IBM Support

Access failure with insufficient or empty credentials



When a server instance in a WebSphere network deployment (ND) environment with global security is configured with the ITCAM for Application Diagnostics agent, the application may fail while accessing the Deployment Manager's AdminClient. This problem can happen in ITCAM for WebSphere v6.1 also.


Errors like the following can be seen in SystemErr.log or SystemOut.log: ADMN0022E: Access is denied for the getName operation on ThreadPool MBean because of insufficient or empty credentials

and the stack trace will have a method (like getAttribute, invoke) of class trying to use SOAP or RMI connector to complete the operation.


If the Deployment Manager's connection properties are not specified in ITCAM for AD's properties, it uses WebSphere's AdminService to discover this. This returns an AdminClient to the Deployment Manager that does not have any credentials since it runs within the security context of the running process. This AdminClient is then cached by WebSphere's AdminClientFactory and then subsequently given to the application that fails since it does not have associated security credentials.


WebSphere network deployment (including cluster environments) with global security enabled

Resolving The Problem

If the application fails due to the above reason, check the <DC_HOME>/runtime/<server>/ and make sure the Deployment Manager's connection properties are available and set correctly:

deploymentmgr.connnection.type=SOAP (or RMI)

deploymentmgr.soap.connection=<dmgr_host>:<dmgr_soap_port> (if SOAP is used)

deploymentmgr.rmi.connection=<dmgr_host>:<dmgr_rmi_port> (if RMI is used)

Note that the same also has two additional properties called and deploymentmgr.rmi.port. Setting these will not resolve the issue.

[{"Product":{"code":"SSDTFJ","label":"Tivoli Composite Application Manager for Application Diagnostics"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"ITCAM for APPLICATION DIAGNOSTICS Agent for WebSphere","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Product Synonym


Document Information

Modified date:
17 June 2018