPA\LTPA_key_name.
Click Export keys.
If you generated a new LTPA key, import the key file to the FileNet P8 server.
Import the key file to the eDiscovery Manager application server:
1. Copy the key file from the FileNet P8 server to the eDiscovery Manager application server.
2. If it is not already running, start the WebSphere Application Server administrative console on the eDiscovery Manager application server.
3. Click Security > Global security.
4. Under Authentication, Authentication mechanisms and expiration, click LTPA.
5. Under Cross-cell single sign-on, enter the password that is used to encrypt the LTPA keys.
  This is the same password that you entered on the FileNet P8 server before exporting the key file.
6. Enter the fully-qualified path and file name for the location of the key file that you copied to the eDiscovery Manager application server, for example: C:\LTPA\LTPA_key_name.
7. Click Import keys.
8. Click Apply and then click Save directly to the master configuration.

Parent topic: Troubleshooting problems during search or use