maandag 31 december 2007

Websphere Security

Currently I'm trying to port an application from WAS5.1 to WAS6.1. IBM's reputation of problem free migration and well supported and ducumented migration plans once again proves to be below the imaginary. The problem I run into lately was security: I ported over the settings for the ldap server. However that did not work out well, I even managed to cut of the branch I was sitting: I could not start the server anymore, and there for I could not modify the settings I just applied. The server quit with:

[31-12-07 12:06:23:222 CET] 0000000a ServiceLogger I com.ibm.ws.ffdc.IncidentStreamImpl resetIncidentStream FFDC0010I: FFDC closed incident stream file c:\Program Files\IBM\WebSphere\AppServer\profiles\profile1\logs\ffdc\server1_0000000a_07.12.31_12.06.23_6.txt
[31-12-07 12:06:23:191 CET] 0000000a ContextManage E SECJ0270E: Failed to get actual credentials. The exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3025)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2946)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2752)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1823)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1746)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:383)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:353)

Turned out that the copy paste action of the groupMemberId (advanced properties under ldap settings) from nsRole:nsRole to groupOfUniqueNames:uniqueMember was one bridge to far.

Geen opmerkingen: