Fixes are available
8.5.5.6: WebSphere Application Server V8.5.5 Fix Pack 6
8.5.5.7: WebSphere Application Server V8.5.5 Fix Pack 7
8.5.5.8: WebSphere Application Server V8.5.5 Fix Pack 8
8.5.5.9: WebSphere Application Server V8.5.5 Fix Pack 9
8.5.5.10: WebSphere Application Server V8.5.5 Fix Pack 10
8.5.5.11: WebSphere Application Server V8.5.5 Fix Pack 11
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.17: WebSphere Application Server V8.5.5 Fix Pack 17
8.5.5.20: WebSphere Application Server V8.5.5.20
8.5.5.18: WebSphere Application Server V8.5.5 Fix Pack 18
8.5.5.19: WebSphere Application Server V8.5.5 Fix Pack 19
8.5.5.16: WebSphere Application Server V8.5.5 Fix Pack 16
8.5.5.21: WebSphere Application Server V8.5.5.21
APAR status
Closed as program error.
Error description
After applying fix pack 8.5.5.3, the following error may be seen: [11/4/14 14:56:35:287 IST] 00000066 WebCollaborat A SECJ0129E: Authorization failed for user wasadmin:defaultWIMFileBasedRealm while invoking GET on admin_host:/ibm/console/, Authorization failed, Not granted any of the required roles: administrator operator configurator monitor nobody
Local fix
Set following Security custom property: com.ibm.websphere.security.useActiveRe gistryForNewDefaultSSOTokens set value to true
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server fix pack 8.5.5.3, 8.5.5.4, and * * 8.5.5.5. * **************************************************************** * PROBLEM DESCRIPTION: The administrative id lost * * authorization roles after applying * * fix pack 8.5.5.3. * **************************************************************** * RECOMMENDATION: Apply a fix pack that contains this APAR. * **************************************************************** After applying fix pack 8.5.5.3, the following error may be seen: [11/4/14 14:56:35:287 IST] 00000066 WebCollaborat A SECJ0129E: Authorization failed for user wasadmin:defaultWIMFileBasedRealm while invoking GET on admin_host:/ibm/console/, Authorization failed, Not granted any of the required roles: administrator operator configurator monitor nobody This error happened because the authentication failed earlier: [11/4/14 14:56:34:959 IST] 00000066 exception 1 com.ibm.ws.wim.registry.util.UniqueIdBridge getUniqueUserId ENTITY_NOT_FOUND wasadmin [11/4/14 14:56:34:959 IST] 00000066 exception 1 com.ibm.ws.wim.registry.util.UniqueIdBridge getUniqueUserId com.ibm.websphere.wim.exception.EntityNotFoundException: CWWIM4001E The 'wasadmin' entity was not found. at com.ibm.ws.wim.registry.util.UniqueIdBridge.getUniqueUserId(Uniq ueIdBridge.java:253) at com.ibm.ws.wim.registry.WIMUserRegistry$6.run(WIMUserRegistry.ja va:748) at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManager Impl.java:5474) at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextM anagerImpl.java:5600) ... ...
Problem conclusion
This problem may happen when multiple security domain is configured. It was caused by code changes made for APAR PI13790 in 8.5.5.3. The fix for this APAR is currently targeted for inclusion in fix pack 8.5.5.6. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PI30007
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2014-11-19
Closed date
2015-02-16
Last modified date
2015-02-16
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R850 PSY
UP
Document Information
Modified date:
27 April 2022